Splunk Cloud Platform Reviews

My major use case for Splunk Cloud Platform is for SOC, SIEM mostly.

What I like about Splunk Cloud Platform is the easy reading of the dashboards and finding the data, which brought me the biggest benefits.

The alerting mechanism in Splunk Cloud Platform is customizable, so we could adapt it to our needs and assign the right priorities and based on this, define the action.

Visualization features and ingesting in Splunk Cloud Platform helped to improve my data reporting, but that was also a different team that was providing the log ingestion.

Other features that were really great in Splunk Cloud Platform include real-life monitoring, so we could have logs right away, and parsing was fine, so when it was correctly ingested and Splunk Cloud Platform parsed it correctly, then we had no issues with receiving the correct alerts.

Splunk Cloud Platform could improve in how quickly it reacts to users reporting issues.

Splunk Cloud Platform can be complex depending on the log source in terms of deployment.

I used Splunk Cloud Platform for seven years.

Splunk Cloud Platform was stable, and I did not see any performance issues or downtime, although it happened; the issue was that we had to really fine-tune the log quality so that it would not be ingested too much and handled for nothing.

Regarding the scalability of Splunk Cloud Platform, I would say it is scalable, but maybe the pricing may affect the scalability because it may not be that beneficial to onboard too many log sources if they generate too many false positives and then you reach over the limit of the license.

I would rate the technical support for Splunk Cloud Platform probably a three, because there was some support, but I remember that we were using our proxy company to submit it for us because they were bigger and maybe more convincing to Splunk.

The biggest issue during deployment of Splunk Cloud Platform was correct log parsing.

I can describe the impact of integration with third-party solutions in Splunk Cloud Platform as limited experience since I was the only one on the receiving end of it, and I was not integrating it with any solutions or with any other vendors; we also had the company who was supporting us in the configuration part, so we didn't even have to do it fully by ourselves.

I don't see ROI with Splunk Cloud Platform, such as time saving or money saving because I'm security operations, so I don't think in management terms.

I have about the same amount of experience in this domain with SOC solutions, as I haven't worked with SOC SIEM solutions such as Splunk Cloud Platform before, so it's the same. My overall review rating for Splunk Cloud Platform is 8.

For Splunk Cloud Platform, we perform analytics with a large scale of data pipelines and log data. We query logs and build dashboards to support our operational and business insights. We mainly work with Splunk Processing Language to query logs, identify patterns, and support troubleshooting and reporting.

We definitely use the ML toolkit for regression and anomaly detection. We also use Splunk Processing Language, and after the recent update, the new AI feature has been introduced that suggests queries to us. This feature has saved us considerable time.

Regarding native models, we only use the ML toolkit. I am unaware of the other models that Splunk provides. Specifically for the ML toolkit, we use it for anomaly detection and regression. In terms of cloud, we only use the ML toolkit.

I love how everything is handled by Splunk Cloud Platform itself. We do not have to manage migrations, updates, and other maintenance tasks. That is one of the major benefits of using Splunk Cloud Platform.

We definitely contact them and they help us during upgrade times. For example, if we want to upgrade Splunk Forwarder on a cloud instance or a Splunk Indexer in a cloud instance, they definitely assist us.

Splunk Cloud Platform is highly scalable. It is one of the best SIEM tools across the world because it is valuable not only for monitoring but also for security analysis, dashboards, and other features compared to other tools.

For betterment, there is definitely a cost concern. The cost is high, so there should be a somewhat lower cost. I am expecting a more competitive pricing structure from Splunk Cloud Platform, but otherwise it is fine.

We have been working with this solution for the past 14 months.

I experienced stability issues once or twice during an upgrade, but the rest of the time it is fine. It is highly stable and scalable for us.

Splunk Cloud Platform is highly scalable. It is one of the best SIEM tools across the world because it is valuable not only for monitoring but also for security analysis, dashboards, and other features compared to other tools.

The customer service team is quite fast. They take around two to three hours to reply back and they solve our problems.

We have not had any issues regarding maintenance because everything has been handled by the Splunk team itself. That is the best aspect of Splunk Cloud Platform, so we have not experienced any problems so far.

The initial setup was easy for us because we took training from Splunk. It was quite easy for us.

