No more typing reviews! Try our Samantha, our new voice AI agent.
HarshShah2 - PeerSpot reviewer
DevOps Engineer at Veefin Solutions Ltd.
Real User
Top 5Leaderboard
May 6, 2026
Cloud analytics has improved reporting and security visibility across hybrid environments
Pros and Cons
  • "Splunk Cloud Platform's visibility into multiple environments offers excellent monitoring capabilities, whether I am using it in the cloud, on-premises, or in hybrid environments."
  • "What I find challenging about Splunk Cloud Platform is that it occasionally has a steep learning curve for new users."

What is our primary use case?

I have been working in my current field for two years.

My use cases for Splunk Cloud Platform involve various applications that enhance data management and security.

I use it to streamline operations and improve analytics.

What is most valuable?

What I appreciate most about Splunk Cloud Platform is its intuitive user interface, which makes navigation and data analysis efficient.

It has a favorite feature in its reporting capabilities, allowing me to generate insightful reports easily.

What needs improvement?

What I find challenging about Splunk Cloud Platform is that it occasionally has a steep learning curve for new users.

The platform could improve by offering more comprehensive onboarding resources and tutorials.

For how long have I used the solution?

I have been working with Splunk Cloud Platform for six to eight months.

Buyer's Guide
Splunk Cloud Platform
June 2026
Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,146 professionals have used our research since 2012.

What do I think about the stability of the solution?

Regarding stability, Splunk Cloud Platform performs well with minimal lagging or crashing issues.

What do I think about the scalability of the solution?

Regarding scalability, I find that Splunk Cloud Platform is highly scalable, accommodating growing data needs without major issues.

How are customer service and support?

I have had to contact technical support for Splunk Cloud Platform before, and my experience was quite positive.

If I were to put the technical support on a scale from one to ten, I would rate it an eight for the support.

How was the initial setup?

The initial deployment of Splunk Cloud Platform was somewhat challenging but manageable.

It had complexities that required careful configuration.

Which other solutions did I evaluate?

As for alternatives, I have used other data analytics tools before, but none quite match the capabilities of Splunk Cloud Platform.

I definitely prefer Splunk Cloud Platform more due to its superior features and support.

What other advice do I have?

I think the app ecosystem for Splunk Cloud Platform is robust, and managing updates within this app ecosystem is relatively easy.

Splunk Cloud Platform's visibility into multiple environments offers excellent monitoring capabilities, whether I am using it in the cloud, on-premises, or in hybrid environments.

I leverage it primarily for cloud infrastructure.

Regarding Splunk Cloud Platform's zero-setup feature for AI models, my impression is that it is truly innovative and simplifies the integration of AI into my workflow, although I have not used it extensively.

Regarding the pricing, I think Splunk Cloud Platform is on the higher end, but the value it provides justifies the cost.

I would rate this product an eight overall.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 6, 2026
Flag as inappropriate
PeerSpot user
UzairKhan - PeerSpot reviewer
Business General Manager at Mutex Systems
Reseller
Top 5
May 9, 2025
AI-driven analytics significantly enhance operational decision-making
Pros and Cons
  • "The real-time search capability of this product enhances operational decision-making, and it's very convincing."
  • "The disadvantage of Splunk Cloud Platform is that its integration process should be improved."

What is our primary use case?

Currently, I am working with Splunk Cloud Platform and other things for my clients.

I have been working with Splunk Cloud Platform for around 2 years now while integrating it.

What is most valuable?

What I appreciate about Splunk Cloud Platform is that it's an AI-driven SIEM platform, and for data fusion stock, we require Splunk Cloud Platform because none other than Splunk Cloud Platform can have this data-driven stock implemented; it allows you to get into the data repository.

The real-time search capability of this product enhances operational decision-making, and it's very convincing; this aspect is very convincing from Splunk Cloud Platform's side.

What needs improvement?

The disadvantage of Splunk Cloud Platform is that its integration process should be improved.

The challenges I have encountered while integrating Splunk Cloud Platform include that integration is a bit difficult due to the coding required for the integrations.

For how long have I used the solution?

I have been working with Splunk Cloud Platform for around 2 years now while integrating it.

What was my experience with deployment of the solution?

I would say that it was a bit difficult to deploy Splunk Cloud Platform; the user interface is easy, but deployment is difficult because it needs coding to integrate things.

What do I think about the scalability of the solution?

I think it's a scalable solution; it's pretty much scalable.

How are customer service and support?

I can rate the technical support of Splunk Cloud Platform as eight; they are quite helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are system integrators, but the client chose another vendor instead of NNTT.

How was the initial setup?

The deployment took around 3 to 4 months.

What about the implementation team?

Three people took part in deployment from my side.

It was indeed a huge deployment; it was one of the banks in Pakistan, so we required three resources to get it done.

What was our ROI?

Splunk Cloud Platform has impacted operational costs; it's a bit expensive, but it provides value for money.

What's my experience with pricing, setup cost, and licensing?

If I were to rate the price for the product from 1 to 10, I would rate it nine.

What other advice do I have?

I am currently working with the solution, but I need to know from which NNTT.

