The Graylog blog

Graylog Splunk Integration Is Now Here!

We are pleased to announce that we now support Splunk® integration with our new Graylog plug-in for Splunk®!

Some of you may be wondering why? Isn’t Graylog a direct replacement for Splunk®? For many, Graylog replaces Splunk® for common log management use cases such as identifying and alerting on possible DDoS attacks, account lockouts, application errors and infrastructure failures. This is by no means an exhaustive list of use cases for Graylog, rather it’s a few of the more common ones we know our community is using Graylog to solve today.

SO HOW DOES GRAYLOG FIT IN WITH SPLUNK®?

We believe Graylog can make Splunk® better. For example, you may not be able to afford storing all of your log and machine data in Splunk®. This seems to be a pretty common challenge based on dozens of customer conversations I’ve had over the last few months.

Splunk® users really want to have all of their critical data in one place, so they can leverage Splunk’s analysis and reporting capabilities to derive business value from the data. The challenge is, if you aren’t collecting all of your critical data due to cost constraints then you run the risk of missing possible anomalies/trends and even critical issues. Also, you don’t fully benefit from the value of being able to cross-correlate between different types of machine data, which is one of the most common use cases for centralized log management. By not ingesting and analyzing ALL of your log data, you cannot maximize the operational intelligence value because you don’t have the complete picture.

Enter the Graylog plug-in for Splunk®. By placing Graylog in front of Splunk®, you can control what goes into Splunk® in order to minimize your Splunk® license costs. At the same time, this pre-filtering approach ensures 100% of your data is collected, and reduces the potential of leaving operational intelligence on the table. In essence you get the best of both worlds – the power of Splunk® analysis when the expense makes sense, and an open source log management solution can scale to terabytes of daily data ingestion to give you the broadest operational visibility and search and investigation when you need it.

And the icing on the cake? Graylog’s plug-in for Splunk®, like the rest of Graylog, is free and easy to setup!

SPLUNK® INTEGRATION HIGHLIGHTS:

Why not take it for a test drive? Click below for more details:

Graylog Plug-in for Splunk® Demo/Download

GRAYLOG SPLUNK® CONFIGURATION AND SPLUNK® MESSAGE EXAMPLES

Graylog Plug-in Output Configuration

Splunk Graylog Message

Get the Monthly Tech Blog Roundup

Subscribe to the latest in log management, security, and all things Graylog Blog delivered to your inbox once a month.