Datadog vs Splunk

Need advice about which tool to choose?Ask the StackShare community!

Datadog

9.2K
7.9K
+ 1
860
Splunk

602
1K
+ 1
20
Add tool

Datadog vs Splunk: What are the differences?

Introduction:

Datadog and Splunk are both popular enterprise software solutions that offer monitoring, analytics, and visualization of IT infrastructure and application performance. However, there are some key differences between the two that define their unique strengths and capabilities.

  1. Data Collection and Storage: Datadog and Splunk have different approaches to data collection and storage. Datadog emphasizes agent-based data collection, where its lightweight agent is deployed on hosts to collect metrics, logs, and traces. Splunk, on the other hand, supports both agent-based and agentless approaches, giving users more flexibility in data collection. Splunk also offers a distributed indexing architecture, which allows users to scale horizontally to handle large volumes of data.

  2. Ease of Use and Time to Value: Datadog aims to provide an easy-to-use and quick-to-implement solution, making it suitable for organizations looking for rapid time to value. It offers out-of-the-box integrations, dashboards, and alerting capabilities, allowing users to get up and running quickly. Splunk, on the other hand, may require more configuration and customization to tailor it to specific needs, but it provides more flexibility and advanced features for experienced users who require deeper insights and analysis.

  3. Pricing Model: Datadog follows a subscription-based pricing model based on the number of hosts or infrastructure monitored. This makes it easier to predict costs and scale as needed. Splunk, on the other hand, has a more complex pricing structure that includes both licensing costs and data ingestion costs. While this allows users to pay for what they use, it can become more expensive for organizations with a large amount of data to ingest and analyze.

  4. Community and Ecosystem: Datadog has a vibrant and active community, with a wide range of third-party integrations and plugins available. It also has an extensive marketplace where users can find prebuilt integrations and dashboards. Splunk has a strong community as well, but it focuses more on its own ecosystem of apps, add-ons, and extensions, which provide additional functionalities and customization options.

  5. Security and Compliance: Both Datadog and Splunk offer strong security features and compliance capabilities. Datadog has a built-in Security Monitoring product that provides real-time threat detection and response. Splunk also offers security and compliance modules, allowing users to monitor and manage security events and ensure regulatory compliance. However, Splunk's longer history in the market may give it an edge in terms of enterprise-grade security features and certifications.

  6. Log Management and Analytics: While both Datadog and Splunk offer log management and analytics capabilities, there are some differences in their approaches. Datadog's log management focuses on aggregating and analyzing logs for troubleshooting and alerting purposes. It provides powerful searching and filtering capabilities, but it may have some limitations in terms of advanced log analytics and correlation. Splunk, on the other hand, has a strong focus on log analytics, providing advanced search, visualization, and correlation features, making it suitable for complex log analysis and troubleshooting scenarios.

In summary, Datadog is known for its ease of use, quick implementation, and straightforward pricing, making it suitable for organizations looking for a simple and efficient monitoring solution. Splunk, on the other hand, offers more flexibility, customization, advanced features, and a robust ecosystem, making it a preferred choice for organizations with more complex IT environments and sophisticated analysis needs.

Advice on Datadog and Splunk
Farzeem Diamond Jiwani
Software Engineer at IVP · | 8 upvotes · 1.4M views
Needs advice
on
AppDynamicsAppDynamicsDatadogDatadog
and
DynatraceDynatrace

Hey there! We are looking at Datadog, Dynatrace, AppDynamics, and New Relic as options for our web application monitoring.

Current Environment: .NET Core Web app hosted on Microsoft IIS

Future Environment: Web app will be hosted on Microsoft Azure

Tech Stacks: IIS, RabbitMQ, Redis, Microsoft SQL Server

Requirement: Infra Monitoring, APM, Real - User Monitoring (User activity monitoring i.e., time spent on a page, most active page, etc.), Service Tracing, Root Cause Analysis, and Centralized Log Management.

Please advise on the above. Thanks!

See more
Needs advice
on
DatadogDatadogNew RelicNew Relic
and
SysdigSysdig

We are looking for a centralised monitoring solution for our application deployed on Amazon EKS. We would like to monitor using metrics from Kubernetes, AWS services (NeptuneDB, AWS Elastic Load Balancing (ELB), Amazon EBS, Amazon S3, etc) and application microservice's custom metrics.