The interface is okay; its interface is good, and user interface is good.

I would recommend Splunk Cloud Platform to other users and organizations because it adds value to the organization; you can do different things with it because it's a pure analytical tool, not only a SIEM tool.

I am mostly focused on Splunk Cloud Platform because I chose this vendor due to the feature set that was offered by Splunk Cloud Platform; it was not being offered by any other vendor.

Splunk Cloud Platform is the vendor I am referring to, not NNTT.

Maintenance for Splunk Cloud Platform has been done manually, not automatically.

Usually, one person takes part in maintenance.

Regarding the number of users for Splunk Cloud Platform, it involves discussing the number of organizations or the number of people working in those organizations.

In general, I would rate Splunk Cloud Platform a nine.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
Buyer's Guide
Splunk Cloud Platform
June 2026
Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
904,146 professionals have used our research since 2012.
Mark Furman - PeerSpot reviewer
Security Engineer at White Lodging
Real User
Jul 3, 2024
Offers real-time threat detection by continuously analyzing incoming logs and correlations
Pros and Cons
  • "The most valuable feature is the SPL because without it we wouldn't be able to correlate and build our use cases and manage what we have for our data inside Splunk."
  • "The Splunk Cloud Platform deployment process could be improved to reduce the time required."

What is our primary use case?

We use the Splunk Cloud Platform for phishing correlations, sifting through data loss prevention information in P2, and threat reporting.

How has it helped my organization?

The Splunk Cloud Platform has improved our observability. We can see a lot more information both good and bad, but at least we have the information.

It is important that Splunk Cloud Platform has visibility into our cloud-native environments. It comes to observability. And with the visibility, we're able to link, especially with our cloud environment, with Azure the correlations for threat reporting, correlations for account breaches, and correlations for compromised data ex-filtration that's going in and out.

Splunk Cloud Platform has improved our mean time to resolution. It stepped down our investigation times. An investigation that used to take ten minutes is now down to five or six minutes per incident.

It offers real-time threat detection by continuously analyzing incoming logs and correlations. These trigger pre-defined alerts, and any suspicious activity will be reported within five or six minutes.

Splunk Cloud has saved costs through time savings. I can focus that time on other tasks improving productivity.

We saw time to value within the first month of implementing the Splunk Cloud Platform.

Splunk Unified Platform helps consolidate networking, security, and IT observability tools. We're primarily focusing on the security area and building out the correlations. We haven't moved to the infrastructure side yet. That is something we have on our company roadmap. 

What is most valuable?

The most valuable feature is the SPL because without it we wouldn't be able to correlate and build our use cases and manage what we have for our data inside Splunk.

What needs improvement?

The Splunk Cloud Platform deployment process could be improved to reduce the time required.

For how long have I used the solution?

I have been using Splunk Cloud Platform for three years.

What do I think about the stability of the solution?

I have not experienced any downtime with the Splunk Cloud Platform.

What do I think about the scalability of the solution?

Splunk Cloud Platform is highly scalable.

How are customer service and support?

The customer support is quick and helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had an old SIEM through our MSSP Trustwave and through them, we migrated to Splunk.

We made the switch to Splunk because of the usability, and observability. We can build out the product a lot better. We're able to customize it and mold it to our environment.

How was the initial setup?

The deployment took 30 days to complete.

What about the implementation team?

Trustwave and Splunk helped us implement the Splunk Cloud Platform. I was highly satisfied with Trustwave. They were the ones that sold us on Splunk initially.

What was our ROI?

We have seen ROI through metrics, data points, observability, and time saved. The observability provides visibility into our environment, allowing us to see real-time events and threats in our network and act on them faster.

What's my experience with pricing, setup cost, and licensing?

The pricing was negotiated through Trustwave and for our first contract in three years, we got a good deal.

What other advice do I have?

I would rate the Splunk Cloud Platform ten out of ten. I'm satisfied with what Splunk offers and where it's going, I see the growth path and am happy with that. Splunk answered a lot of what I would like to see in the platform and shortly they will be implementing those things. The platform is stable, can be accessed from anywhere, is easy to use, provides the information we need, and is super powerful.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company has a business relationship with this vendor other than being a customer. End user
PeerSpot user
reviewer2499573 - PeerSpot reviewer
4 System Engineer at a religious institution with 10,001+ employees
Real User
Jul 7, 2024
Helps improve visibility, reduce administrative work, and save costs
Pros and Cons
  • "Splunk Cloud has helped us to be able to focus on getting more information out of our data."
  • "We're interested in learning more about the new AI features, especially the natural language to SPL conversion."

What is our primary use case?

Our security team uses the Splunk Cloud Platform heavily. We index that data that is relevant to security for over a year. Most of our indexes, we only keep for 30 to 45 days. But for security, we keep it for a year here. It is an essential tool for our security team in investigating incidents and looking at the potential compromises, and exploits, of all those types of things. That's one example.

I'm one of two Splunk Engineers in the organization and almost every department uses Splunk. We create dashboards for different organizations. For example, We have temples all over the world. We produce statistics for the temples about how many people have visited each day, and how many sessions were done in different languages. That type of thing is all done through Splunk dashboards. Our missionary department has over 80,000 missionaries all over the world, statistics about what they are doing and the applications they are using are all done through Splunk.

