Hello !

That's an interesting question.

I am the author of the Nmon Splunk App, and i will to try to answer as objective as possible 🙂

First, thank you using the Nmon App, and thank you for your interest over my work.

The first thing to underline in my opinion, is that the Unix App is built and maintained by Splunk, when the Nmon App is fully Open source (published under the Apache 2 licence) and community supported.

Beyond this, i don't feel both App like being necessary in concurrency, i won't speak for Unix App (maybe other people will), but i can speak for mine.

I have built the Application based on my own experience in Unix System Capacity Planning and Performance, Nmon is a great "all in one" opensource performance monitor well known in big companies, notably companies using IBM PSeries systems (AIX and Power Linux)

This power-full tool is very simple to use (a simple pre-compiled C binary), and has an incredibly huge number of performance monitors which covers almost every performance aspect for AIX, Linux and also Solaris systems with a derived project that uses the same behavior.
Many tools or Application will never have that richness of metrics.

Nmon can be used for real time monitoring in terminal, and also in a mode where it will write in a specific csv format every performance monitor measure all along it's run.
This is a key feature many companies use to generate Nmon file of their systems, and then store them in a centralized share for cold and large analysis. This is Capacity Planning and Performance.

The Nmon App intends to join the great power of Splunk with Nmon, my experience learned me that a good Application must be easy to used and must go quickly to the essential, this is what i have tried to do with the App.
I spend a lot of time building Splunk interfaces and applications for various operational engineers, this is very instructive in what people may expect from our Applications.

I think we can mention notably 2 key features of the Nmon App:

• Based on Splunk distributed and powerful architecture, you can easily collect rich performance metrics for local and remote systems, in quasi real-time monitoring
• Based on Splunk monitor facilities, you can natively watch for central shares and consumes Nmon files of external systems that were generated by any third party workflow, this is can off course be older data giving you the easy opportunity to Analyse old or external Nmon data

So to summarize, a company that already has Nmon files collect in place (and they are many) have also probably difficulties having tools able to valorise these data, notably for long term and massive Analysis.
This is where Splunk's power, architecture , functionalities, interfaces and so on is a great and definitive advantage.
Nmon is very well known in AIX world, and also more and more in Linux systems.

And companies or people looking for easy to deploy and maintain Splunk App to collect performance data from their Unix systems will also take great advantages of the App.

The graphical Application itself is tries to exploit as much as possible Splunk functionality, and as much as possible the richness of Nmon.

I do not think this is duplicating data itself, but indeed common standard monitors can be redundant.

It not easy to sum up in a few words all you can do with the App, but the data, interfaces, conversion tools and so on are open, free to modify... once the data is in the system it's easy to any Splunker to build its own dashboards and interfaces.

As a conclusion, i would say that having is the choice is always a cool thing, and every one must have the liberty to choose 🙂

Again thank for your interest, if you have any comment or problem to report, don't hesitate.
And off course, don't forget to rate the App if you like 🙂

Guilhem