Splunk Cloud Platform Reviews

Splunk is an event log manager. We have reservation and event logging dashboards integrated from the data dock to Splunk and we have all the specific dashboards that we work with in Splunk for log management.  

We became pretty complete with our reporting using Splunk for all the log and event capabilities. I would rate this product as somewhere around seven or eight-out-of-ten for the logging capabilities and how that has added to the oversight of our business.  

The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.  

The pricing models should be improved and optimized. Right now, the pricing is a bit too expensive.  

One other thing you need is more ability to customize the dashboard to the way you want to have it. If you had a template that you could create and label inside of Splunk that would be good.  

One good thing that could be added to the AWS side of the solution is that you should have an OPS (Operation Alert) alert built into the dashboard that comes with Splunk. That would be very useful. For example, if you have a pre-defined template creator to fill in the information to forms that are loaded. That would be really beneficial.  

I have been using Splunk Cloud for more than four years now, in total.  

We have not experienced or even heard much about bugs or other problems people are having with Splunk. It seems pretty stable.  

Scalability is good, but the cost factor in scaling is really high. That is the reason why we are interested in working with products and solutions that will help us optimize our costs and may be looking into other solutions.  

We probably have something around a hundred users who work with Splunk. Mainly they are architects, enterprise architects, and data-link architects. We also have business analyst systems. We have not had a problem in changing or growing these roles.  

I have not had direct experience with the Splunk technical support because I leave it to the other teams in our organization because I am not really in a position to use Splunk support.  

I have only been working with Splunk for these past three years. I am not too much of an expert. I left my role as an officer in an organization in 2014, so from 2014 to 2017 I was not in touch with the advancements of products in the industry. But I was using other solutions prior to Splunk.  

The setup and installation of the product are straightforward.  

The pricing model makes this an expensive solution.  

Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product.  

Interface-wise, I think the product is good.  

Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective.  

Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them.  

Whatever the use cases we had for Splunk, we were able to make it work.  

Cost optimization is the only thing that needs to be reconsidered.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.  

We mostly use Splunk Cloud Platform for monitoring performance and looking for performance events.

We have seen many benefits of Splunk Cloud Platform, which is why we are still using it. With the alerting, we can find outages faster, and we can find performance impacts faster. We are then able to use them to diagnose and dig through our logs to find out what possibly caused it or look for a time when it happened to find a correlating deployment or something else that caused the problem.

We monitor multiple cloud environments. Splunk Cloud Platform is pretty good for monitoring multiple cloud environments. We have it all come into the same index irrespective of the system. Even though we have multiple data centers, everything comes into the same Splunk index, so we monitor it all in the same place.

Splunk Cloud Platform has end-to-end visibility into our cloud-native environment, which is very important for us because otherwise, we would not be able to have the data or be able to diagnose and find issues.

We have been using Splunk Cloud Platform for a very long time. I do not even know a time without it, so it is hard to say how much it has reduced our mean time to resolve (MTTR).

Splunk Cloud Platform has improved our organization’s business resilience. We use it very heavily to look for issues that may arise. In terms of Splunk’s ability to predict, identify, and solve problems in real-time, we mostly rely on our own searches. We do not rely on a lot of advanced observability features. We are mostly using our own alerts that we have written and our own dashboards.

Dashboards and alerting are the most valuable features. The dashboards let us see how the system looks in terms of anomalies, and the alerts trigger us to go and look at what possible problems are happening.

Its performance can be better. The searches sometimes take a long time. There could be better searches, but mainly, it needs to improve the performance with a vast amount of data. That will make it better and easier to use.

Their support can also be better.

I have been using this platform for 12 years.

Its stability has been very good. We have only had a few outages that I can remember where Splunk has been down.

Its scalability seems okay. Most of our issues come with our data storage. We are storing mass amounts of data, and it seems to handle that right now.

