Home
DevOps
Monitoring
Log Management

Logstash vs Splunk

Need advice about which tool to choose?Ask the StackShare community!

Logstash
10.1K
8K
+ 1
102
Splunk
555
925
+ 1
14
Add tool

Logstash vs Splunk: What are the differences?

Developers describe Logstash as "Collect, Parse, & Enrich Data". Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). If you store them in Elasticsearch, you can view and analyze them with Kibana. On the other hand, Splunk is detailed as "Search, monitor, analyze and visualize machine data". Splunk Inc. provides the leading platform for Operational Intelligence. Customers use Splunk to search, monitor, analyze and visualize machine data.

Logstash and Splunk can be categorized as "Log Management" tools.

Logstash is an open source tool with 10.3K GitHub stars and 2.78K GitHub forks. Here's a link to Logstash's open source repository on GitHub.

According to the StackShare community, Logstash has a broader approval, being mentioned in 563 company stacks & 278 developers stacks; compared to Splunk, which is listed in 31 company stacks and 29 developer stacks.

Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of Logstash
Pros of Splunk
  • 68
    Free
  • 18
    Easy but powerful filtering
  • 12
    Scalable
  • 2
    Kibana provides machine learning based analytics to log
  • 1
    Great to meet GDPR goals
  • 1
    Well Documented
  • 2
    Ability to style search results into reports
  • 2
    Alert system based on custom query results
  • 2
    API for searching logs, running reports
  • 2
    Query engine supports joining, aggregation, stats, etc
  • 1
    Query any log as key-value pairs
  • 1
    Splunk language supports string, date manip, math, etc
  • 1
    Granular scheduling and time window support
  • 1
    Custom log parsing as well as automatic parsing
  • 1
    Dashboarding on any log contents
  • 1
    Rich GUI for searching live logs

Sign up to add or upvote prosMake informed product decisions

Cons of Logstash
Cons of Splunk
  • 4
    Memory-intensive
  • 1
    Documentation difficult to use
  • 1
    Splunk query language rich so lots to learn

Sign up to add or upvote consMake informed product decisions

- No public GitHub repository available -

What is Logstash?

Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). If you store them in Elasticsearch, you can view and analyze them with Kibana.

What is Splunk?

It provides the leading platform for Operational Intelligence. Customers use it to search, monitor, analyze and visualize machine data.

Need advice about which tool to choose?Ask the StackShare community!

Jobs that mention Logstash and Splunk as a desired skillset
IT Data Analyst (12 Month Fixed Term)
Pinterest
Mexico City, MX; , MX
View Job Details
PatternsDreamDiagrams+7
IT Asset Manager
CBRE
United Kingdom of Great Britain and Northern Ireland England Feltham
View Job Details
SpreadsheetageEvidence+8
Cybersecurity Intern - Summer 2023
CBRE
United States of America Texas Richardson
View Job Details
SnowflakeELKDatadog+3
Sr. Software Engineer
CBRE
United States of America Texas Richardson
View Job Details
ageVue.jsSpring Boot+16
What companies use Logstash?
What companies use Splunk?
See which teams inside your own company are using Logstash or Splunk.
Sign up for StackShare EnterpriseLearn More

Sign up to get full access to all the companiesMake informed product decisions

What tools integrate with Logstash?
What tools integrate with Splunk?

Sign up to get full access to all the tool integrationsMake informed product decisions

Blog Posts

Shifting From Monitoring to Observability
Jul 9 2019 at 7:22PM

Blue Medora

DockerPostgreSQLNew Relic+8
11
2013
Observability with the ELK Stack
May 21 2019 at 12:20AM

Elastic

ElasticsearchKibanaLogstash+4
12
4604
How SendGrid Scaled to 40 Billion Emails Per Month
Jun 26 2018 at 3:26AM

Twilio SendGrid

GitHubDockerKafka+10
11
9725
Stream & Go: News Feeds for Over 300 Million End Users
Jan 18 2018 at 7:43AM

Stream

GitHubPythonReact+42
48
40268
How Troops Uses Scala To Process Millions of Salesforce Record...
Aug 26 2016 at 8:06AM

Troops

GitHubReactSlack+26
15
5266
The Stack That Helped Medium Scale To 2.6 Millennia Of Reading...
Oct 22 2015 at 8:05AM

Medium

GitHubNode.jsSlack+37
119
37454
How Tilt Is Building The Fastest Growing Crowdfunding Platform
Jul 24 2015 at 5:58AM

Tilt

GitHubGitNode.js+27
13
5498
How 500px serves up over 500TB of high res photos
May 15 2015 at 3:43PM

500px

GitHubMySQLSlack+44
109
50487
What are some alternatives to Logstash and Splunk?
Fluentd
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. Fluentd helps you unify your logging infrastructure.
Kafka
Kafka is a distributed, partitioned, replicated commit log service. It provides the functionality of a messaging system, but with a unique design.
Beats
Beats is the platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.
Graylog
Centralize and aggregate all your log files for 100% visibility. Use our powerful query language to search through terabytes of log data to discover and analyze important information.
Elasticsearch
Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack).
See all alternatives

Related Comparisons

Loggly vs Logstash vs Splunk CloudFluentd vs Logstash vs Splunk CloudLogstash vs Splunk Cloud vs Sumo LogicLoggly vs Logstash vs ScalyrLogstash vs Scalyr vs Splunk Cloud

Trending Comparisons

Django vs Laravel vs Node.jsBootstrap vs Foundation vs Material-UINode.js vs Spring BootFlyway vs LiquibaseAWS CodeCommit vs Bitbucket vs GitHub

Top Comparisons

Bitbucket vs GitHub vs GitLabBootstrap vs MaterializeHipChat vs Mattermost vs SlackPostman vs Swagger UI