The implementation timeline depends on the use case, whether you are a Splunk Admin or a Splunk Power User. For a Power User, it took around three to four months to learn it. For an Admin's use case, it is very hard and took around a year. You also need certification to prove that you are a Splunk Admin.

The implementation process is quite easy because we have created custom applications regarding the upgrade of Splunk Enterprise Platform. We have another application called Splunk Forwarder through which pre-checks and post-checks are performed by our custom-made application. It is quite easy for us.

We also use Splunk SOAR in addition to Splunk Cloud Platform. My overall review rating for this solution is 9 out of 10.

In the data and analytics domain, I work with Splunk Cloud Platform where we handle system logs and large scale data. I use Splunk Cloud Platform to monitor applications. I analyze logs and then build dashboards that provide real time insight for our technical team.

Splunk Cloud Platform is fully managed, so we do not need to handle infrastructure. The next thing I appreciate is its powerful search using SPL. It is easy to build dashboards in Splunk Cloud Platform and its visualization is also solid.

The alerting mechanisms of Splunk Cloud Platform have definitely helped in proactive issue resolution. Alerting is one of the most prominent features of Splunk Cloud Platform because we have set numerous alerts for daily ingestions. Health monitoring of Splunk dashboards is another valuable feature. We have alerts for thresholds, alerts for users, and alerts for failed logons. For example, if someone is trying to log in more than five times and failing, we have alerts for that as well. This is very useful for us.

Machine learning tools of Splunk Cloud Platform have helped to predict trends in our data. Using machine learning libraries, it is easy for us to analyze data and predict our upcoming data. This makes it pretty straightforward for us in daily operations using the machine learning toolkit.

One aspect I dislike about Splunk Cloud Platform is that cost can become high as data ingestion increases. The initial learning curve for SPL and cloud setup is also difficult for some new beginners.

I have been using Splunk Cloud Platform for the past one year.

Regarding stability, Splunk Cloud Platform does not lag or crash. It is highly scalable and stable for us.

Splunk Cloud Platform is very scalable for us because we conduct day-to-day operations in Splunk Cloud Platform itself. We are increasing our team both horizontally and vertically.

The technical support regarding Splunk Cloud Platform is good because they are always helpful. Whenever there is an upgrade, we notify them and they upgrade it for us. Everything is straightforward and simple with them. So far, we have had no issues with them.

Since Splunk Cloud Platform is a fully managed service, there is no need to handle servers, upgrades, or maintenance. Everything is managed by Splunk, which makes it pretty straightforward for us to use and complete every everyday task. There is no infrastructure management required and it enables faster development. It is highly scalable for us.

For new users, my advice is that if you are looking for a SIEM tool and you can afford it, then Splunk Cloud Platform is the best SIEM tool you can use because it is highly scalable and solves our day-to-day operations and use case. Everything is available within a single platform. I would rate this solution a nine out of ten.

I use the Splunk Cloud Platform for security monitoring. My company is a technology company with over 40,000 employees.

The Splunk Cloud Platform offers easy data ingestion and a user-friendly interface for product teams, particularly for straightforward log shipping.

Splunk Cloud Platform offers easy integration due to its robust and well-documented APIs. These allow seamless integration into existing pipelines and other products and the flexibility to create custom integrations as needed.

Splunk Cloud Platform helps access data for compliance and privacy regulations. While some manual work remains, it assists with meeting compliance and regulatory requirements, especially regarding logging, reporting, and monitoring, solidifying its position as the industry standard.

The most valuable feature of Splunk Cloud Platform is its robustness and ability to ingest logs.

Splunk Cloud Platform needs improvement in its security offerings, specifically in cybersecurity. It has not kept pace with competitors over recent years, and integration with the Cisco ecosystem after Cisco's acquisition of Splunk has also been slow. The product should incorporate more readily available features, especially in security monitoring.

The federated search feature is costly.

Extracting meaningful insights beyond essential log data proves challenging due to the product's reliance on manual processes. Users must manually configure detections, develop logic for insights, and manage dashboards. While the product boasts numerous out-of-the-box capabilities, these often require extensive modification to align with specific user needs, limiting their practical applicability.

