Search Tool Looks Inward To Tap System Logs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

Search Tool Looks Inward To Tap System Logs

Splunk 2.1 adds features that mimic another Google practice: furnishing command line APIs to the search engine so third parties can write independent applications that exploit its capabilities.

Think of Splunk as Google for systems administrators, a search tool that looks inward instead of out.

The latest version of the 9-month-old tool, released last week, hunts down problems found in log data culled from companies' IT systems. And Splunk 2.1 adds a feature that mimics another Google practice: furnishing command line APIs to the search engine so third parties can write independent applications that exploit its capabilities.

LogLogic, LogRhythm, and EMC's Network Intelligence offer competing products that collect logged data, but they're positioned more as instruments that help companies capture server information needed to comply with industry standards and government regulations rather than troubleshooting tools.

As developers independently write applications that incorporate Google, Yahoo, and other search engines into applications for the Web, such as mapping apps, software writers can use Splunk's APIs to create, for instance, a Flash application that monitors real-time security threats and visually pinpoints the source of an attack. Another possible use of Splunk's search capability would be as a visual tool for a marketer that depicts major sites blocking its outbound e-mail, as indexed in the marketer's internal IT systems logs.

The new Splunk release can run on multiple servers, with search results merged and presented in an interactive Ajax Web user interface. It requires 40% less storage capacity for indexing and storing original log and IT data than the last version. Splunk CEO Michael Baum contends the tool is up to five times faster than conventional log technologies and log appliances and can work more quickly if needed since it can run on clustered servers. Indexing speeds range from 20,000 to 120,000 events per second on a single server.

Pricing is based on the peak daily volume, starting at $2,500 a year for indexing 512 Mbytes of raw, uncompressed data each day. It scales to 1,000 Gbytes for $300,000 a year.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Watch Out: 7 Digital Disruptions for IT Leaders
Jessica Davis, Senior Editor, Enterprise Apps,  11/18/2019
Enterprise Guide to Data Privacy
Cathleen Gagne, Managing Editor, InformationWeek,  11/22/2019
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Flash Poll