[malandrew]

Isn't splunk just used for server performance monitoring or is it a general analytics tool?

At a previous job at a hosting company we used splunk, but we used it for monitoring a couple thousand virtual and physical services. Does it have uses beyond that?

[bri3d]

Splunk is good for log processing of all sorts, including event logs. We log app events in a custom format, drain to syslog, and ingest into Splunk. It works great with the exception that some Splunk queries (through the API) can be quite slow for use in online user-facing analytic dashboards, and it's not particularly cheap.

[mukaiji]

Splunk is a great tool for any sort of logs, and that includes user events and so forth. Basically, if you log it, Splunk will index it, and then you can find ways to search it, correlate it, reverse-analyze it... the whole nine-yards. However, as another user mentioned below, "Log every single action, decision, call, message, visit, and fault in detail. Log it with structure." If you don't do that, Splunk won't be that useful. I can think of a few example at work where missing details in log lines quickly deflates my Splunk enthusiasm. So, log everything and carefully, all the time. Then Splunk becomes your friend.