Splunk Cloud Platform doesn't inherently provide visibility as a standalone product. It's a platform for building custom visibility solutions. We need to feed it data and then write logic to define what insights we want to extract. While pre-built solutions might be available in the marketplace, Splunk doesn't offer out-of-the-box visibility. If we know our requirements, we can utilize code and research to create custom dashboards, but it requires effort and expertise.

The pre-built reports in Splunk Cloud Platform are generic and require manual adjustments to extract specific, granular information, which requires the user to be knowledgeable.

I have been using the Splunk Cloud Platform for over ten years.

The customer service and support for Splunk Cloud Platform are mediocre and often hit or miss. Premium support is costly and may not always provide a satisfactory experience, as even the support engineers can sometimes be stumped.

Neutral

The initial setup of the Splunk Cloud Platform is straightforward. Professional services are available to assist in deployment, including setting up Splunk forwarders and building data models. With adequate support, full deployment can be efficiently achieved.

Full deployment is a lengthy process, but achieving 50 percent deployment can be achieved within one to two quarters.

Deploying Splunk Cloud may require different resources depending on the size of the data ingested daily. Two to three people may be sufficient for smaller terabyte ingestion, whereas a team of four to five might be needed for larger ingestion.

The return on investment with Splunk Cloud Platform has been poor. There is a significant possibility we will be replacing it in the next quarter or two.

Splunk Cloud is considered too expensive, with its two product offerings both being costly. I would rate the cost an eight out of ten, with ten being the most costly.

Splunk Cloud Platform is not impacting a lot of decisions. But if we write very good reports and dashboards, then we can derive insights from them for leadership to make concrete decisions on. So we have to do the legwork to get that output.

While Splunk Cloud Platform may not be a significant factor in decision-making, generating high-quality reports and dashboards can provide valuable insights for leadership to take concrete action. However, we must dedicate ourselves to the necessary work to produce those impactful outputs.

I would rate Splunk Cloud Platform a five out of ten due to its gradual decline over the last few years. While I would have rated it an eight out of ten four years ago, its performance and features have deteriorated, leading to my current lower rating.

I have been working in my current field for two years.

My use cases for Splunk Cloud Platform involve various applications that enhance data management and security.

I use it to streamline operations and improve analytics.

What I appreciate most about Splunk Cloud Platform is its intuitive user interface, which makes navigation and data analysis efficient.

It has a favorite feature in its reporting capabilities, allowing me to generate insightful reports easily.

What I find challenging about Splunk Cloud Platform is that it occasionally has a steep learning curve for new users.

The platform could improve by offering more comprehensive onboarding resources and tutorials.

I have been working with Splunk Cloud Platform for six to eight months.

Regarding stability, Splunk Cloud Platform performs well with minimal lagging or crashing issues.

Regarding scalability, I find that Splunk Cloud Platform is highly scalable, accommodating growing data needs without major issues.

I have had to contact technical support for Splunk Cloud Platform before, and my experience was quite positive.

If I were to put the technical support on a scale from one to ten, I would rate it an eight for the support.

The initial deployment of Splunk Cloud Platform was somewhat challenging but manageable.

It had complexities that required careful configuration.

As for alternatives, I have used other data analytics tools before, but none quite match the capabilities of Splunk Cloud Platform.

I definitely prefer Splunk Cloud Platform more due to its superior features and support.

I think the app ecosystem for Splunk Cloud Platform is robust, and managing updates within this app ecosystem is relatively easy.

Splunk Cloud Platform's visibility into multiple environments offers excellent monitoring capabilities, whether I am using it in the cloud, on-premises, or in hybrid environments.

I leverage it primarily for cloud infrastructure.

Regarding Splunk Cloud Platform's zero-setup feature for AI models, my impression is that it is truly innovative and simplifies the integration of AI into my workflow, although I have not used it extensively.

Regarding the pricing, I think Splunk Cloud Platform is on the higher end, but the value it provides justifies the cost.

I would rate this product an eight overall.

We pull in information from cloud resources like AWS and Azure, and we just recently got into GCP. Just pulling data directly from there was a little bit easier than trying to do it from on-prem. We can now do that a little easily.