We are expected to use around 80 microservices (not replicas). I think a total of 200-250 microservices will be there in the system with 10-12 slave nodes.

We tried Prometheus but it looks like maintenance is a big issue. We need to manage scaling, maintaining the storage, and dealing with multiple exporters and Grafana. I felt this itself needs few dedicated resources (at least 2-3 people) to manage. Not sure if I am thinking in the correct direction. Please confirm.

You mentioned Datadog and Sysdig charges per host. Does it charge per slave node?

See more
Replies (3)
Recommends
on
DatadogDatadog

Can't say anything to Sysdig. I clearly prefer Datadog as

  • they provide plenty of easy to "switch-on" plugins for various technologies (incl. most of AWS)
  • easy to code (python) agent plugins / api for own metrics
  • brillant dashboarding / alarms with many customization options
  • pricing is OK, there are cheaper options for specific use cases but if you want superior dashboarding / alarms I haven't seen a good competitor (despite your own Prometheus / Grafana / Kibana dog food)

IMHO NewRelic is "promising since years" ;) good ideas but bad integration between their products. Their Dashboard query language is really nice but lacks critical functions like multiple data sets or advanced calculations. Needless to say you get all of that with Datadog.

Need help setting up a monitoring / logging / alarm infrastructure? Send me a message!

See more
Maik Schröder
Recommends
on
InstanaInstana

Hi Medeti,

you are right. Building based on your stack something with open source is heavy lifting. A lot of people I know start with such a set-up, but quickly run into frustration as they need to dedicated their best people to build a monitoring which is doing the job in a professional way.

As you are microservice focussed and are looking for 'low implementation and maintenance effort', you might want to have a look at INSTANA, which was built with modern tool stacks in mind. https://www.instana.com/apm-for-microservices/

We have a public sand-box available if you just want to have a look at the product once and of course also a free-trial: https://www.instana.com/getting-started-with-apm/

Let me know if you need anything on top.

See more
Attila Fulop
Management Advisor at artkonekt · | 2 upvotes · 318K views

I have hands on production experience both with New Relic and Datadog. I personally prefer Datadog over NewRelic because of the UI, the Documentation and the overall user/developer experience.

NewRelic however, can do basically the same things as Datadog can, and some of the features like alerting have been present in NewRelic for longer than in Datadog. The cool thing about NewRelic is their last-summer-updated pricing: you no longer pay per host but after data you send towards New Relic. This can be a huge cost saver depending on your particular setup

https://docs.newrelic.com/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing

I'd go for Datadog, but given you have lots of containers I would also make a cost calculation. If the price difference is significant and there's a budget constraint NewRelic might be the better choice.

See more
Decisions about Datadog and Splunk
Attila Fulop

I haven't heard much about Datadog until about a year ago. Ironically, the NewRelic sales person who I had a series of trainings with was trash talking about Datadog a lot. That drew my attention to Datadog and I gave it a try at another client project where we needed log handling, dashboards and alerting.

In 2019, Datadog was already offering log management and from that perspective, it was ahead of NewRelic. Other than that, from my perspective, the two tools are offering a very-very similar set of tools. Therefore I wouldn't say there's a significant difference between the two, the decision is likely a matter of taste. The pricing is also very similar.

The reasons why we chose Datadog over NewRelic were:

  • The presence of log handling feature (since then, logging is GA at NewRelic as well since falls 2019).
  • The setup was easier even though I already had experience with NewRelic, including participation in NewRelic trainings.
  • The UI of Datadog is more compact and my experience is smoother.
  • The NewRelic UI is very fragmented and New Relic One is just increasing this experience for me.
  • The log feature of Datadog is very well designed, I find very useful the tagging logs with services. The log filtering is also very awesome.

Bottom line is that both tools are great and it makes sense to discover both and making the decision based on your use case. In our case, Datadog was the clear winner due to its UI, ease of setup and the awesome logging and alerting features.

See more
Benoit Larroque
Principal Engineer at Sqreen · | 4 upvotes · 416.1K views

I chose Datadog APM because the much better APM insights it provides (flamegraph, percentiles by default).

