Since I know ELK as a starting point, getting to know splunk is mostly a fun experience. But I did spend fair bit of time to compare these 2 products. So to start with,
- Splunk is Commercial Paid product while ELK is open source.
- Splunk is expensive in license while ELK claimed to be free, but setup requires time-consuming tasks and hardware cost is also a potential concern
- Splunk is usually on-prem while ELK can be anywhere.
- Both log results will be as good as the data which got sent in
- Splunk provider smoother way to parse data by defining the data fields after data is already in the system. However, ELK needs data fields defined before the data is in.