Splunk Cloud Platform Reviews

I use Splunk Cloud Platform for both IT alerting and incident management in my training.

I use it to find threats and strange behavior of applications or networking. I mostly use it for networking, strange processes, and behaviors. I use the alerting mechanism.

I appreciate the syntax that Splunk Cloud Platform uses because it is not KQL.

The whole product is really good, and I did not have much difficulty using it. The alerting mechanism is good to have, but in my personal training, I did not use it much because I did not need it that much.

The visualization feature in Splunk Cloud Platform is a pretty good feature because I did not need to go to any other vendors, for example, any.run or VirusTotal. This speeds the whole investigation up.

It is worth reconsidering the syntax language and changing it to KQL. The company would benefit from using the KQL language in queries. Pricing would be better.

My experience with Splunk Cloud Platform is three months.

I have not heard a lot of problems or disconnections, so I think nine is correct. That is also nine.

From what I heard, the technical support is pretty decent, so eight is okay.

I have tried Elastic, Sentinel, and I think that is all.

I cannot tell if the deployment is easy or complex. I cannot tell how long it took to deploy because I did not deploy it. I just started the session, and everything was already prepared for me.

I had some tasks to find, such as some strange processes. That was one big task to perform on Splunk Cloud Platform system. There were several of these tasks, but that was an example.

I have not tried the machine learning tools yet. I did not integrate Splunk Cloud Platform with any tools. In my case, it is just me using the solution, but I know the whole platform because I am using Cyber Defender platform for learning. The whole platform has a lot of people, but in my case, it is only me.

I cannot tell if it requires any maintenance, but I do not think it is really rough to do it.

My overall review rating for Splunk Cloud Platform is eight.

We have used Splunk Cloud Platform for the past one year. We use Splunk Cloud Platform for system monitoring and alerts, and we have personal dashboards to monitor our activities. We ingest logs and monitor all of our operations. We also use AWS along with Splunk Cloud Platform.

The powerful search capabilities using SPL are what I appreciate about Splunk Cloud Platform. The second feature we value is its real-time monitoring and alerting.

The best feature is that Splunk Cloud Platform is handled by the Splunk team itself, including installation and all related tasks. We do not have to touch anything; we simply use it for our case.

SPL search capability is one of the primary tools we use every day. We have different search queries configured for alerts, dashboards, and all related functions. It is one of the major tools we use in our daily operations.

Overall, Splunk Cloud Platform is cost-efficient for us because we are Splunk partners, and it offers better performance. It has improved our faster query execution and includes an inbuilt dashboard with better dashboard performance. We gain more meaningful insights using Splunk Cloud Platform compared to other SIEM tools.

The initial learning curve should be more personalized for new users who just started using Splunk Cloud Platform. Additionally, the documentation should be more beginner-friendly.

I have been using Splunk Cloud Platform  for the past one year.

Splunk Cloud Platform is working fine for us; it is superb.

It is super scalable for us, whether you consider horizontal or vertical scaling. We are expanding in both directions, so it is highly scalable for us.

We have escalated questions regarding Splunk Cloud to Splunk. During the upgrade, we experienced some issues with our forwarders not coming up and some issues with our search head. All of the issues were resolved. We raised support cases and our issues were solved by the Splunk team itself. It has been good for us so far.

We directly use Splunk Cloud Platform.

The initial setup was straightforward.

It is super smooth; Splunk Cloud Platform integrates with ServiceNow smoothly. We have experienced no problems so far in that regard.

We have seen a return on investment with Splunk Cloud Platform at 30 to 40 percent.

We are Splunk partners, so in Splunk Cloud Platform, pricing is not an issue. It is balanced, and from a pricing perspective, it is good for us.

If you are looking for a SIEM tool that has all the capabilities, you should definitely opt for Splunk Cloud Platform. I would rate this solution a 9 out of 10.

My usual use cases for Splunk Cloud Platform involve being an admin where we used to build Splunk clusters or distributed environments from scratch on the on-premises system, but now we have everything up and running on Splunk Cloud Platform, which operates on AWS. Splunk has developed it on AWS. Currently, as an admin, I just need to maintain and configure it according to our needs. It functions as a software as a service now, meaning we don't configure it from scratch the way we used to do with installation, configuration, and setup of the configs as we required. Now, it is software as a service that we use for both Splunk and Observability.