The drawbacks of this decision are we had to move our production monitoring to TimescaleDB + Telegraf instead of NR Insight

NewRelic is definitely easier when starting out. Agent is only a lib and doesn't require a daemon

See more
Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of Datadog
Pros of Splunk
  • 139
    Monitoring for many apps (databases, web servers, etc)
  • 107
    Easy setup
  • 87
    Powerful ui
  • 84
    Powerful integrations
  • 70
    Great value
  • 54
    Great visualization
  • 46
    Events + metrics = clarity
  • 41
    Notifications
  • 41
    Custom metrics
  • 39
    Flexibility
  • 19
    Free & paid plans
  • 16
    Great customer support
  • 15
    Makes my life easier
  • 10
    Adapts automatically as i scale up
  • 9
    Easy setup and plugins
  • 8
    Super easy and powerful
  • 7
    In-context collaboration
  • 7
    AWS support
  • 6
    Rich in features
  • 5
    Docker support
  • 4
    Cute logo
  • 4
    Source control and bug tracking
  • 4
    Monitor almost everything
  • 4
    Cost
  • 4
    Full visibility of applications
  • 4
    Simple, powerful, great for infra
  • 4
    Easy to Analyze
  • 4
    Best than others
  • 4
    Automation tools
  • 3
    Best in the field
  • 3
    Free setup
  • 3
    Good for Startups
  • 3
    Expensive
  • 2
    APM
  • 3
    API for searching logs, running reports
  • 3
    Alert system based on custom query results
  • 2
    Dashboarding on any log contents
  • 2
    Custom log parsing as well as automatic parsing
  • 2
    Ability to style search results into reports
  • 2
    Query engine supports joining, aggregation, stats, etc
  • 2
    Splunk language supports string, date manip, math, etc
  • 2
    Rich GUI for searching live logs
  • 1
    Query any log as key-value pairs
  • 1
    Granular scheduling and time window support

Sign up to add or upvote prosMake informed product decisions

Cons of Datadog
Cons of Splunk
  • 19
    Expensive
  • 4
    No errors exception tracking
  • 2
    External Network Goes Down You Wont Be Logging
  • 1
    Complicated
  • 1
    Splunk query language rich so lots to learn

Sign up to add or upvote consMake informed product decisions

What is Datadog?

Datadog is the leading service for cloud-scale monitoring. It is used by IT, operations, and development teams who build and operate applications that run on dynamic or hybrid cloud infrastructure. Start monitoring in minutes with Datadog!

What is Splunk?

It provides the leading platform for Operational Intelligence. Customers use it to search, monitor, analyze and visualize machine data.

Need advice about which tool to choose?Ask the StackShare community!

What companies use Datadog?
What companies use Splunk?
See which teams inside your own company are using Datadog or Splunk.
Sign up for StackShare EnterpriseLearn More

Sign up to get full access to all the companiesMake informed product decisions

What tools integrate with Datadog?
What tools integrate with Splunk?

Sign up to get full access to all the tool integrationsMake informed product decisions

Blog Posts

Jul 9 2019 at 7:22PM

Blue Medora

DockerPostgreSQLNew Relic+8
11
2345
Jun 26 2018 at 3:26AM

Twilio SendGrid

GitHubDockerKafka+10
11
9964
GitGitHubPython+22
17
14227
GitGitHubDocker+34
29
42485
What are some alternatives to Datadog and Splunk?
New Relic
The world’s best software and DevOps teams rely on New Relic to move faster, make better decisions and create best-in-class digital experiences. If you run software, you need to run New Relic. More than 50% of the Fortune 100 do too.
Prometheus
Prometheus is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is observed to be true.
Grafana
Grafana is a general purpose dashboard and graph composer. It's focused on providing rich ways to visualize time series metrics, mainly though graphs but supports other ways to visualize data through a pluggable panel architecture. It currently has rich support for for Graphite, InfluxDB and OpenTSDB. But supports other data sources via plugins.
AppDynamics
AppDynamics develops application performance management (APM) solutions that deliver problem resolution for highly distributed applications through transaction flow monitoring and deep diagnostics.
Sentry
Sentry’s Application Monitoring platform helps developers see performance issues, fix errors faster, and optimize their code health.
See all alternatives