How has it helped my organization?

Splunk Cloud Platform helped remove a lot of that administrative work, but also, it's much easier on the cloud for us to ramp up our SVC units if we see more demand and to be able to add more storage to our indexers. That's one thing for us as administrators that helps to be able to ramp it up quickly. When we were using Splunk Enterprise, that was a much more involved process, but now with Splunk Cloud, it's much easier to ramp that up. My partner and I are good at making sure that all of our users are using Splunk efficiently. We give them training regularly to make sure that their queries are well written, that they're not using indexes they shouldn't be, and that they're using the proper commands to be able to get the information they want. We do have to do this periodically because more and more of our users are using Splunk frequently, and we'll have to talk to a Splunk rep to increase our SVCs. For us, as administrators, that's very helpful.

We monitor multiple cloud environments using Splunk Cloud. It's been quite easy for us. We have an in-house Cloud Foundry and we use AWS and Azure quite a bit. We haven't had problems integrating or monitoring with any of those platforms. It's been great for us.

The end-to-end visibility that Splunk Cloud Platform has in our cloud-native environments is important. We do a lot of correlation across the entire enterprise. We need to have good visibility into all of our logs across all of our cloud Platforms, and in-house on-premise stuff, which we're getting with Splunk.

We use a lot of different monitoring tools, not just Splunk. We use Nagios, ThousandEyes, AppDynamics, and Dynatrace. Splunk is an important part of that. It is a mission-critical application for us. The alerts we set up in Splunk are ones we can't do with the other tools. Every one of those tools is a key piece of what we do as a monitoring team, but what we love about Splunk is that we can create alerts that we can't do with the other tools. That has helped us reduce our mean time to resolution.

The Splunk Cloud Platform has helped improve our organization's business resilience. Splunk helps predict, identify, and solve problems in real-time. What we love about Splunk is its flexibility to pull out data that we can't see in other applications or that the commercial office software has not produced itself. But through the logs and being able to adjust it to Splunk and being able to write the queries that we need to, we can pull that data out, and it helps us to be much more efficient in predicting potential problems because we know our applications well and know the red flags to watch for. We can create the alerts needed to predict when something can potentially go down or have problems.

We have seen cost efficiency by switching to the Splunk Cloud Platform. The biggest part for my partner and me is that Splunk Admins saves us time. I used to be the guy who would patch all of our enterprise indexers, servers, and distribution servers. That would take me quite a bit of time. Even though we had automated scripts that would do a lot of that, it still took a fair chunk of time to go out and do the maintenance and patching required. That freed up a lot of our time, made us a lot more efficient, and allowed us to work on other projects we couldn't do before. I do front-end development for some other products, but I didn't have the time before, and switching to Splunk Cloud has freed us up. Being able to ramp up our SVCs and storage is much easier than it was before. We had to spin up virtual servers, provision them, and ensure licensing. With Splunk Cloud, it's much faster and easier. The total cost of ownership has improved.

What is most valuable?

Before we started using Splunk Cloud, we were using Splunk Enterprise. My partner and I were spending quite a bit of our time keeping the servers patched, up to date, and running the way that we wanted them to. Now that's all gone with Splunk Cloud. That has freed up a lot of our time so that I can spend most of our time helping people, learning SPL, and helping them with their dashboards, alerts, and reports. Splunk Cloud has helped us to be able to focus on getting more information out of our data. Whereas before, we were doing mostly administrative stuff. Now we don't have to do that anymore.

What needs improvement?

We're interested in learning more about the new AI features, especially the natural language to SPL conversion. While we jokingly worry these features might replace us, our main focus is helping users understand Splunk and build dashboards. We're curious how these AI features will integrate into our work, how many people will use them, and if there will still be a need for our Splunk expertise. Overall, we're excited to see how AI will impact our work.

For how long have I used the solution?

I have been using Splunk Cloud Platform for three years.

What do I think about the stability of the solution?

Splunk Cloud Platform has been extremely stable. In some of the major upgrades, like, when we switched over to version nine there were a few hiccups that caused performance slowdown, but as far as stability, it's been great. In the last year, it's been extremely stable and very performant. It's just in the months after some of the changes over to version nine, we had a few problems, but nothing since then.

What do I think about the scalability of the solution?

We have no concerns about scalability. We frequently upgrade the number of SVC units we require. We're using Splunk Cloud enterprise-wide. We're getting more and more departments using Splunk or asking to use it. Everything is on Splunk on a basic level. Security is a big deal. All our virtual servers, cloud environments, and everything that ties into security are already being adjusted to Splunk. As far as the application level, people want to get more information out of their application or data. We don't have problems, questions, or concerns about scalability. We know it's there.

How are customer service and support?

We have a big instance in the cloud, and we have occasionally had a few issues here and there that took some time to resolve. For the most part, the customer service and resolution of issues have been very responsive from Splunk. We just had a handful of issues here and there but for the most part, the support has been good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have been using Splunk for many years. Before Splunk Cloud, we were using Splunk Enterprise.