Splunk Cloud Platform has greatly improved my daily operations through enhanced integration with third-party tools. Earlier integrations from on-premises Splunk to third-party tools were quite difficult, lacking the necessary add-ons or applications that could be directly used from the UI. Now on Splunk Cloud Platform, they have introduced new add-ons and plugins that allow us to utilize and pass credentials directly for integration with third-party applications, making the process very efficient and fast. We have multiple new add-ons that let us connect directly to clouds such as AWS, Azure, and Google, as well as event management applications such as ServiceNow, requiring only the credentials and service accounts and eliminating the need to configure from scratch.

The features of Splunk Cloud Platform that I have found most valuable and useful relate to licensing. Previously, it was a daily quota that we purchased on-premises, but currently it is based on SVC, or Splunk virtual compute, which is based on CPU and memory utilization of the cloud for billing. There are two license types: Victoria and Base. As we utilize the SVCs, we are charged accordingly, and we have the option to purchase a fixed number of SVCs or pay based on how many we actually use.

The effectiveness of Splunk Cloud Platform's search capabilities in uncovering operational insights is notable because as an admin or developer, we utilize saved searches that run on schedules that we set. The search capability utilizes the same compute assigned, and compared to on-premises, it is very efficient and fast because on-premises we had fixed compute assigned with limits set for searching per role or application. In the cloud, we find it very easy and fast to use.

Splunk Cloud Platform helps in proactive issue resolution by allowing us to set alerts based on data flow to find errors or anomalies that need identification. The saved searches run based on these conditions to find errors or identify anything unusual in the data. We get alerts based on the conditions we set, which is quite effective.

Areas of Splunk Cloud Platform that could be improved or enhanced in the future include data visualization, as the way we use data for security and other purposes could further benefit from enhanced visualization to support monitoring, threat analysis, and other aspects.

Overall, I would rate Splunk Cloud Platform an eight out of ten as a solution for us.

Regarding stability and reliability so far, we are not yet live and are still in the migration process, but comparing it to on-premises, it seems promising.

My thoughts on the scalability of Splunk Cloud Platform are that it scales up quite well. However, I haven't encountered any specific scenarios to validate it thoroughly yet, but overall, it appears to be good.

My opinion on the technical support and customer service of Splunk, based on my cases, is that it is quite good with the credits we have along with the vendor. However, when we don't have credits, they charge us based on time as well as the criticality of the issue.

Positive

In my opinion, there is room for improvement, as we used to raise multiple issues via the process, but they pick them up slowly, and the response times are not as prompt as we would like.

Regarding how Splunk Cloud Platform's ingest and visualization features help improve my data reporting, I have some insights on dashboards, but from a fully comprehensive perspective of data flow and ingestion, I haven't been hands-on that much. As an admin, I have worked on the infrastructure side of it, so I am unable to provide thorough feedback on that.

I would rate Splunk Cloud Platform an eight out of ten overall as a solution for our organization.

Splunk Cloud Platform is primarily used for data visualization, as it allows us to gain insightful perspectives on our data.

The best features of Splunk Cloud Platform include its powerful analytics and intuitive user interface. I particularly appreciate how it simplifies complex data operations.

The ingestion and visualization features of Splunk Cloud Platform are integral to our data reporting, as they help transform raw data into meaningful visual formats effortlessly.

I believe there are a few areas of Splunk Cloud Platform that have room for improvement, particularly in user customization and documentation clarity.

I have been using Splunk Cloud Platform for quite some time.

The stability of Splunk Cloud Platform is commendable, and I would rate it a nine from one to ten.

Regarding scalability, I find Splunk Cloud Platform to be highly scalable; I would rate it an eight from one to ten, as it meets our growing needs efficiently.

From one to ten, with ten being the best, I would rate the technical support of Splunk Cloud Platform as a solid eight.

The deployment of Splunk Cloud Platform itself is straightforward; I would categorize it as easy, with minimal challenges along the way.

We have approximately one hundred users using Splunk Cloud Platform across various teams in our organization.

Overall, I would rate Splunk Cloud Platform a solid eight from one to ten, as it meets a wide range of our business requirements effectively.

When it comes to the cost of Splunk Cloud Platform, I would rate it a five from one to ten, with one being cheap and ten being expensive.

In comparison to other solutions such as DataDog, Microsoft, and Sumo, I find Splunk Cloud Platform to be quite competitive, offering unique capabilities that are valuable to our operations.

My advice for others looking into Splunk Cloud Platform would be to take full advantage of its versatile features and ensure proper training for your team.

