Good question.
How many servers do you have to collect logs from?

a few thousand ultimately

I'd like to hear of people who have used both Splunk and/or prelude in an
environment with, say, 500<x<1000 servers, for collection of logs and can
voice a few opinions.

in the log term i might use loglogic or something similar but in the interim i'd like to know if there are people out there doing similar things with a tool i can evaluate in the short term