I had the chance to try Splunk out about 3 months ago. The software was rather easy to install, however one thing that did seem to a little hard to use was the interface and the general working with inputs for the software. The search function was really neat, and easy to find errors that were occurring. The free version is limited but still usable, in a larger environment this product would probably be a life saver. Single server deployments, not so much.
Splunk is a search engine that indexes and lets you search, navigate, alert, and report on data from any application, server, or network device. It lets you securely access logs, configurations, scripts and code, messages, traps and alerts, activity reports, stack traces, and metrics across thousands of components from one place in real time. This data can include Apache logs, Sendmail logs, J2EE events, custom application logs, configuration files, or any other type of file that a sysadmin or developer will need to examine on a regular basis.