The best open source alternative to Splunk is Grafana. If that doesn't suit you, our users have ranked more than 100 alternatives to Splunk and many of them is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Splunk are Wazuh, Logstash, Prometheus and Laravel Nightwatch.
Grafana provides a powerful and elegant way to create, explore, and share dashboards and data with your team and the world.
It's not a SIEM tool. Rather, it just displays arbitrary data.
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite "stash.".
The "L" in the ELK-Stack. i. E. part of a splunk alternative
Prometheus is an open-source systems monitoring and alerting toolkit originally built at SoundCloud. Since its inception in 2012, many companies and organizations have adopted Prometheus, and the project has a very active developer and user community.
System / performance monitoring centric
Monitor your Laravel applications with precision. Enhance performance and reliability with error tracking, comprehensive logs, and deep insights tailored specifically for Laravel.
An open source observability platform: Unify session replays, logs, traces, and errors – all without the Datadog price tag.
Grafana Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.
Unify your cloud-native monitoring with zero-code eBPF, advanced profiling, and 10x storage efficiency.
Goxe is a high-performance log reduction tool written in Go, designed to reduce noise in observability pipelines. It ingests logs via Syslog/UDP, normalizes and filters them, and aggregates identical or repetitive messages into a single-line format with occurrence counts.
![This screenshot shows Goxe's terminal output. It displays a 'Partial Report' where repetitive log messages (like update versions and errors) are grouped with their occurrence count (e.g., [74961] repetitions). At the bottom, it highlights the tool's high efficiency, showing a memory footprint of less than 1MB while processing large volumes of data.](https://img.alternativeto.net/s/618x394/avif/goxe_881513_full.png)
Tracecat is the AI-native, open source automation platform for security teams. Build automation workflows and close cases fast. Deploy your first AI-assisted workflow in 15 minutes.
Stethoscope is a personalized security recommendation tool made by Netflix for employees.
Sweden
EU
Netherlands
United States
China
Venezuela
Grafana is NOT a log monitor. It is only a graphing solution for logs and metrics from many different data sources but you will need solutions to get those logs and metrics in the first place.