I have Splunk Cloud Platform deployed in the cloud, and I utilize AWS as my cloud provider.

Regarding machine learning tools, I find them to be quite impressive in their ability to enhance data analysis and predictive insights.

My thoughts on the alerting mechanisms in Splunk Cloud Platform are positive; they work effectively to notify us of important changes or issues in our data.

I assess the effectiveness of the search capabilities in uncovering operational insights as quite robust, as they provide detailed results swiftly and efficiently.

My thoughts on the integration with third-party providers is that it generally is seamless, allowing us to synchronize various tools with Splunk Cloud Platform easily.

Overall, I would rate this review an eight from one to ten.

My major use case for Splunk Cloud Platform is for SOC, SIEM mostly.

What I like about Splunk Cloud Platform is the easy reading of the dashboards and finding the data, which brought me the biggest benefits.

The alerting mechanism in Splunk Cloud Platform is customizable, so we could adapt it to our needs and assign the right priorities and based on this, define the action.

Visualization features and ingesting in Splunk Cloud Platform helped to improve my data reporting, but that was also a different team that was providing the log ingestion.

Other features that were really great in Splunk Cloud Platform include real-life monitoring, so we could have logs right away, and parsing was fine, so when it was correctly ingested and Splunk Cloud Platform parsed it correctly, then we had no issues with receiving the correct alerts.

Splunk Cloud Platform could improve in how quickly it reacts to users reporting issues.

Splunk Cloud Platform can be complex depending on the log source in terms of deployment.

I used Splunk Cloud Platform for seven years.

Splunk Cloud Platform was stable, and I did not see any performance issues or downtime, although it happened; the issue was that we had to really fine-tune the log quality so that it would not be ingested too much and handled for nothing.

Regarding the scalability of Splunk Cloud Platform, I would say it is scalable, but maybe the pricing may affect the scalability because it may not be that beneficial to onboard too many log sources if they generate too many false positives and then you reach over the limit of the license.

I would rate the technical support for Splunk Cloud Platform probably a three, because there was some support, but I remember that we were using our proxy company to submit it for us because they were bigger and maybe more convincing to Splunk.

Negative

The biggest issue during deployment of Splunk Cloud Platform was correct log parsing.

I can describe the impact of integration with third-party solutions in Splunk Cloud Platform as limited experience since I was the only one on the receiving end of it, and I was not integrating it with any solutions or with any other vendors; we also had the company who was supporting us in the configuration part, so we didn't even have to do it fully by ourselves.

I don't see ROI with Splunk Cloud Platform, such as time saving or money saving because I'm security operations, so I don't think in management terms.

I have about the same amount of experience in this domain with SOC solutions, as I haven't worked with SOC SIEM solutions such as Splunk Cloud Platform before, so it's the same. My overall review rating for Splunk Cloud Platform is 8.

I use the Splunk Cloud Platform for security monitoring. My company is a technology company with over 40,000 employees.

The Splunk Cloud Platform offers easy data ingestion and a user-friendly interface for product teams, particularly for straightforward log shipping.

Splunk Cloud Platform offers easy integration due to its robust and well-documented APIs. These allow seamless integration into existing pipelines and other products and the flexibility to create custom integrations as needed.

Splunk Cloud Platform helps access data for compliance and privacy regulations. While some manual work remains, it assists with meeting compliance and regulatory requirements, especially regarding logging, reporting, and monitoring, solidifying its position as the industry standard.

The most valuable feature of Splunk Cloud Platform is its robustness and ability to ingest logs.

Splunk Cloud Platform needs improvement in its security offerings, specifically in cybersecurity. It has not kept pace with competitors over recent years, and integration with the Cisco ecosystem after Cisco's acquisition of Splunk has also been slow. The product should incorporate more readily available features, especially in security monitoring.

The federated search feature is costly.

Extracting meaningful insights beyond essential log data proves challenging due to the product's reliance on manual processes. Users must manually configure detections, develop logic for insights, and manage dashboards. While the product boasts numerous out-of-the-box capabilities, these often require extensive modification to align with specific user needs, limiting their practical applicability.

Splunk Cloud Platform doesn't inherently provide visibility as a standalone product. It's a platform for building custom visibility solutions. We need to feed it data and then write logic to define what insights we want to extract. While pre-built solutions might be available in the marketplace, Splunk doesn't offer out-of-the-box visibility. If we know our requirements, we can utilize code and research to create custom dashboards, but it requires effort and expertise.

