We just announced an agreement with Splunk, the IT search company (http://splunk.com), where the Splunk log file collection and analysis engine will be incorporated into NetMRI. This is the first OEM partnership we’ve done and it is an exciting one. Splunk is well known for their ability to search through enormous quantities of log files in a way that can’t be matched with basic tools like grep. David Carrasso, Senior Datamining Engineer at Splunk has a good blog entry on why Splunk is better than some of the other tools for mining log files at http://blogs.splunk.com/david/2005/09/30/one-geeks-reasons-for-splunk/.
NetMRI will take important log events from the Splunk system and correlate them with operational and configuration data that NetMRI has collected to improve its analysis. For example, knowing that an event is from a core router is likely to be more important than the same event from a small branch router. Automatically making this determination and properly prioritizing the events reduces the volume of busy-work that network engineers must perform and allows them to be more productive and to enjoy their jobs more (I don’t know of any network engineers who love repetitive tasks like digging through hundreds or thousands of similar log messages for the few important ones).
-Terry
_____________________________________________________________________________________________
Re-posted with Permission
NetCraftsmen would like to acknowledge Infoblox for their permission to re-post this article which originally appeared in the Applied Infrastructure blog under http://www.infoblox.com/en/communities/blogs.html
