after seeing an add for a tool on sourceforge, I downloaded the product and gave it a go - ie. the ad worked, but I wouldn't buy the product.

splunk. All it does is allow you to search your log files on that machine very rapidly and the results are shown in a nice graph.

I like:

  • the graph
  • the idea of being able to search and plot errors overtime
  • the fact that the product is just a bunch of python scripts
  • runs as a http demon

but I can't really see it taking off in a huge way. Perhaps it could be useful if you have an error which is intermittent and you want to work out the time component to it. Or if you have have lots of different error log files. Otherwise I think grep and zgrep on the apache error log would do just as well.