The pre-built reports in Splunk Cloud Platform are generic and require manual adjustments to extract specific, granular information, which requires the user to be knowledgeable.

I have been using the Splunk Cloud Platform for over ten years.

The customer service and support for Splunk Cloud Platform are mediocre and often hit or miss. Premium support is costly and may not always provide a satisfactory experience, as even the support engineers can sometimes be stumped.

Neutral

The initial setup of the Splunk Cloud Platform is straightforward. Professional services are available to assist in deployment, including setting up Splunk forwarders and building data models. With adequate support, full deployment can be efficiently achieved.

Full deployment is a lengthy process, but achieving 50 percent deployment can be achieved within one to two quarters.

Deploying Splunk Cloud may require different resources depending on the size of the data ingested daily. Two to three people may be sufficient for smaller terabyte ingestion, whereas a team of four to five might be needed for larger ingestion.

The return on investment with Splunk Cloud Platform has been poor. There is a significant possibility we will be replacing it in the next quarter or two.

Splunk Cloud is considered too expensive, with its two product offerings both being costly. I would rate the cost an eight out of ten, with ten being the most costly.

Splunk Cloud Platform is not impacting a lot of decisions. But if we write very good reports and dashboards, then we can derive insights from them for leadership to make concrete decisions on. So we have to do the legwork to get that output.

While Splunk Cloud Platform may not be a significant factor in decision-making, generating high-quality reports and dashboards can provide valuable insights for leadership to take concrete action. However, we must dedicate ourselves to the necessary work to produce those impactful outputs.

I would rate Splunk Cloud Platform a five out of ten due to its gradual decline over the last few years. While I would have rated it an eight out of ten four years ago, its performance and features have deteriorated, leading to my current lower rating.

In the data and analytics domain, I work with Splunk Cloud Platform where we handle system logs and large scale data. I use Splunk Cloud Platform to monitor applications. I analyze logs and then build dashboards that provide real time insight for our technical team.

Splunk Cloud Platform is fully managed, so we do not need to handle infrastructure. The next thing I appreciate is its powerful search using SPL. It is easy to build dashboards in Splunk Cloud Platform and its visualization is also solid.

The alerting mechanisms of Splunk Cloud Platform have definitely helped in proactive issue resolution. Alerting is one of the most prominent features of Splunk Cloud Platform because we have set numerous alerts for daily ingestions. Health monitoring of Splunk dashboards is another valuable feature. We have alerts for thresholds, alerts for users, and alerts for failed logons. For example, if someone is trying to log in more than five times and failing, we have alerts for that as well. This is very useful for us.

Machine learning tools of Splunk Cloud Platform have helped to predict trends in our data. Using machine learning libraries, it is easy for us to analyze data and predict our upcoming data. This makes it pretty straightforward for us in daily operations using the machine learning toolkit.

One aspect I dislike about Splunk Cloud Platform is that cost can become high as data ingestion increases. The initial learning curve for SPL and cloud setup is also difficult for some new beginners.

I have been using Splunk Cloud Platform for the past one year.

Regarding stability, Splunk Cloud Platform does not lag or crash. It is highly scalable and stable for us.

Splunk Cloud Platform is very scalable for us because we conduct day-to-day operations in Splunk Cloud Platform itself. We are increasing our team both horizontally and vertically.

The technical support regarding Splunk Cloud Platform is good because they are always helpful. Whenever there is an upgrade, we notify them and they upgrade it for us. Everything is straightforward and simple with them. So far, we have had no issues with them.

Since Splunk Cloud Platform is a fully managed service, there is no need to handle servers, upgrades, or maintenance. Everything is managed by Splunk, which makes it pretty straightforward for us to use and complete every everyday task. There is no infrastructure management required and it enables faster development. It is highly scalable for us.

For new users, my advice is that if you are looking for a SIEM tool and you can afford it, then Splunk Cloud Platform is the best SIEM tool you can use because it is highly scalable and solves our day-to-day operations and use case. Everything is available within a single platform. I would rate this solution a nine out of ten.

