Gravwell is built to handle your data, in all its forms. This means we're unstructured first but our data enrichment system combines a hybrid approach.
Depends on what kind of insights you're looking to get out of it. If you have highly structured data that's easily indexable on the elements you care about, you're better off with something like ELK or another structured solution. If you need the ability to answer questions you didn't anticipate, particularly with time as the index, then Gravwell is a great option. As an example, we have a customer who has an indexed solution for web logs but they used Gravwell to help track the root cause of some weird 500 errors being generated because the indexed data just wasn't set up to answer the question.
On the other hand, if you wanted to ask "which page has the most views in the past 24 hours", a structured and indexed datastore is going to be better because something unstructured like Gravwell or Splunk may have to touch all of the records to count them.
Gravwell may not be the best solution to a very specific problem but it's the second best solution to every problem. The power comes in the query language and dynamic exploration that the platform provides.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article