How to Build Logging for a Distributed Database: Splunk vs ELK vs BYO

The CockroachDB Dedicated team built a centralized logging system for their distributed database using Splunk. They chose Splunk over ELK and building an in-house solution due to its security features, scalability, and cost-effectiveness. The system aggregates logs from both application containers running in Kubernetes and cloud providers like AWS and GCP. By shipping thousands of logs to longterm searchable storage, the team can now alert on various event types and improve their overall security infrastructure.