Splunk is a search engine that indexes and lets you search, navigate, alert, and report on data from any application, server, or network device. It lets you securely access logs, configurations, scripts and code, messages, traps and alerts, activity reports, stack traces, and metrics across thousands of components from one place in real time. This data can include Apache logs, Sendmail logs, J2EE events, custom application logs, configuration files, or any other type of file that a sysadmin or developer will need to examine on a regular basis.
Search strings can now contain variables that will be rendered as form elements in the SplunkWeb interface. Search language simplification: as part of a general effort to simplify the search language, equal signs can now be used where double colons were required. With the introduction of enhanced archiving and export, customers now have the capability to flexibly archive their Splunk data based on time and size, which is critical for large and long-term data storage issues common with compliance mandates.
URL: Splunk > The IT Search Engine