How was the initial setup?

The deployment was straightforward because we migrated from Splunk Enterprise on-premises to the Splunk Cloud Platform.

What about the implementation team?

We used an in-house Splunk consultant who worked with us for six to nine months to transition from Enterprise. He was efficient but it was a big process. It took at least six months to fully transition over because of our big footprint.

What was our ROI?

We saw a return on investment when we switched to the cloud platform from Enterprise. We were able to consolidate everything with the cloud.

What's my experience with pricing, setup cost, and licensing?

We were involved in the renewal process, and our organization does reviews of all our partnerships that we have every two to three years to ensure they are meeting our needs, there isn't a better solution out there, and we won't save money by going somewhere else. It's usually a four to six-week process when reviewing software and partnerships, and every time we go through Splunk, the review only lasts one day. We love Splunk and we're not switching.

What other advice do I have?

I would rate Splunk Cloud Platform ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Chief Executive Officer at ENAD
Real User
Top 5
Feb 26, 2026
Security monitoring has improved and provides timely alerts for cyber threats
Pros and Cons
  • "Splunk Cloud Platform's ingest and visualization features help with data reporting, and the platform's alerting mechanism is valuable, as there is software that makes alarms in case of attacks."
  • "I think that Splunk Cloud Platform is good, and I rate it seven or eight."

What is our primary use case?

Splunk Cloud Platform is used as a way for companies to enhance their cybersecurity and ensure security. In cybersecurity, it is important to protect against all malwares, and the platform is effective in searching vulnerabilities or searching threats.

What is most valuable?

Splunk Cloud Platform's ingest and visualization features help with data reporting. The platform's alerting mechanism is valuable, as there is software that makes alarms in case of attacks. Splunk Cloud Platform is used as a way for companies to enhance their cybersecurity as a question of security to ensure the security.

What needs improvement?

I think that Splunk Cloud Platform is good, and I rate it seven or eight.

For how long have I used the solution?

We have worked with Splunk Cloud Platform for approximately three years. We have also been working with Splunk Observability Cloud for approximately three years.

What do I think about the stability of the solution?

Splunk Cloud Platform is a good platform for us.

How are customer service and support?

The technical support of Splunk is good as well, and they are helpful.

How would you rate customer service and support?

Positive

What was our ROI?

Implementation has some benefit for the company.

What's my experience with pricing, setup cost, and licensing?

We think that the price of the product is quite reasonable.

What other advice do I have?

We have clients that use Splunk, but we do not use Splunk ourselves. As a person with deployment experience, I find it difficult to answer the question about implementation because we are obliged to have a platform. There are many platforms, and the implementation is not simple, but we have no special difficulties with Splunk. We think that integration of Splunk Cloud Platform with third-party tools is easy to implement. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Integrator
Last updated: Feb 26, 2026
Flag as inappropriate
PeerSpot user
reviewer1901115 - PeerSpot reviewer
Network Infrastructure Manager at a educational organization with 1,001-5,000 employees
Real User
Jul 7, 2024
Has good analysis and visualization features and saves costs and time
Pros and Cons
  • "We use Splunk Cloud primarily as a troubleshooting tool, so the most valuable features are the analysis and visualization."
  • "I want to have the ability to process the ingestion before it is sent to the back end and Splunk just announced that the feature is coming, so now it just needs to be released."

What is our primary use case?

We use the Splunk Cloud Platform to log all the network devices, whether it's switches, routers, firewalls, wireless controllers, wireless access points, and applications such as MuleSoft or Adobe AEM. 

How has it helped my organization?

The team I manage is small and we don't have much time to maintain the on-prem infrastructure with patches and updates. With Splunk Cloud, we don't have to worry about patches or upgrades. It's always up to date with the latest and greatest features. That's the biggest benefit for us so far. It saves us time and headaches that come along with all the upgrades, patching, and administration of the Platform in general.

Splunk Cloud Platform has more features than the on-premise Splunk Enterprise version that we previously used. My team seems to like the GUI better.

Splunk Cloud Platform's ability to provide end-to-end visibility into our cloud-native environment is extremely important because we don't have any tool that has that feature.

It has sped up our mean time to resolve by 40 to 50 percent compared to the on-premise version of Splunk.

Our on-premises setup used an outdated Splunk version on aging Red Hat seven hardware. Upgrading would have required new Red Hat eight systems and consultant deployment expertise. By going to the cloud, we don't have to worry about hiring consultants or upgrades. That saved us time and money. The pricing that we were given was the same as renewing our maintenance and support for our on-prem version. So it was a no-brainer decision.

As soon as we migrated, my team liked the GUI because it made them more efficient. There are more functions and features that are not available with the on-premise version of Splunk.

What is most valuable?

We use Splunk Cloud primarily as a troubleshooting tool, so the most valuable features are the analysis and visualization.

What needs improvement?

Areas of improvement for Splunk Cloud Platform are difficult to say because we're still learning about the platform. I want to have the ability to process the ingestion before it is sent to the back end and Splunk just announced that the feature is coming, so now it just needs to be released.

For how long have I used the solution?

I have been using the Splunk Cloud Platform for three months.