We have a lot of cases where business units that were not even in Splunk got compromised for whatever reason. We could get security logs from those and import them directly, more quickly, and easily with Splunk Cloud. We have had several use cases directly with that. In our company, we do not monitor logs from laptops. We have had issues with users getting compromised on our laptops. We could get the data logs from there.

I also use it to monitor my universal forwarders so that I can see what versions they are on. We had CVEs coming out on the universal forwarders. We had to replace them. I have dashboards to keep track of our progress as we are migrating and upgrading all those agents.

The biggest, heaviest use of Splunk Cloud Platform for us right now is people going and looking at our firewall logs to find the denies and to find out which firewall is being blocked. We are a medium-sized company. We are so segmented with all the PCI and SOC 2 compliance audits that we have. We have segmented everything. We have so many firewalls that there is always another firewall down the line that is blocking. The firewall team is in there every day and all day long, and then we have other teams that go in there to see if the issue that they are having with their app is a firewall issue or not.

I have done health checks several times now, and those have been very valuable in getting more information about what is going on in my platform. There are also recommendations on what is going on in my environment. Sometimes when it says something, I already know that, and when I explain why, it knows that I am aware of it. It knows that it has to be that way for compliance reasons or there are certain break glass accounts that we have to have in case our Okta is offline. It points out things like that. 

One of the things we had to do was find out how much Splunk on-prem was costing us because we had so many different groups. We had the storage group, and then we had the hardware team. The indexers and the search heads were physicals. That was being handled by the data center teams, which bought all the hardware, and then we had the virtual servers. Everything else was virtual. That was still owned by us, which is fine, but then we had storage, so we did not know the full cost. As I am trying to migrate from one data center to another, the teams do not want to buy. They do not want to migrate hardware. They want to buy new hardware, which, of course, is a cost to their department. They are a group but not our group, so we wanted to go to Splunk Cloud. We had to first find out how much the total cost of Splunk was for our company so that we could show that moving to Splunk Cloud was going to save the company money, which it did. It saved at least a million dollars a year. We are oversized in some areas, and we are running pretty close in the other areas. It is saving us money in the long term.

We monitor multiple cloud environments. We have data in multiple clouds. We have AWS, Azure, and GCP, as well as our own on-premise that is technically a cloud or our own personal private cloud. We are a cloud customer for our clients. We are in four different environments. It has been fairly simple to monitor multiple cloud environments using Splunk Cloud Platform. The documentation and the TAs have been updated and tell you which piece is what. You see no difference between a client ID, tenant ID, a secret, a key, and the tokens. That has been very handy. We had an incident where there was an S3 bucket somewhere, and one of our teams was unable to communicate with the Cloud Infrastructure team. It was set up as a file share only instead of another type, which was not available in the TA. That was not an option, so that became a challenge. We had to work with them, and they basically had to rebuild that bucket because you cannot just add it as a function to that bucket. They made a whole new bucket and put the logs in there. That was a challenge, but other than that, it has been very smooth and easy. We have had teams that had incidents. They took all the data and put it into an S3 bucket, and it took that right in.

Splunk Cloud Platform has helped reduce our mean time to resolve because they can get the data in faster. I have even automated things. We have a Python script. I can take CSV files and send them to the endpoint and just pop them with all the data they need to do their evaluations, such as if they went to bad sites. They can see all that information. I can get that in quickly. With on-prem, I could do that, but it had to run through so many hoops because of the PCI requirements that our company has. It is still PCI-compliant, but it is just so much easier to work with. I know we have had mean times of 60 days. We are reducing it to one or two weeks now, so it is getting a lot better.

Splunk Cloud Platform has helped improve our organization’s business resilience. That was something with which I have had issues with the on-prem. I have had issues with an index. It could be a hardware issue, a software issue, or an OS issue. By having Splunk Cloud Platform, everything has been a lot more stable. I do not have as many worries or problems there. I have fewer things. I can even troubleshoot on my side if it is a heavy forwarder. That is on me, but there are a whole lot fewer things to look at and worry about. It took away a lot of headaches.

