Indexes Any Data from Any Source
Splunk Enterprise collects and indexes any machine-generated data from virtually any source, format or location in real time. This includes data streaming from packaged and custom applications, app servers, web servers, databases, networks, virtual machines, telecoms equipment, operating systems, sensors and much more.
Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission-critical, Splunk software's index replication technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Automatic load balancing optimizes workloads and response times and provides built-in failover support. Out-of-the-box reporting and analytics capabilities deliver rapid insights from your data.
Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk and traditional relational databases.
Splunk Hadoop Connect provides bi-directional integration to easily and reliably move data between Splunk Enterprise and Hadoop.
With Splunk Enterprise you can correlate complex events spanning many diverse data sources across your environment. Types of correlation include:
- Time-based correlations, to identify relationships based on time, proximity or distance
- Transaction-based correlations, to track a series of related events as a single transaction to measure duration, status or other analysis
- Sub-searches, taking the results of one search and using them in another
- Lookups, correlating with external data sources outside of Splunk
- Joins, to support SQL-like inner and outer joins
Correlating events to enable richer analysis and insight from your machine data.
Note: In my opinion Splunk is the best log management solution :)