Splunk Cloud Platform is a product I use since my company has different platforms on Splunk, like Splunk ITSI and Splunk Enterprise Security. Splunk ITSI and Splunk Enterprise Security are the two packages known as paid packages under Splunk Cloud Platform, and my company also has an ad-hoc search head. Splunk ITSI is totally related to the infrastructure monitoring that my company does, and from it, we derive the service analyzers, episodes, and alerts and see if we want to integrate anything with ServiceNow, Jira, or any other monitoring tools we have. The product can be integrated with other tools, while my company can also use its alerting feature and its ability to notify the consumers with particular alerts, so the total infrastructure is covered under SIEM, making it possible to attach to security information. My company also created a couple of use cases, like in the case of continuous resetting of a password more than three or four times, then there will be a security incident that would be created so that if any end user is doing it as malpractice, like, phishing or something, my company can detect it and inform the user that you have crossed the four limits, and there is some attack happening owing to which we need to reset the password. Based on the aforementioned process, SIEM monitoring will be handled through its application. The aforementioned areas consist of the use cases related to the tool, along with a couple of more activities, like onboarding a user onto Splunk, creating apps for them, creating dashboards, creating alerts, and creating a couple of use cases for them as per their requirements.

In my organization, Splunk Cloud Platform has improved the issue revolving around transactions. If there are any issues with the transactions, then my company notifies the end users that their transactions failed, after which they can fix the issues so that there are no issues with the transaction part, especially regarding the application availability. The tool makes it possible to fix issues without any downtime.

I mainly work with Splunk SIEM and Splunk ITSI, and these are the two major products recommended for all consumers. If it is related to security, I recommend Splunk SIEM, and if it is related to infrastructure monitoring, I recommend Splunk ITSI to others. I used to take care of the observability part as well with the aforementioned tools. For observability purposes, I use Splunk-related applications. I also do the onboarding of the data into Splunk with the help of observability functionality.

If I focus on the observability part of the product, I see that it is an area that doesn't offer more integrations compared to what Splunk Cloud Platform or Splunk Enterprise offers. When it comes to the integrations with the other platforms, there is a little bit of a lag in the observability part, making it an area where improvements are required.

I have been using Splunk Cloud Platform for 5 years. My company has a partnership with Splunk.

It is a stable solution. Cisco has acquired Splunk recently, so I think it will be a more stable product in the coming days.

It takes a lot of time for the support team to resolve issues. In short, it takes a lot of time for Splunk's support team to troubleshoot an issue, meaning they are unable to resolve issues within a certain time frame. I rate the technical support a 6-7 out of 10.

The product's deployment phase was straightforward, especially compared to the ones I have dealt with in the past.

The solution is deployed on a hybrid cloud model.

For deployments starting from scratch, I deal with the documentation part. I prefer to look through Splunk's recommendations on the limits of how much the server configuration should be while trying to meet the configuration requirements of the consumer. In general, I deal with whatever configuration files are needed and how the consumers want to approach it, like if it should be a heavy forwarder or universal forwarder or if they don't want to directly ingest data to the indexer bypassing the heavy forwarder. Basically, I try to understand the consumer requirements before taking care of the deployment part.

For a limited deployment involving four to five servers, only a single person is required. If the deployment involves twenty to thirty servers, the number of people required to deploy the product will have to be increased depending on the requirements, and my company will also have to manage everything. The number of people required for deployment is based on the capacity at which my company plans to do the deployment.

My company has the entire Splunk Enterprise package, and we have many universal forwarders set up at fifty different locations. In around twenty locations, universal forwarders have been set up. My company also has fifteen indexes that directly send data to indexers. My company also has four heavy forwarders that collect information from applications like Azure. My company uses add-ons with the heavy forwarders in Splunk.

I was involved in the product's deployment phase.

My company has a license for Splunk Cloud Platform. My company also has a license for Splunk Enterprise. There are two packages that my company has access to when it comes to Splunk, and I am also aware of the configurations and setup phases related to the tool, from scratch to production.

Splunk Cloud Platform has improved our company's incident response time. For example, if any event is ingested into Splunk, within less than a minute, we trigger an incident to the end user based on the assignment group in ServiceNow.

There are many benefits attached to the tool in the areas of machine learning and predictive analysis. In Splunk ITSI, there is predictive analysis, which can be used for protection with the alert capabilities, especially if there is an alert storm coming up. My company can directly detect particular alerts from the trail to the attack and notify the end user about it. With the machine learning toolkit, my company does anomaly detection with the help of Splunk SIEM platform. With Splunk ITSI, my company does predictive analysis. The aforementioned area covers the two different platforms my company uses, along with two different approaches and the tool's machine learning capabilities.

