Question

hiall My goal is to analyze log files of Hadoop and there are two tools starfish(open source) and splunk(commercial product). Does anyone know the pros and cons as to which one to choose. I really appreciate your answer. Thanks

Was it helpful?

Solution

Well,
the pros and cons are the same of any open source vs commercial tool choice.

The main guideline should be, what are your prerequisites?

Splunk core is opensource, the free license allows you to index 500Mb/day,
probably its main advantage is providing a BI tool cheaper than other comercial ones,
it also has an impressive amount of plugins, including for Hadoop, and like Hadoop relies on a (different) MapReduce implementation since Splunk 4.x.
It both has a Python and Java SDK, which may come in handy.
Its approach is, install it and after (a minimal) setup, start playing with your data.

I don't know Starfish, though it does look promissing, it only seems to require JavaFX while Splunk comes with its own Python alternative installation.

But in the end, it all boils down to what are your most important prerequisites.

OTHER TIPS

Barriers to entry is low for both. Best is to try both out for a while and see what works for you.

Depending on your use case each tool has different strengths. What is your use case?

Generally speaking Splunk is easy and modern with great community support. Answers are generally a few searches away.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top