In terms of Splunk’s ability to predict, identify, and solve problems in real-time, real-time is a touchy word because being real-time means you are indexing directly. There are a few people in my company who have or are allowed real-time access, but it is pretty close. It is pretty much within seconds. You have access to all that data, so it has been handy. I had to explain to the teams how searches work in the background. If you are running a search every 5 minutes, it sounds great, but if there is any kind of delay in the data, you can miss something, so 15 minutes is a little better, but still, you are seeing things within minutes and getting alert about them. We connect to Microsoft Teams and Slack. We are sending things to ServiceNow for the monitoring team. It is 24/7, so if they need something to watch 24/7, there is a group. They are now tied into ServiceNow, so they can get all that data right there in one place for that team, pulling it from different monitoring tools besides Splunk. It is handy to be able to just pop it all in there quickly.

The firewall stuff is huge. Everybody is in there. All day long, people are hitting that dashboard searching for firewall blocks or denies. Sometimes, they access it just to see if it is connecting because we do drop a lot of data. A great thing about Splunk is that we can drop some of the data if we need to when it is ingesting. We do not keep all the connects, but we can see whenever a connection is closed. We can see that the connection had been made successfully and then closed. We are able to see that one way or the other. We can see whether things are being blocked or it is able to connect. That information is handy now. We have a complex network, and there are times when we have routing issues. We can see that there is no route in the logs and say that it is a routing issue. They then bring the network team. The firewall is the front point for all that, but the network team has to work closely.

Just the fact that it is cloud-based is valuable. We are still on the classic one. I am waiting for the VE to come to the GCP. That is where our stack is. It is in GCP. They say it is coming somewhat soon. We will see when that is.

There is the flexibility of not having to manage all the indexes and searches myself. I was doing that with on-prem before. That was quite a bit of work. When you have an issue with an upgrade, you have to upgrade all of that. They are handling that on the backend now. I still have to do my heavy forwarders and my deployment servers, but it is a much lighter load for me on my end as an admin.

For one of the areas I am working on right now, they did an update this week which gave me back something. It was a feature that I have been using, but they took it away last conference. They just gave it back to me now, and I had to go through the setup again to make it work with our Okta. We have had issues with the maintenance windows. Sometimes I get informed about those at the last minute. They are getting better about informing us when they are going to do maintenance, but there were times when they did maintenance, and then I came in the next day and something was broken. They have gotten a lot better about that. I am still working on a couple of issues. They have cases open for them, so they know about them. They are working on them. The communication is getting better. That was an area that had a lot of feedback. I can see that they are accepting the feedback and taking it to heart, which is great.

Some of the Victoria Experience that was rolled out is not yet fully everywhere.

The AI assistant is going to be good, but we are on GCP, so I am worried about how fast it is going to get rolled out and if it is going to be nine months late for the GCP customers or not. That would be a bad thing because that would put a black eye on the whole marketing part of that. The same thing is with the Victoria Experience. They already have a black eye on that one. It has been two years since it came out and they still do not have it on GCP, so they need to get that fixed up. I would like to see the AI assistant feature as it rolls out. That helps with me wanting to roll out ITSI and the O11y suite with them bringing that AI assistant over there. I have teams right now that hit me up. They have been using some kind of AI assistant. We have Microsoft CoPilot. It is allowed in our company now. They tell us not to use ChatGPT right now because it is not approved for whatever reason. I have had some of our people hit me up who are not Splunk users but they have access to some dashboards and want to do a little bit of searching. If they use generic AI to find out how to do a generic Splunk search, it is not going to work in my environment at all. They will wonder why this is not working. That is because the AI does not know our environment. It will be handy to have an AI assistant that knows our environment.

I have been using Splunk Cloud Platform for a year and a half.

It has been quite stable. The fact that we are on GCP has been causing some pain. That is the only thing.

That has been very nice. When we renewed our last contract, we had seen that our long-term storage or archive storage was not enough, so we had increased it. It is nice to have enough visibility. It tells you that you are getting close to over or you are over, so you can see where you are. The new improved monitoring console that just came out has more information in there for that. That to me is even more valuable, so I am happy to see the new console they have released.