What do I think about the stability of the solution?

Splunk Cloud Platform is stable.

What do I think about the scalability of the solution?

Splunk Cloud Platform is easily scaled on the cloud.

How are customer service and support?

The few times we reached out to technical support, they were helpful and able to address the issues.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used Splunk Enterprise and wanted to stick with Splunk because we feel it is the best product. So switching to the Splunk Cloud Platform was an easy decision for us.

How was the initial setup?

The deployment was not difficult. We had consultants helping us. We thought it was going to take three weeks to migrate from on-premises to the Cloud, and it took half that time. It was a lot easier than we anticipated. And we were able to do most of the work ourselves without using the consultants.

What about the implementation team?

We used Bitzios Consulting to help us with the implementation.

What was our ROI?

By moving to the Splunk Cloud Platform we saved on having to hire consultants to build a new environment and install it on-premises.

What's my experience with pricing, setup cost, and licensing?

The price for Splunk Cloud Platform is the same as our maintenance costs for Splunk Enterprise on-premises.

What other advice do I have?

I would rate Splunk Cloud Platform nine out of ten. Splunk Cloud offers several advantages in terms of ease of use. Since it's cloud-based, there's no need to worry about infrastructure maintenance, availability, or scalability. New features are automatically available, eliminating the need for manual upgrades and potential downtime that can occur with on-premise installations.

We have AWS and GCP but are using the Splunk Cloud Platform to monitor only the AWS for now.

While we currently use Splunk Cloud, we don't have Splunk security. We plan on implementing Splunk security and that's also going to integrate with all of our Cisco equipment. For now, I can't say that Splunk's unified platform has helped consolidate networking, security, and IT observability, but soon, it will because we'll be able to have one source, one point of reference for all of our logging and security information instead of managing separate tools for different tasks. Once we implement Splunk Security, it will be one single pane of glass where we will have everything.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Ritesh Vishwakarma - PeerSpot reviewer
Project Manager at Crest Data Systems
Real User
Top 5
Sep 11, 2024
Gives us better buffering performance and lower latency if we use the right components
Pros and Cons
  • "In an enterprise, you need a universal or heavy forwarder. If you don't have that, you need an HSE token or API request call and all the different components. In Splunk Cloud, you just have one instance to search all the data in your index. You don't need to manage it because Splunk handles that."
  • "First-time users may struggle with the user interface. When I first used Splunk, I entered my username and password. After that, we get a dashboard on the left side with apps. At the top, you can click the gear icon to view the settings. Within those settings, there's a distributed console option with several settings. It's a bit overwhelming for a beginner. The user knows what they want and can search for it in the search bar. If I see several apps, my first instinct is to scroll down to find the app, or perhaps you will find that search and report. That bugged me when I was learning."

What is our primary use case?

One client wanted their data in a readable format. He was in the UK, but his data center was in the US, so he tried to forward his data to the indexer. Because of the time zones, he faced some time stamping issues. They reached out to us to open a case that got assigned to me.

I learned which US time zone the data center was in and set the time stamps in the future. We changed the preferences to convert it into GMT so that whenever the data is onboarded to the indexes via universal or heavy forwarder, we can fetch the data in real-time.

We primarily use virtualization and deploy in Docker containers. We seldom use any physical servers. It's mostly deployed in a cloud environment or a virtual machine. It's typically Docker but sometimes Azure.

How has it helped my organization?

Splunk Cloud saved us a lot of money because we're working with databases like MongoDB and Oracle and using Splunk as a sync tool. It has its own indexes that cut costs by 15 to 20 percent. 

It also improves our decision-making process. In one scenario, we compared the client's data from last year to this April and saw the year-on-year profit and loss. We could see which projects were successful. Compared to another SIEM or monitoring tool, it saved us time because the data is presented in a clean, customizable dashboard. 

What is most valuable?

In an enterprise, you need a universal or heavy forwarder. If you don't have that, you need an HSE token or API request call and all the different components. In Splunk Cloud, you just have one instance to search all the data in your index. You don't need to manage it because Splunk handles that. 

If you are using Splunk Enterprise, you need to understand, from A to Z, how the indexes and searches work and where the data is coming from. Splunk Cloud has a beautiful, user-friendly UI that lets you navigate all the settings.

It doesn't matter where the data comes from for integration. The dashboard gives you a brief overview. 

When we're onboarding all that data using heavy forwarders, Splunk gives us better buffering performance and lower latency if we use the right components. If I use a light or universal forwarder, it often doesn't parse on the other end. Our projects use heavy forwarders and put those data into the index services while defining which indexes they should index. We are also micromanaging where that data should be. 

The reporting is good so far. Sometimes, I help my clients improve their user experience. As an engineer, I would suggest that if a solution has back-end compatibility, clients should get out of their comfort zone and customize another app to create a dashboard or something else.

What needs improvement?

First-time users may struggle with the user interface. When I first used Splunk, I entered my username and password. After that, we get a dashboard on the left side with apps. At the top, you can click the gear icon to view the settings. Within those settings, there's a distributed console option with several settings. It's a bit overwhelming for a beginner. The user knows what they want and can search for it in the search bar. If I see several apps, my first instinct is to scroll down to find the app, or perhaps you will find that search and report. That bugged me when I was learning.

