|
|
|
|
|
|
by sethammons
1731 days ago
|
|
|
I love splunk. Our clusters process 10s of billions of structured log events daily. We have search, reports, PagerDuty integration, dashboards, etc. It is crazy expensive but is the best system I've used in this space. We are having to save costs with so much data, so we are lowering retention time and moving the data to snowflake for data older than a week. More and more, we are leveraging Looker for reporting out of Snowflake and relying more on Prometheus monitoring for alerting. But Splunk would still be my ideal service if we had less total data. |
|
|
Costs can also be reduced by spending some development-effort into abbreviating logs and being smart about deciding what to log and where.