Their support has been lacking a little bit. We have several outstanding bugs that have not been fixed yet, and we are still waiting for Splunk to fix them. For example, we cannot use Splunk Mobile because of an issue with the authentication and what permissions are available. We have not been able to use Splunk Mobile since the new app. I have used the old apps, and I was quite disappointed when they were broken. I have never been able to use the new app.

I would rate them a seven out of ten. For emergency issues, they are good. For lower-priority issues, we are still waiting.

Neutral

I was not involved in its deployment.

I know that the company evaluated a few other solutions, but I have not been as involved in those. We are still using Splunk.

I would rate Splunk Cloud Platform a nine out of ten because it does a good job at what it does. I wish I could use the mobile app, but the rest of it works very well.

The best value that I have received by attending Splunk conferences is finding out new things that I can do with my own job. Most of the time, it is disappointing because a lot of the new features have new applications that we have to buy, and I have no say in the purchase of new applications. However, there have been some new improvements in the applications that we already have, and I come for those updates. I am able to see if the new features in the existing applications are more useful to me.

We are using Splunk Cloud as a log aggregator. All our application logs come to one place, and we do the aggregation, troubleshooting, and investigation. It has many different kinds of production troubleshooting.

We went from a manually reviewing logs to an automated time-series base with Splunk Cloud. It has helped our organization a lot.

Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving

Splunk Cloud could improve by having pre-defined templates. It has very good design views, but there is no predefined template. You have to define your own. If they could add predefined templates for different use cases.

I have been using Splunk Cloud for approximately three years.

Splunk Cloud is highly stable. However, we had minor issues but we were about to fix them. We needed more capacity. The search capacity had to be increased as we looked at it because our logs move a minute of latency, it is almost in real-time

Splunk Cloud is scalable. If we want to expand we only need to add new hardware. it is much easier having the solution be cloud.

We use the solution every day. All the production support analysts are using the solution. There are approximately 50 people using it in my area.

I have not needed to use the support.

We have not used another solution previously.

The initial setup of Splunk Cloud was complex because we have a lot of logs. We had a lot of architectural setup discussions but we were able to do it. The level of difficulty for the implementation is in the medium range. It took us approximately 25 minutes.

It's an agent-based system, and you only have to enable it. There is an access control setup to control what to send, and what not to send. The deployment was quick. The adaptation or the implementation takes time  because you've got to go through all the infrastructure setup

I rate the initial setup of Splunk Cloud a four out of five.

We did the implementation of Splunk Cloud in-house and using two contractors. After the solution is implemented we do not need someone to manage it very often.

There are additional features that you would need to purchase depending on your use case.

I rate Splunk Cloud a seven out of ten.

We are primarily using it for InfoSec, cybersecurity intelligence, information gathering, and forensics. We also do a little bit of application performance monitoring for some appliances that can only be monitored through log ingestion.

We are starting to monitor multiple cloud environments. We have our internal cloud, and we are migrating to AWS. We are engaged in that path. In terms of monitoring, it is more or less the same because we are using the same integration pattern, which is to use Ivy folders and gather logs. We use it at its minimum, but the way I see it at the Splunk conference, we can go further. Will we go further? That is a million-dollar question.

It has end-to-end visibility into our cloud-native environment. For sure, it is important for operation and application support, but we need to embark our staff and management for that. They are the ones who are committing big dollars to that.

It has not reduced our mean time to resolve because we are using other tools as well. We are aiming to go on that path in the coming months.

It specifically has not improved our organization's resilience. There are a myriad of modern tools that we are implementing. Splunk is one of them. It is one of them helping us.

Index Manager is most valuable because we do not have to bother about internal storage. It is all managed by the Splunk team.

The security connection should have a seamless integration. Other than that, the way we are using it, so far, it seems quite good.

We have owned Splunk Cloud Platform for the last year and a half.

The stability of the solution is quite good. 

We had challenges with the sizing of the cloud tenant that we purchased, but that was based on past decisions, so we are stuck with that until our next move. That should come in the next year. At that time, we will resize the tenant in a more efficient way, so scalability does not apply because the tenant we bought is a closed one. There is no scalability on either side. I learned that after the fact, so I am not impressed because we did not buy it. I guess people who buy that type can have good feedback on scalability.