For the most part, their technical support has been pretty handy. Sometimes you get someone a little bit newer, and they may ask some basic questions because they do not know our knowledge level. If we are putting a case in, we have already tested steps a, b, and c. We have already tested all those, and we already know. We would not put the case in otherwise. However, in some of the cases, you get in there, and they immediately bump it up to the next level. They can recognize and see quickly that it is a problem, and they are able to bump it up. I like the fact that they are able to do that somewhat quickly and escalate things a little faster than in the past when we were on-prem. With us being on Splunk Cloud, they are able to see the issues faster and verify them faster. I would rate their technical support an eight out of ten. They are doing pretty well.

When it comes to customer service, the only issue we have seen is that they changed the sales team three times in the last two years. That has been frustrating. I meet them all at Splunk conferences, and I feel like half the Splunk people there know who I am because they have been our support team for some reason or another. Their teams are great, but it takes time. There is a transition time for them to get everything moved from one person to another because they have to finish up the team that they were with while adding in the new team that they are moving to. I understand that it takes time, but it is getting frustrating on our side. They can give us at least a year before they switch the team again.

Positive

We had used Enterprise Security before, but one team was using Splunk core with their own built-up dashboards and other things. They were not using the Enterprise Security pieces and parts specific to that, so we decided to not use that temporarily, but it might return because whatever they have switched to is not particularly helpful. It is not as helpful as we were hoping.

We worked with a third-party provider. We were in a bit of a hurry to get it done. We were able to do it quickly. 

Because we were getting GCP, we were getting help from Google, and they ended up paying for the service provider who was helping us migrate. We paid for it upfront, but then Google paid it back to us as a part of the contract we had with them. The good news was that we were able to get it done quickly, but it was quite a rush to do that. It went fairly smoothly. There were a few blocks, but we were able to migrate.

It took us a full six months to move from on-prem to cloud. Moving the data took me a couple of days, but getting everything fully migrated and tested and making sure that all the teams were fully in there took a full six months, which for our company was pretty much lightning speed. It normally takes two to three years or something like that.

We had a Splunk partner called TekStream.

We are seeing cost efficiencies with the move from on-prem to the cloud. We found out how much on-prem was costing us. It is not just the cost of the storage or the hardware. There is also the cost of the time of those people who do the setups of all that. We definitely saved quite a bit of money.

We have greatly seen an ROI. We have been able to add more and more data that we were dropping before because we did not have the license. We started opening that up. We have some more events from Windows event logs and some more things related to the firewall. We do not have to drop all that. We can bring some of that in now.

We were on ingest. We were on-prem, and when we switched to the cloud, we went to an SVC model, and that has been a huge help. We are now able to ingest more data than before. I was known as Doctor No because I had to say no so many times because we were on an ingest model and we were maxed out. I am not that way anymore. A lot of times, our use cases are one-shot because security needs the data. With our SVC model, we do not worry about it as much. I know that it is saving us huge amounts of money because of the SVC model.

Unfortunately, we did not evaluate any other tools, and that was the issue. We were handed down a tool to use, and that is something that our team did not like, and we have made that very clear. That is why we say that Enterprise Security might come back. We will see.

End-to-end visibility is something that we are working on. I have talked with the Gigamon vendor. We have Gigamon to do packet captures, but we want the metadata from that to come into Splunk so that we have longer retention times at least on some of that metadata. We do not necessarily have the package, and that is okay, but we can at least see the trending of some of the things a little bit longer than we are currently. It gives more visibility to more teams. I have 350 users in my Splunk Cloud Platform. On the network side, we have the network teams with 20 to 30 people looking at things over there, so it gives visibility into more of the organization. That is one of the big benefits. We can see the network layer and then all the way up to the App layer. When we want to get the O11y suite, we already have AppDynamics. We will be integrating that pretty soon. It will probably be the next month when we get that integrated in. The other piece is going to be getting the network cleared up. We are also seeing issues with GCP with some applications that we have migrated there. We will be able to see whether it is a slowdown in the cloud provider or not. Having this visibility and the end-to-end data and being able to correlate it is pretty helpful.

Splunk's unified platform can help consolidate networking, security, and IT observability tools. That is what we are working towards, and that is exactly what we are hoping for. I am hoping to bring in ITSI and the O11y suite. We already have AppDynamics. We are going to be able to pull that in which will start helping with that full visibility, but to fully integrate that, I am going to bring the O11y suite as well because eventually, I see AppDynamics moving in that direction. 

