Sign in / up

back to article Splunk, Rocana trade blows in blog 'libel' spat

Data analysis biz Splunk and rival Rocana are going toe-to-toe after a blog post by the latter questioned the ability of the former's products. The post, headlined "Rocana vs. Splunk: IT Operations Showdown", compared Rocana's gear with Splunk's. Splunk did not see the funny side in having its package sized up by a smaller …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. David 132 Silver badge

    Another IT industry playground slap-fight

    My immediate reaction upon reading this was "oh, two nonentities that I've never heard of are desperately trying to get publicity and recognition by behaving with all the maturity of kindergarteners. 'You smell!' 'Nu-huh! You take that back or I'll tell teacher!' "

    Having said that I'm sure someone here more familiar with the data-analysis segment will now correct me and point out that Splunk & Rocana are titans in their sector. Along with, no doubt, "Kwijoob", "Vl'hurkle GmbH", and "Mmmflib, Inc.".

    1 0 Reply
    1. Camilla Smythe
      Reply Icon

      Re: Another IT industry playground slap-fight

      Along with, no doubt, "Kwijoob", "Vl'hurkle GmbH", and "Mmmflib, Inc."

      Uh-Huh..

      Got those.

      So who are Splunk & Rocana?

      3 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Another IT industry playground slap-fight

      "Along with, no doubt, "Kwijoob", "Vl'hurkle GmbH", and "Mmmflib, Inc."."

      Don't mock- those companies might be unknown here, but they're *huge* in the Klingon markets.

      0 0 Reply
  2. K

    They're systems for parsing logs and other data, it normalises and indexes this so that it can quickly be search and aggregated, with the results visualised or alerts set up for them. For example, it could suck in all the logs from your Firewalls, you can then aggregate this data to see what the top 10 threats are, or search where those threats came from and display them on a map.

    Splunk has enjoyed a monopoly on this for the past several years and their pricing model reflects this, charging by the GB of data is processes. For example, if your collecting 10GB of data per-day, cost if about £7500 per annum - Lets face it, who knows how much log data their servers and firewalls are going to generate on a day-2-day basis.

    Personally I hope Rocana wins this one, as I think the per-GB model is a relic.. its actually one of the reason ELK is being so successful... Also for anybody looking for another alternative, I highly recommend checking out Logscape, licensing is based upon number of indexers, and since 1 indexer (which costs less that a 10GB Splunk licence) can parse 75-100GB per day, its not bad value for money.

    9 0 Reply
    1. Fraggle850
      Reply Icon
      Thumb Up

      @K Upvote for you

      I was hoping someone with sector experience would come on and give an opinion. It sounds like an incumbent using legal muscle to bully an upstart. Here's to the little guy then, I hope that the content of their article is defendable.

      0 0 Reply
      1. Adam 52 Silver badge
        Reply Icon

        Re: @K Upvote for you

        As a Splunk customer it's hard to disagree with the Rocana post. We do lose events (although usually down to the logging and forwarder rather than the database), it is priced by max throughput, it is too slow to be ergonomic (which may be down to our poor data structures) but we still use it for near real-time alerting and it is very awkward to get data out in bulk (especially in near real-time).

        I'm surprised people haven't heard of Splunk - they sponsor pretty much every conference I go to.

        1 0 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: @K Upvote for you

          I have to admit to not having looked through every last point of functionality offered by either of these competitors but here I just wrote a few shell scripts to go through our logs and load them into a DB. Then I wrote some BO reports and created a Universe for others to use. It didn't take that long and we already had BO licenses so it's on going cost if pretty low.

          0 0 Reply
          1. K
            Reply Icon

            Re: @K Upvote for you

            You can DIY it with enough time - but these products work on the basis of they make it easy and quick, which is essential if you have hundreds of servers and different log formats.

            1 0 Reply
          2. Adam 52 Silver badge
            Reply Icon

            Re: @K Upvote for you

            When you get to sufficient scale a few shell scripts and business objects don't cut it, your shell scripts turn into MapReduce jobs and at that point it's easier to have someone else do the work.

            Think of the pain you'd have using grep over 6 months at 50GB/day.

            1 1 Reply

  3. This post has been deleted by its author

  4. x 7

    Splunk? Sounds something you'd expect Jimmy Saville to do

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like