Splunk and ELK are log management and analysis tools commonly used by enterprises. Here is a list of a few differences and similarities.
 |
 |
|
|---|---|---|
| Ease of use | Intuitive UI. Customised dashboard for different users. Supported on mobile devices | Kibana is the tool in the ELK stack concerned with visualisation. It is intuitive as well while showcasing fewer features |
| User Manageement | Yes | Kibana does not support user management but hosted solutions do |
| The Learning Curve | Moderate | Flat |
| Advanced Reporting | Yes | Yes |
| Query Syntax | Lucene query syntax (common scripting language) | Splunk Search Processing Language (proprietary) |
| Alerting/Notifications | Yes | Yes |
| Data Visualization | Yes | Yes |
| Comunity Support | Large community of users and supporters | Large community of users and supporters |
| Release Rate | Mutiple releases per year | Multiple releases per year |
| Pricing | Proprietary with high price | Open-source, costs associated with setting it up and managing it can be considerable. Paid managed services options available with AWS, Elastic Cloud, Logz.io, Sematext Logsene |
| Support | Extensive | Extensive |
| Documentation and Learning Resources | Good documentation and forum. Educational programs and instructors are available but with a high price tag | Extensive documentation for each tool. Both paid and free online courses exist |
| Clients | Adobe, BlackRock, Coca-Cola, ING, Tesco, AAA, Staples | Ebay, Verizon, Netflix, Cisco, Salesforce, FICO, Facebook Thomson Reuters |
| Extensibility | Features exposed via endpoints and several SDKs for different languages | All communication is done via APIs and SDKs exist for different languages |
Sources:
upguard.com/blog/splunk-vs-elk
devops.com/splunk-elk-stack-side-side-comparison
