Hey everyone! I'm a software developer and I'd love to hear about the issues you guys face with Splunk or any other alerting platforms. One frustration my team is currently dealing with is that our Splunk team has imposed a 15-minute delay on alerts. It doesn't seem like a lot, but our production support team goes into a panic whenever there's a delay! What other pain points have you encountered?
4 Answers
It's worth mentioning that while Splunk is costly, at least they don't charge like Azure, which costs per alert! Still, for the price you pay for Splunk Enterprise, it seems like they could do better. I actually made a standalone app for handling alerts instead of relying solely on the main tool. One good thing is that you can assign multiple actions to an alert, like running Python scripts or saving alerts to local CSV files.
Licensing and infrastructure costs are a big pain with Splunk. It can really add up quickly. Plus, they only offer a two-week free trial, making it tough to test things out without jumping in headfirst!
For real! It's a bummer for personal projects. It feels like it'd take a lot of experimentation to get it right without a decent trial.
One challenge I face is not having control over the logs. I might build a dashboard that works great, but it could just stop functioning after the next deployment, which is super frustrating.
Totally get that! I remember spending days perfecting a dashboard, only for parts of it to break in the next sprint. It's disheartening.
Every alert platform has its ups and downs. Splunk's licensing is really expensive, and scaling isn't straightforward, especially not in a cloud environment. But if you're looking for powerful query capabilities, it’s tough to beat. Comparatively, other tools like Datadog or ELK have their pros, but you're looking at steep learning curves or complexities as well. It really comes down to how you plan to use your tools.
I see where Splunk is useful, especially for cybersecurity teams since it's a SIEM tool. I’ve been hearing about Loki too — is it similar to Splunk? All my team really needs is a simple alerting system for our services, no need for the heavy lifting!
That’s cool! How did you set up your standalone app? I've been asked to create a custom alerting system, but didn't realize Azure had that pricing model too.