Once you’ve decided to go with Splunk or ELK, now what? Both platforms are relatively easy to set up and configure with a little determination and judicious use of online instructions. Beyond that, you will need to acquire the knowledge and educational relationships necessary to take advantage of advanced capabilities. Training and events are two ways to achieve this.
“So how do ELK and Splunk stack up on the learning front?”
SplunkLive! has thousands of experts in attendance multiple times per year in multiple locations across the globe. All industries are covered, and industry-specific groups are growing quickly. It’s a rich source of ideas, apps and potential hires.
ELK has a growing list of events as well, but they are much smaller and only in a few key cities so far.
Splunk has far more courses available in more locations than ELK. Compare these training schedules:
- ELK training schedule http://purchases.elasticsearch.com/
- Splunk training schedule https://inter.viewcentral.com/Events/cust/calendar.aspx?cid=splunk&pid=1
At Risk Focus we have been part of multiple ELK vs. Splunk conversations with clients. As a proponent of open source, we have done our own Splunk vs. ELK analysis. The factors outlined here support our opinion that Splunk is by far the correct log analyzer software for our financial services clients and any company that requires enterprise-level technology from a reliable vendor.