Application support is another problem. We created a custom Palo Alto app that isn't fully supported by the latest version of Splunk. We had to downgrade to older versions to use the custom app properly. That was one problem we faced daily with one client. 

For how long have I used the solution?

I have been using the Splunk Cloud Platform for two years.

What do I think about the stability of the solution?

I rate Splunk Cloud seven out of 10 for stability. 

What do I think about the scalability of the solution?

I rate Splunk Cloud eight out of 10 for scalability.

How are customer service and support?

I rate Splunk support six out of 10. They're knowledgeable, but their response times are sometimes slow. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We have Prometheus, but that only monitors Grafana and shows you a dashboard. Splunk is not just monitoring or grabbing data you search for. I've worked with cloud and enterprise. When we started using Splunk Cloud, we used it more like a dashboard to search data. Based on my understanding, I could create applications. 

After moving into the enterprise side, I understood Splunk even more, including its components, bucket lifecycles, and how the indexes and configurations work. It's not simply transferring data from one to another. I can grab data from any system that consists of raw data. Splunk can also identify those data in the timestamp index form. We don't have any other vendors to compare it to. 

How was the initial setup?

Deploying Splunk Cloud Platform is straightforward unless you use an automation tool like Ansible, Puppet, or Chef. It takes four to five hours. Installation can take a day in some cases, but it typically can be completed in less than five hours unless you're dealing with more complex data.

What's my experience with pricing, setup cost, and licensing?

Splunk Cloud is affordable, depending on your license. I don't know how much it costs exactly, but my colleague said it depends on your licensing and which features you use. 

What other advice do I have?

I rate Splunk Cloud Platform eight out of 10. I would recommend this product. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. partner (consultant)
PeerSpot user
reviewer2499597 - PeerSpot reviewer
IT Lead at a manufacturing company with 201-500 employees
Real User
Jul 7, 2024
Helps predict, identify, and resolve problems in real-time
Pros and Cons
  • "Alerts are a huge benefit because we can customize them to each business unit's needs."
  • "Using basic natural language in English instead of writing a regex expression will be helpful."

What is our primary use case?

Our Splunk Cloud Platform centralizes logs from all OT assets, allowing OT business units to request various insights. These insights can include how often assets cycle down, memory storage usage, or data consumption over time. They can then configure dashboards to receive alerts based on these specific metrics.

How has it helped my organization?

The biggest benefit I have seen using the platform is the alerts because most of our sites are remote in the middle-of-nowhere deserts. If something goes down, they don't have direct eyes on them. Thanks to Splunk's automated alert that notifies us if something is down, we can quickly respond to it before it affects any other systems.

We do have several cloud environments that we're using because we got the Splunk Cloud Platform last month. We are integrating them all into one location, so we are still determining the ease of monitoring all the cloud environments using the Splunk Cloud Platform. Before having Splunk, it was a huge issue because we had to go to different locations. Having it all in one location under Splunk will make it much better for us.

It is important, especially for our cloud team to have end-to-end visibility into our cloud-native environments through Splunk Cloud Platform. The more visibility we have the better it is.

Splunk Cloud Platform has significantly reduced our mean time to resolve because instead of us having to go out to the site or having somebody on the site tell us a few hours later there is an issue, it could be within minutes now that we can resolve the issue. After all, as soon as it goes down, we get the logs, we get notified, and then we can immediately go in and check it out. So it is a significant amount of time that Splunk is helping us reduce for resolution.

Splunk Cloud Platform's ability to predict, identify, and resolve problems in real time has been huge, especially because our business units are operational technologies. They generate revenue for us. That's how our business stays afloat because we're in the energy sector. So If something goes down or if they want a quick dashboard, the biggest thing we're to be using as well besides the alerts is the dashboards showing how quickly we're remediating vulnerabilities and showing where they are vulnerable. That's going to be huge for the business side and will help us a lot.

Splunk Cloud Platform helps consolidate network security and IT observability tools. The cyber group gets all the alerts, but we can direct it to which person we want to send the alert to. That's good because they can go to IT, which is where we're at, Cyber, which can potentially help fix the problem, and then networking too in case something goes down. That is one of the requests is if an on-site asset goes down, the network team can see why it's off the network. So it's good that it spreads out everywhere, and whoever can help fix it can be on top of it.

What is most valuable?

Alerts are a huge benefit because we can customize them to each business unit's needs. Splunk automates the process and sends email notifications directly, which saves me time.

What needs improvement?

The AI features will be a huge improvement for Splunk. Using basic natural language in English instead of writing a regex expression will be helpful. For example, I can tell Splunk AI that I need to get the logs from last week between eight AM and ten PM on a specific asset. Instead of me going in, doing the regex expression, and then having to Google what it is because it's super hard to do sometimes. That is the biggest area for improvement. Hopefully, it will be released soon because that will simplify things for me and non-technical people. 

For how long have I used the solution?

I have been using the Splunk Cloud Platform for one month.

What do I think about the stability of the solution?