We migrated from an on-premise solution that we had for about three years. We saw cost efficiency when we went from on-premise to the cloud, but I do not manage the budget.

We are using Dynatrace in parallel. We used Splunk as a cybersecurity tool, and we embraced Dynatrace a few years ago. So far, Dynatrace does a great job. Splunk is closing the gap. With today's announcement at the Splunk Conference, they are catching up. We are also using Microsoft SCOM, so it is a trio. It helps us do a better job.

I was not involved with the setup of the on-prem one, but I was involved with the migration to the cloud. My experience was interesting because I started from zero, but with the help of Splunk's professional teams, we could achieve our project. On a personal side, it helped me to gather the knowledge that brought me here at the Splunk conference.

The setup is always challenging. We had four or five people involved in the migration. We also involved a lot of key players in application migration. We had 20 to 30 people involved at some point in the migration path.

We used professional services.

We have, for sure, seen an ROI with Splunk. Our DevOps team is able to gather faster answers to their questions. Obviously, it brings value, whether it is Splunk or any other tool. 

We could see the ROI in a few months. We gave time to our DevOps specialists to embrace the solution and get used to it. From there, as they made their own usage and use cases of the tool, it gave them speed to achieve what they were looking for.

I would rate Splunk Cloud Platform a seven out of ten.

We're migrating our on-prem environment to Splunk Cloud Platform. We're consolidating two separate Spark clusters because of a merger. Our primary use case is for unifying all of that data into one place.

It's made searching for data easier. Users like it. We're still in the migration process, but overall, it's a lot easier to use.

It's important to use that Splunk has end-to-end visibility in our native environments. We have to have that visibility because we manage multiple app applications that rely on it.

Splunk helped to improve our organization's business resilience. That's very important to us. Our users rely on Splunk heavily for the health of their applications. It helps them to get ahead of issues, and if there is an outage, it enables them to resolve them faster.

Splunk gives the different application owners the ability to configure alerting specific to their needs so they can customize it however they want. If they know their applications better than you know, admins, I'll give them that flexibility.

The administration could use improvement. We have to rely on support more often than we're used to.

We have been using Splunk Cloud Platform for nine months.

Stability has so far been good. We haven't had any issues.

Their support is great, especially the agent that we have now. They're very responsive, willing to help out, and give suggestions.

Positive

We previously used Splunk Enterprise. We switched to Cloud Platform because we wanted to consolidate a couple of instances to one place and we're moving our security team to the cloud. 

I wasn't involved in the setup directly but I was aware of what they were doing. The setup is a little complex. We had some issues we had to deal with. Bringing both environments together and getting the different environments to communicate with Splunk Cloud was complex. We have a lot of data. Getting a handle on that before we were able to start sending data to the cloud was complex. 

It's expensive. We're still trying to figure out Cloud licensing. 

It's not so easy to monitor multi-cloud environments using Splunk. We have some difficulties, but we have some things in place, but it's not easy.

I would rate Splunk Cloud Platform an eight out of ten. There's a lot we haven't tapped into yet, so the rating can go up.

My role is in observability. 

Some of our internal systems send data into Splunk Cloud. We had dashboards for our team's KPIs. We can check to see how fast the team reacts to events. Those reaction times a recordreed and sent to Splunk. From there, we can draw some dashboards. We can check to see who is doing well and who needs to improve. The power Splunk admins started moving into the Cloud.

The primary use cases are for team KPIs, log analytics, and error search. We would look for the relation of different events and draw dashboards to see how bad things were veering off from the timeline that we wanted to see. 

Splunk helped us shape the picture of our team and enabled management to see who should be rewarded and who should be coached. It helped outline where KPIs were not being met. We could sit down and discuss what happened, and why it did not go as planned, and then we could make improvements in the processes. It helped us draw a broader picture of the entire team's capabilities.

