Quote:
Originally Posted by doublejoon
|
I second that motion. I have worked with a couple of other products. Mainly Nagios based ones like Zenoss and others. These are more like snmp monitors which poll the servers.
Splunk gives you the ability to index many different types of files from various sources including syslog etc... and it will allow you to search this index using just about any search criteria you feel necessary. I am still working on getting the correct logs to Splunk so I havent setup the alerts specifically but I can tell you that it makes life much easier when searching through things like http access logs and firewall traffic logs looking for a specific pattern.