Do you Splunk?
I was wondering what you guys think of Splunk? I've tried it out for maybe 10 minutes.. I don't understand how to navigate it right so that it can be useful. It's kind of "linkish".
Now, after first seeing Splunk (and not realizing there was in fact a free version), I first setup a combination of rsyslog and php-syslog-ng. The only problem with that is, it grabs only the syslog messages (which doesn't seem to include a good majority of the logs).
Then, I saw that there *was* a free version of Splunk, so I downloaded it and tried out locally. I got it installed and working, but yikes, what an interface.. I don't know what to do in there. I mean, I understand what they're trying to do.. but either they haven't quite reached that goal, or I'm just a dummy.
What do you guys think? Is there an easier/better solution for centralized web-based logging?