With Splunk, everything is centralized, everything is in one place. We don't have to scramble and approach Splunk admins where to look. 

In terms of networking, we managed to build good dashboards. We have a lot of firewalls and rules. If a new service comes up, if they don't have a firewall and nothing works, we can look at the Splunk dashboard and see the particular network flow and see if firewalls are blocking traffic. This is a Splunk function that people are happy and excited about. It shows us valuable information in an easy-to-understand way.

It's very important for us that Cloud Platform offers end-to-end visibility into our cloud-native environment. More and more functions are moving to the cloud, so it's not only for observability to see the system, but it's also for management and senior management to see that all of their applications are running as intended. If we try to spread out applications through multiple vendors, multiple regions, access groups, and whatnot, it becomes pretty important. It may become a challenge because of that spread. It brings resilience, but it also makes it more difficult to look after everything.

We want to achieve having everything in a single view. Senior management wants to make sure that everything is running well. The application team's developers want to have a granular review. 

Splunk reduced our mean time to resolve by 30%. If an application starts misbehaving, we send logs to Splunk and check to see what's going on and see what's happening.

The dashboards are the most valuable feature. It's all of the information in one place. We can build it ourselves, so we can make it the way we like. 

Since I work on data collection from external sources and send them into Splunk, I miss its ability to collect that data through REST API applications. I would like the ability to configure an endpoint, set it on Splunk, and set a schedule for it to pull information every ten minutes, and pull this endpoint information. I could search through it, look for keywords, restructure the data that's brought back to me, and then store it in the Splunk index. This is not available and if it is available, it is bare bones. I would like Splunk to have this function by default.

We started using Splunk seven years ago. We started with Splunk on-prem and then moved to Splunk Cloud. 

I never had any stability issues. 

I use support rarely but so far, it's been fine. 

I would rate it an eight out of ten. My cases weren't that critical so it took a little longer to solve. 

Positive

We have not achieved cost efficiencies by switching to Splunk. There will be some cost discussions in cost optimization. 

We log a lot of data which may have impacted our licensing cost.

We also looked at Datadog but it wasn't cost-efficient to log with two tools.

We monitor multiple cloud environments. I heard that it's more straightforward to monitor multiple cloud environments with AWS. Azure doesn't work as intended, there were some issues collecting data from it.

I would rate Splunk Cloud Platform seven out of ten. I really miss REST API abilities. 

We use it for a lot of different things. I primarily use it for monitoring, alerting, and dashboarding.

It was a slow adoption at first, but as our development teams are learning the tool, we now have our teams making their own metrics for each of the different apps. I work in the web, mobile app, and email area. It provides insights into metrics that are happening and problems when they are happening. We also have alerting.

We monitor multiple cloud environments. It is pretty transparent because we have some on-prem stuff and we have off-prem in the cloud, so we are using both. We are transitioning from on-prem to off-prem. It is seamless because it does not matter from where data comes. When we switch to a new data source, I do not have to reinvent it. We are using AWS.

Splunk Cloud Platform has helped reduce our mean time to resolve (MTTR). I get alerts every day. Anytime things are out of kilter, it gives us an alert asking us to better go look and see if something is happening. A lot of times, something is happening. It could be serious. It could be not serious, but we use it a lot for monitoring. Identifying a problem is a lot quicker. Once you know what the problem is, it makes it a lot faster to resolve the problem. That is where different other tools come into play. I believe they now have the APM tool, and we are trying to ramp that up. For us, it is pretty critical that we quickly identify that we are having a problem. It probably makes the resolution 80% faster.

Splunk Cloud Platform has helped improve our organization’s business resilience. We manage multiple websites over nine different states. We have millions of users as our members. When we are having a problem, we do not want to impact them.

For my purposes, I like the ability to aggregate lots of data from different sources. I like being able to report for management and being able to get alerts on thresholds being out of sync.

It is sometimes slow. Some of that has to do with the queries themselves not being efficient, but sometimes it is slow. They changed their model a few years back. It seems to be working better for us as opposed to having some limits that they had.

