Enterprise search software provider LucidWorks has introduced a package based on its open-source Apache Solr search engine that will allow administrators and business analysts to extract more information from IT system logs. <\/p>\n
SiLK \"is a solution that relies on open core components that organizations can use to manage log data at scale,\" said Will Hayes, LucidWorks chief product officer. <\/p>\n
The SiLK package combines Apache Lucene\/Solr with a number of open-source analysis tools, namely Apache Flume, LogStash and Kibana. <\/p>\n
Kibana offers the reporting visualization capabilities and LogStash is used to collect, store and parse logs. Flume provides a way to connect with Hadoop repositories. Apache Solr, which LucidWorks oversees, provides the searching and indexing capabilities. Solar used to be called Lucene\/Solr, after two technologies that were combined, before the name was shortened to Lucene. LucidWorks employs about 25 percent of the core developers who manage and update Lucene and Solr. <\/p>\n
The software package could help in security analysis, business intelligence, fraud detection and other use cases, according to the company. It can offer time-series analysis, data discovery and correlation. <\/p>\n
The open source software stack that powers SiLK is not new -- many organizations have already combined LogStash and Kibana to analyze log data. Most implementations have used another open source search engine, Elasticsearch, however. <\/p>\n
\"A lot of people out in the community were talking about using LogStash with Solr,\" Hayes said. \"A number of organizations are running into issues with using Elasticsearch at scale.\" <\/p>\n
LucidWorks says that using Lucene instead of Elasticsearch will allow an organization to aggregate and search across more data, Hayes said. SiLK is aimed at organizations that have anywhere from hundreds of gigabytes to terabytes of data to ingest daily. <\/p>\n
According to Hayes, SiLK can also provide some scalability advantages over the commercial market leader of log-data analysis, Splunk. Splunk charges, at least in part, based on how much data is being analyzed, which can add up when dealing with extremely large amounts of data. <\/p>\n
SiLK also works well with Hadoop deployments, Hayes said. It has been certified to work with the Cloudera Enterprise 5 commercial Hadoop package and Solr is frequently incorporated into other Hadoop distributions, such as those offered by MapR and Hortonworks. <\/p>\n
<\/p>\n