Splunk is also termed as “Google for log files”. All the log data generated by any device or system in an IT environment is gathered and given as input to Splunk. Splunk refines it and generates powerful insight into the log data through alerts, charts, graphs etc.
Three key components in Splunk are its forwarder, indexer and search head. Forwarder pushed data to remote indexer. Indexer responds to search queries. Search head is the front end web interface where these 3 components can be combined.
ELK stands for Elasticsearch, Logstash, and Kibana. ELK consists of different software tools like Elasticsearch (log searching tool), logstash (data router and data processing tool) and Kibana(data visualization tool). Altogether, these 3 tools make up a full analytical tool.
Elasticsearch - a NoSQL database which uses Lucene search engine
Logstash - It is a transportation pipeline used to populate Elasticsearch with data
Kibana - It is a dashboard working on top of Elasticsearch and provide data analysis through visualizations and dashboards.