I would rate Splunk Cloud Platform a nine out of ten because it is very good. It is pretty stable. 

We use Splunk Cloud Platform for data aggregation and correlation for centralized logging and monitoring.

Splunk Cloud Platform has helped our organization reduce risk and allow for threat investigation to catch potential malicious traffic before it causes damage.

The most valuable feature of Splunk Cloud Platform is the ability to correlate events together and combine the data into one event.

The benefits we saw from using Splunk Cloud Platform are the time to detect and the ability to investigate faster.

Our organization monitors multiple cloud environments. Splunk Cloud Platform's direct cloud connection capabilities make data transfer easy.

Splunk Cloud Platform's end-to-end visibility into your cloud-native environment is key for security posture.

Splunk Cloud Platform has helped reduce our mean time to resolve by a significant portion.

Splunk Cloud Platform has helped improve our organization’s business resilience.

We have seen time to value using Splunk Cloud Platform. We immediately saw time to value after implementing the solution.

The consolidation of tools gives one place to look for logs and events. I wish there were more ways to consolidate the consoles.

Splunk Cloud Platform is easy to use, and users can quickly understand and do pretty much anything that their minds can create.

Splunk Cloud Platform should have better integrations with its suite of tools. Splunk Cloud Platform should include a more seamless connection with ES.

I have been using Splunk Cloud Platform for eight years.

The solution provides good stability.

As long as you have money, scaling the solution is easy.

Our direct customer support team is very responsive. However, it's very hit or miss with Splunk tickets and trying to reach out. Most likely, we get escalated because they can't help us. It's very hard to work through issues that need to be resolved quickly via email. The conversations back and forth take a long time, and technical support takes a while to resolve urgent issues.

Neutral

The Splunk engagement in the deployment was helpful, but there were many issues after implementing everything. So, it was smooth but with many hiccups.

Splunk Cloud Platform is an expensive solution.

Overall, I rate the solution an eight out of ten.

Currently, I am working with Splunk Cloud Platform and other things for my clients.

I have been working with Splunk Cloud Platform for around 2 years now while integrating it.

What I appreciate about Splunk Cloud Platform is that it's an AI-driven SIEM platform, and for data fusion stock, we require Splunk Cloud Platform because none other than Splunk Cloud Platform can have this data-driven stock implemented; it allows you to get into the data repository.

The real-time search capability of this product enhances operational decision-making, and it's very convincing; this aspect is very convincing from Splunk Cloud Platform's side.

The disadvantage of Splunk Cloud Platform is that its integration process should be improved.

The challenges I have encountered while integrating Splunk Cloud Platform include that integration is a bit difficult due to the coding required for the integrations.

I have been working with Splunk Cloud Platform for around 2 years now while integrating it.

I would say that it was a bit difficult to deploy Splunk Cloud Platform; the user interface is easy, but deployment is difficult because it needs coding to integrate things.

I think it's a scalable solution; it's pretty much scalable.

I can rate the technical support of Splunk Cloud Platform as eight; they are quite helpful.

Positive

We are system integrators, but the client chose another vendor instead of NNTT.

The deployment took around 3 to 4 months.

Three people took part in deployment from my side.

It was indeed a huge deployment; it was one of the banks in Pakistan, so we required three resources to get it done.

Splunk Cloud Platform has impacted operational costs; it's a bit expensive, but it provides value for money.

If I were to rate the price for the product from 1 to 10, I would rate it nine.

I am currently working with the solution, but I need to know from which NNTT.

The interface is okay; its interface is good, and user interface is good.

I would recommend Splunk Cloud Platform to other users and organizations because it adds value to the organization; you can do different things with it because it's a pure analytical tool, not only a SIEM tool.

I am mostly focused on Splunk Cloud Platform because I chose this vendor due to the feature set that was offered by Splunk Cloud Platform; it was not being offered by any other vendor.

Splunk Cloud Platform is the vendor I am referring to, not NNTT.

Maintenance for Splunk Cloud Platform has been done manually, not automatically.

Usually, one person takes part in maintenance.

Regarding the number of users for Splunk Cloud Platform, it involves discussing the number of organizations or the number of people working in those organizations.

In general, I would rate Splunk Cloud Platform a nine.