I know it has been discussed before but I am going to bring it up again. We have about 300 servers (mix of virtual and physical) and are looking to set up a central logging system. I know about Splunk but curious if its worth the cost or if something else can do it for less. I have setup and tested Log Analyzer /phplog but it seems to lack some of the alerting features.
We currently use PRTG for alarms on servers so we are just looking for something that does central logging / analyzing really well. If Splunk is truly the best then we will most likely go for that but I want to present my boss with all the options and some user feedback if at all possible.
Thanks!
[link] [5 comments]