Help! I need to know if Splunk is capable of the f...

Charles_S · ‎10-16-2015

• Need to be able to view the health of the servers and applications running across all three datacentres in a single dashboard.
• Graphic representation and summary of collected data.
• Runs “on premises”
• Capacity monitoring
• Integration to other products to collate data… Apache logs, Nagios, Jenkins, etc.
• Can extend to cover servers in other cloud providers… AWS, Azure, etc
• Alert notification
• Capacity analysis
• “fault” tracking.
• LDAP integration
• API integration, show we want to automate monitoring of new servers from the shop.

Nice to have…
• Able to present a “restricted” view to projects of the data for just there dedicated server

richgalloway · ‎10-16-2015

Yes, Splunk is capable of all that. The caveat is Splunk's capabilities are limited by the data given to it. For example, fault tracking is only possible if the faults are reported to Splunk, which means the right log files have to be monitored. You may need to modify your firewall to allow data to flow to Splunk from the various sources. There will be some effort required on your part - you may need to install Universal Forwarders on your servers to get data into Splunk; dashboards will have to be created; and so on.

You can post separate, more specific questions on this site if you need help getting going.

---
If this reply helps you, Karma would be appreciated.

Help! I need to know if Splunk is capable of the following;

Introducing the Splunk Community Dashboard Challenge!

Get the T-shirt to Prove You Survived Splunk University Bootcamp

Wondering How to Build Resiliency in the Cloud?