I have been using Splunk since 2019.

I have not had any issues with it going down or not performing. It is sometimes slow, but that might not be because of Splunk Cloud. That could be because of our firewalls and other things that lead to Splunk Cloud.

Its scalability is fine. We have ITSI. We have Splunk Enterprise. We have some internal Splunk and external Splunk. Our company at first was weary about putting data on the cloud. We do not have those concerns now.

We have pretty good support. 

It is hard for me to rate them because I don't use their support much. We have a lot of expertise in-house.

I have used several old competitors. Computer Associates used to have a tool. New Relic was another tool. We are primarily using Splunk now.

We switched from New Relic. We have had Computer Associates's tool. A problem with these types of tools is they are costly to put in and then not that many people use them. You then have to justify it, so the adoption is the issue.

The setup is way easier for Splunk and the way the data is aggregated is easier. Overall, reporting and dashboarding are easier. A lot of the setup involved such as tagging and so forth is not as cumbersome in Splunk.

With Splunk, looking at our servers and all types of log files is excellent. I am kind of disappointed with our particular infrastructure. We invested all this money in Splunk. We are using it for monitoring, recording, and alerting, but our company has to embrace it for using it for security. We have already bought it. Our security team should be using and leveraging it, but they are not. They are using other tools. Our security team just does not want to use it, and they need a push and need to be shown that we are paying for it. They can still use the tools that they want, but maybe they need to be shown what all these tools can do. We could leverage what we are paying for better. Our management can push our security team and say that we are paying for this, and they should leverage this more or more now.

We had a consultant come in from Splunk and a third party. We did both.

I do not know what that is anymore. I have not been involved with that for a couple of years, but I know we are paying a lot.

Overall, I would rate Splunk Cloud Platform at least an eight out of ten. For the things that I do, such as dashboarding, reporting, and alerting, it is great. It does a good job.

I was working as a DevOps engineer in India. I was working for the payments domain of a client. We were mostly using Splunk for monitoring the production, deployment of API, and traffic. 

We had two cloud platforms. When I joined the team, we were deploying all our APIs in Pivotal Cloud Foundry (PCF). We then migrated to AWS Kubernetes. We were able to monitor both platforms in Splunk. When we migrated to Kubernetes, Splunk helped us. When we were having the transaction loss, we were able to find out which node was throwing the error. We were able to fetch the details according to the nodes in Splunk. We were using different keywords on these platforms for fetching the data. 

We could create our own query, and we could create our own alerts for a particular API. We could also configure these alert notifications to be mailed to particular managers and owners. We could just go through the alert to check if the API was running well or needed to be fixed.

As compared to other tools, it is very easy. It is very easy to learn. It also integrates well. 

The reporting features are very good. The dashboards are very nice. We could create our own dashboards to monitor any volume dips or transaction loss. 

The search for bulk data needs to be improved. When we were looking for the flow, we had to search really hard. I wanted to request the Splunk team to add some features for better search because getting the flow of the bulk data was sometimes hard.

I have worked with this solution for almost three years.

It is stable, but we did experience two or three downtimes.

We had three or four monitoring tools other than Splunk. We had AppDynamics, Grafana, and others, but we were mostly concentrating on Splunk because we were able to fetch all the details from a particular transaction using Splunk. We were able to create our own dashboard so that we get alerts regarding errors or transaction loss for the customer. The most useful thing was that when we were fetching details from a payment ID or a grid, we were able to track the complete workflow for that API. We were also able to fetch the details about whether the issue was in our team or the external team. We were able to track that very accurately using Splunk.

It is not that complex. We just need the knowledge. We just need to know how to query the alert and set up dashboards. As compared to AppDynamics and Grafana, it is a lot easier.

Our dev team could set up a dashboard and deploy everything in two weeks.

It is not that expensive.

If the company is working on API-based deployment and API-based developments, then I would recommend Splunk. It is useful for tracking the flow and fetching the data.

Overall, I would rate it a seven out of ten.