1

In an IT-integrator, I'm currently trying to evangelize the use of log file monitoring of hardware installations. The idea is to use a Elasticsearch/Logstash/Kibana stack (most flexibility, open source).

However to convince management I'm looking for some proven use cases.

Whom of you have implemented such tracks and what where the results?

The main metric to report efficiency improvements is the reduction in Mean Time to Resolution. I have seen marketing-quotes such as 70% reduction in MT(T)R (Splunk), 90% reduction (Sumo). I'm 100% convinced of its major impact, but I'm looking for some more realistic expectations (obviously, I acknowledge that it depends on the level of depth one puts into the monitoring, anomaly detection, etc).

I'm curious about your answers! ;-)

GregL
  • 9,030
  • 2
  • 24
  • 35
  • Hmm... it seems to me that you'd already have the proven use cases, otherwise why would you be lobbying for it? – joeqwerty Oct 02 '15 at 14:48
  • It seems this question would primarily invite opinion driven answers, which are rather off topic correct me if I'm wrong. To pitch in we recently trialled splunk and went with logstash to centralize log file and syslog output. MTtR improvement we to our surprise (had the conversation the other day) find in many cases to be 100% as we now find errors and bugs which just passed us by before centralizing, filtering and visualizing the many disparate outputs. The ones we caught before we do process noticeably quicker now. – ErikE Oct 02 '15 at 15:18

0 Answers0