My company interacts with our consumers. For example, if I am a consumer of Azure products, I would want to onboard all the data from Azure, even if it consists of user data. I recommend that more space be set on a particular index so that Azure data can be used. My company has all data related to Azure about its users and the changes if you have a license or if you have Azure Event Hubs, including any other things that it may have. I recommend more space in Azure, but if it is a network-related application like Aruba, I recommend that it has a little bit less space compared to Azure. The scalability of Splunk Cloud Platform can impact our company's data management, though I recommend the space required for a tool based on the use cases.

I am aware of the federated search features in the product. If a search is not running up, then my company needs to check whether any permission related to the search has any issue or if anything is going wrong, after which my company needs to check and fix those searches. I have not used much of the tool's federated search features.

My organization monitors multiple cloud environments with the tool's help. It is easy to monitor multiple cloud environments using the product. For example, if my company takes into account Splunk ITSI with service analyzers, then we define how one service is related to GCP. One service will be under the cloud services offered by Azure, while another service will be related to AWS. My company can divide the services based on locations and KPIs. My company monitors the total locations of the cloud so that we can get more insights from the service breakdown, which is why I recommend the use of Splunk ITSI. I used to work more with Splunk ITSI, a reason why I recommend it to others, as it is easy to understand and handle, even if you have 1,000 or 20,000 applications. With Splunk ITSI service breakdown, it is very easy to handle applications.

The visibility of the tool in multiple environments can be explained with the help of an example, where, if my company considers Splunk Cloud Platform, the visibility will be less compared to what we get from Splunk Enterprise. Splunk Cloud Platform is totally managed by Splunk's support team, so if anyone needs to do anything, my company needs to raise a request for a change in the tool, though we can modify a couple of services, like a couple of applications using ACS, which was introduced by Splunk. With ACS, if you want to update, create a token, or modify anything from the HEC token information, you can do it with the particular services offered by the solution. Considering the aforementioned area, I recommend that 30 percent of the work be done with ACS, and 70 percent of the work needs to seek assistance from Splunk's support team. Our company handles Splunk Enterprise, and we have 100 percent visibility on it compared to Splunk Cloud Platform.

The integration of the product with other services is possible. I have integrated it with ServiceNow, Jira, Slack, and Microsoft Teams, and I can say that it has been okay till now. It is good to integrate Splunk Cloud Platform with other tools. If we take a cloud service like GCP into consideration as an example and say that it is not working properly, then there will be an incident directly assigned to the support team based on the integration with ServiceNow. If you want to notify all the consumers in a scenario where GCP is not working properly through particular notifications with Slack channel particular notifications, then one can inform all the thousand consumers in a particular company about it, and it is possible with a single integration.

My company uses the tool for alert reporting. For example, if the top management of an organization is looking for the availability of websites, especially a couple of websites that are critical to their applications, then my company monitors such applications with the data in the report from the last thirty days or seven days, to ensure that availability of a particular website is 100 percent. If anything goes wrong as per the reports from the previous seven days, then the availability is reduced to 80 or 95 percent, which is based on how much time it was down, and it will be then notified to the consumer or top management, stating that the availability got reduced, and how there is need to fix a couple of applications in the back-end so that the availability can be increased. The top management will be made aware of the things that have been going on for the last seven or forty days. In general, a report is good for notifying the top management or consumers so that they can make decisions or check if their licenses or server capacity needs to be increased. With the alerting report feature, my company can be confident that the top management or consumers know about a particular issue in the tool that we can fix as soon as possible, but there will be a cost involved in doing so every time. If the consumer or top management is aware of the issues in the tool with the help of the alerting report feature, then they can make a decision.

I am currently not aware of how the product has an impact on decision-making.

The product has helped my organization with data compliance and privacy regulations since we were able to set up the terms and conditions with Splunk. In general, it is good when it comes to the terms and conditions revolving around the security part.

Maintenance is required to upgrade the applications, so we need a downtime of no more than fifteen minutes.

The product offers value in terms of resilience. Whenever my company faces difficulties, it is the solution we use for all our monitoring purposes.

In terms of the extensibility of the product, I feel it is a good solution.

Everything is supported by Splunk support, though it may take some time to find and resolve certain issues. If Splunk's support team resolves issues within a certain time frame, I can provide a nine out of ten rating for Splunk's technical team. Splunk Enterprise is totally handled by our company, so I can give it a nine out of ten.

I recommend Splunk Enterprise to others, especially when compared to Splunk Cloud Platform. If any notifications are needed, it can be done with no downtime, and it can even be completed within a week. If we want Splunk's support team to do the same aforementioned procedure for our company, then it may take a little bit more time.

I rate the overall tool a 7-8 out of 10.