Splunk Cloud Platform is stable.

What do I think about the scalability of the solution?

Splunk Cloud Platform can handle terabytes of data.

How are customer service and support?

The support has always been great for the few times I have used it.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment is super easy. We deployed the Splunk Forwarder file and from there, we have a batch file, a PowerShell file, and it runs in the background. The users don't even know it's being installed.

What about the implementation team?

The implementation was completed in-house.

What was our ROI?

In regards to a return on investment, the metrics are the biggest thing. Data is everything. The business units enjoy the dashboards that Splunk Cloud presents. And it is quick to present them.

What's my experience with pricing, setup cost, and licensing?

Splunk Cloud Platform fell within our budget so we pulled the trigger and implemented it.

What other advice do I have?

I would rate Splunk Cloud Platform ten out of ten. All the applications I need are readily available in a user-friendly dropdown menu. Exploring them is a breeze, and the platform's speed is impressive.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Senior analyst in investigations at GlaxoSmithKline
Real User
Jul 8, 2024
Helpful in dealing with malware investigations and anomalies
Pros and Cons
  • "In terms of the benefits of the product, I would say it is my go-to tool."
  • "The expensive nature of the product is an area of concern that needs to be considered for improvement."

What is our primary use case?

I work on corporate investigations and incident response. I use Splunk Cloud Platform to investigate user frauds, cases related to malware investigations, and anomalies.

How has it helped my organization?

In terms of the benefits of the product, I would say it is my go-to tool. Regarding getting all the data from Windows event logs, and considering the other reporting tools we have in our company like Forcepoint, Proofpoint Email Protection, Office 365, or Microsoft Defender, we have to search and get all the data in one place and to do so, Splunk Cloud Platform is super valuable.

What is most valuable?

The solution's most valuable features are search, reporting, and dashboards.

Splunk Cloud Platform is useful in our organization's monitoring of multiple cloud environments involving cloud services like AWS. I cannot speak about the ease or difficulty of using the tool to monitor multiple cloud environments since I am not on the administration side.

Considering the product's ease of use, the tool offers me the ability to search all the data and get it in a format before giving it to an investigator so that they can get it in a format they can understand.

What needs improvement?

The expensive nature of the product is an area of concern that needs to be considered for improvement.

For how long have I used the solution?

I have been using Splunk Cloud Platform for twelve to fourteen months.

What do I think about the stability of the solution?

The product has been pretty stable for me. I have never seen any outages in the tool, and it has been a pretty solid solution.

How are customer service and support?

I have no experience with the solution's technical support team.

Which solution did I use previously and why did I switch?

I was not using any other solution in the past.

How was the initial setup?

I don't know anything about the product's deployment phase.

What's my experience with pricing, setup cost, and licensing?

I know that Splunk Cloud Platform is an expensive product.

What other advice do I have?

I rate the tool a ten out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Raul Lapaz - PeerSpot reviewer
Cloud Sec Eng at a pharma/biotech company with 10,001+ employees
Real User
Aug 24, 2023
Does not require backend maintenance, is easily integrated and utilized
Pros and Cons
  • "The most valuable feature is we don't have to deal with any back-end server maintenance because the solution is cloud-based."
  • "The on-premises version of Splunk includes all the integrations, while the Cloud platform lacks certain integrations and is limited in terms of the number of supported apps."

What is our primary use case?

We utilize the Splunk Cloud Platform for log ingestion related to security and troubleshooting purposes.

How has it helped my organization?

Splunk Cloud Platform helps us with our security incident response. The cloud security logs are integrated with all the cloud providers.

The federated search feature enables us to search between Europe and the US, from one Splunk instance to another, all from a single location. This federated search simplifies how we handle data, making it easy to swiftly search for and manage information.

We monitor several cloud environments and find it easy to utilize the Splunk Cloud Platform for this purpose. Each cloud provider offers its own prebuilt dashboard, or customers can create their own.

The Splunk Cloud Platform offers excellent visibility into multiple environments. In the past, we utilized hybrid integrations, and they seamlessly worked right out of the box.

The reporting functionality provided by the Splunk Cloud Platform resembles that of the on-premise platform. It is readily available without requiring integration or the installation of reporting visualizations.

From a security standpoint, the Splunk Cloud Platform provides us with comprehensive visibility into all security logs. This enables us to implement security incident responses with great efficiency. Additionally, we have discovered that internal employees, such as product teams, are utilizing the platform as intended for various other use cases. For instance, it has proven valuable in troubleshooting performance issues and monitoring within Kubernetes. As such, we are leveraging a wide array of use cases within the company.

Splunk is a highly mature software that has been in the market for many years, which greatly influenced our decision-making process. Another factor was the user-friendly nature of the latest version, making it easy to initiate. We don't require a large workforce for installing components; it's as simple as out-of-the-box. Consequently, minimal time investment is needed for training.

