Log Scanning. Why People Parse Splunk

I don’t know why people are parsing Splunk. I would never think that such a trivial IT task as  log scanning would be turned into a business.

Months back,  I spoke with CIO of Splunk and in his terms, Splunk is the " Google" of logs.

It takes a few hours if not minutes for a smart sys/admin to code a simple log scanning script. Someone would say – the devil is in the details – yeah, what about our compliance reports!!!

Here is my response – the whole notation of using log scanning solutions for process monitoring and compliance reporting is wrong.

Here is what Digital Edge does:

EMS (enterprise management system) -centralized IT  system that collects monitoring facts from all the systems. Those monitoring systems include log scanning tools.

         As some business processes are complex and the monitoring and proactive response is above just finding an event in the log and alert about it; Our system has unique features such as:

a.      If an event happened by a certain time

b.      If an event DID NOT happen by certain time.

c.      If a sequence of events were correct, each event started and completed by  its certain time

So, from our position is that if you really want to monitor business processes, those monitoring abilities have to be built into the processes.

 We have great examples when IT guys are saying: oh, don’t worry, we can catch any failures, if process crashes, we would have entries in the logs and from the logs would be picked-up by the “Google of the logs” and we will be saved. 

Then a little bit later they go: hmmmm, the process didn’t start and we didn’t pick it up as it was no errors…

And later: hmmmmm, the process was just hanging not doing anything and Splunk didn’t pick it up as it was just hanging…

 Here is Digital Edge's vision – do not monitor IT systems, programs, components. Monitor business processes and their outcomes. We have seen many cases when all components were running perfectly but the system still didn’t produce expected results on time. 

Makes you think...