The Splunk Cloud Platform assists us in accessing data to meet critical compliance and privacy regulations. For instance, this is particularly important for regulations such as GDPR and HIPAA. We are utilizing Splunk Cloud with a specific focus on HIPAA compliance, allocating extra attention to this aspect. In the case of GDPR, Splunk offers a range of built-in capabilities. For instance, it allows for log masking. Moreover, there are novel features available in Splunk Cloud, such as ingest actions. This feature is exceptionally useful as it enables us to mask the data before it's ingested into Splunk. Consequently, this approach ensures our adherence to compliance regulations, exemplified by GDPR.

The Splunk Cloud Platform has had a significant impact on our organization's security posture. It serves as our primary visibility tool and is the main source of trust for all login activities. Without Splunk, we would lose essential visibility and access to security updates. Currently, Splunk stands as one of the primary tools we utilize due to its utmost importance.

What is most valuable?

The most valuable feature is we don't have to deal with any back-end server maintenance because the solution is cloud-based.

What needs improvement?

The on-premises version of Splunk includes all the integrations, while the Cloud platform lacks certain integrations and is limited in terms of the number of supported apps.

The Splunk Cloud Platform is not a very mature solution; it has only been on the market for four or five years. While they have made significant improvements, there are still limitations, such as the absence of CLI access. Therefore, there are several limitations that still exist with the CLI. 

The standard support has room for improvement. 

For how long have I used the solution?

I have been using Splunk Cloud Platform for four years.

What do I think about the stability of the solution?

The Splunk Cloud Platform offers 99.9 percent availability, ensuring that we never experience downtime.

What do I think about the scalability of the solution?

I would give Splunk Cloud Platforms' scalability an eight out of ten.

How are customer service and support?

Technical support needs more knowledgeable people.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We used Sumo Logic in the past, but it wasn't an enterprise-grade solution, so it couldn't support the scale we required. Additionally, Sumo Logic lacked support for many integrations. The Splunk Cloud Platform fulfills our scaling requirements and integration needs. Moreover, our team possesses skills that align well with Splunk, making it a better fit for us.

How was the initial setup?

The Initial deployment was very straightforward because we had the skills. But I would not say that this is straightforward without the skills. We need to learn at least the basics. 

The deployment took six months to create this multi-tenant environment because it's a highly specialized setting. It's distinct from a typical Splunk deployment that might only take a day or two. However, the process of configuring, migrating all the data from Sumo Logic to the new Splunk Cloud, and setting up the multi-tenant system along with product dashboards, required approximately six months of effort on our part.

What was our ROI?

We utilize Splunk in a multi-tenant manner, wherein we allocate costs back to the product teams in each department based on their usage. We are a healthcare company engaged in the development of healthcare applications tailored for doctors and hospitals. Splunk plays a pivotal role in assisting us with this endeavor. I would estimate that we have experienced a return on investment of approximately 30 to 40 percent.

What's my experience with pricing, setup cost, and licensing?

The cost of the Splunk Cloud Platform is high, and in addition to the standard licensing fee, we also have a premium support fee.

Now, we are paying less because, instead of being charged based on ingestion, we are paying for SVCs, which stands for Splunk Virtual Compute. This implies that our costs have decreased. Despite ingesting a larger volume of logs, our expenses are lower than they were before. However, it's important to note that if our usage of the tool increases, our expenses will also increase. Therefore, this represents a distinct licensing model from Splunk's.

What other advice do I have?

I would give Splunk Cloud Platform an eight out of ten. Splunk Cloud has shown significant improvement over the past four years, and I highly recommend it.

We operate two distinct Splunk Cloud platforms: one in Europe and another in the US. These platforms are linked through a federated search. This setup ensures that specific data, such as European data stored in the AWS cloud, is directed to the European Splunk platform, while data from the US Cloud is directed to the US Splunk platform. However, it's worth noting that all users primarily log into the Splunk US Cloud. From this point, they have the capability to transmit data to the Splunk Europe platform.

We have around 400 users. 

The maintenance is primarily conducted by Splunk on the backend, and any on-premises maintenance we perform has been reduced by 80 percent.

The value that Resilience provides for SIEM solutions is significant for us. Therefore, if we inquire with various customers, they might provide different perspectives. However, concerning security, this holds substantial value. I would assert that it's the primary tool in our arsenal; indeed, we do possess other security tools, but the most frequently utilized one, which also delivers the utmost value, is undoubtedly Splunk.

The method to expand a SIEM system is achieved by extending the licenses. This expansion enables greater capabilities, increased log retention, and the ability to process more logs. In our specific scenario, we were previously restricted by the capacity of the ingest license. Our log ingestion was limited to, for instance, one terabyte per day. However, with the introduction of this new licensing model that's based on CPU usage, we now have the flexibility to ingest any amount of data while paying according to our actual tool usage. Consequently, if we intend to expand for additional servers, we simply need to contact Splunk and communicate our requirement for increased server capacity to enhance system performance. This process is streamlined because we aren't required to take any additional actions ourselves.

I would highly recommend Splunk Cloud because we don't require personnel for maintenance or server installation and management, as all these backend tasks are taken care of. Additionally, for those who are currently using a competitor of Splunk for SIEM purposes, I would also recommend transitioning to Splunk if they have the budget for it.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Splunk Cloud Platform Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free Splunk Cloud Platform Report and get advice and tips from experienced pros sharing their opinions.