The Splunk Cloud platform is for anyone who wants to save money and doesn't want to manage an on-prem infrastructure. I like the Cloud platform because we don't have to handle any maintenance. Any server downtime, upgrades, or patches are no longer our responsibility, which is great. That's the biggest advantage of Splunk Cloud.
Consultant at a tech services company with 201-500 employees
Allows app and add-on installations without worrying about accidental breakdowns
Pros and Cons
- "I like the idea of being able to list the IPs that we want without having to open up a ticket to get it done so that way if anything changes we can add a new IP."
- "Splunk Cloud's SVC licensing model lacks transparency."
What is our primary use case?
How has it helped my organization?
Before COVID-19, the Splunk Cloud platform was much more difficult to manage. I've heard it causes a lot of frustration. Thankfully, it's come a long way since then. Now, it's user-friendly and allows app and add-on installations without worrying about accidental breakdowns.
I wouldn't have released Splunk Cloud myself when they did but the shift to remote work during COVID-19 drove everyone to the cloud, making the Splunk Cloud platform a great solution. While the updates focus on features, patches, and maintenance, there's nothing about the Splunk Cloud platform itself that I love other than the fact that we can use it in the cloud without the hassle of any on-prem requirements.
The importance of having one cloud platform depends on an organization's data goals, but at the end of the day, we onboarded the data because it's important. So as long as we have a use case, it's high up there.
Splunk Cloud Platform has improved our mean time to resolve incidents 100 percent. The cloud eliminates the need for upgrades to multi-cluster environments and the risk of errors during configuration, which can cause major problems. While we are not responsible for any Cloud maintenance, Splunk's support is helpful for escalations. Their clear communication about maintenance minimizes the need for their involvement.
While I can't speak to personal cost savings, moving to Splunk Cloud likely saves on storage costs compared to on-premises setups. This is especially valuable because many organizations use Splunk alongside other security products for specific needs. However, some competitors offer better data storage and faster results as add-ons for Splunk. Overall, the biggest cost savings come from eliminating the need for in-house server maintenance, storage management, and future data migrations. This reduces headaches and frees up IT resources, even if the migration itself wasn't a major issue.
What is most valuable?
I like the idea of being able to list the IPs that we want without having to open up a ticket to get it done so that way if anything changes we can add a new IP. The platform itself is the most valuable because if we're using the product, we're paying a lot for it. So we're searching our data and doing the triage we need to with the events. In reality, our biggest benefit of the Splunk Cloud Platform is not having the hassle on-prem.
What needs improvement?
Splunk Cloud's SVC licensing model lacks transparency. Customers are unsure of how SVC consumption translates to costs, and there's no easy way to identify what's driving SVC usage within the platform. While some external applications provide limited insight, Splunk Cloud itself doesn't offer a clear view into SVC consumption. This lack of clarity makes it difficult to explain cost spikes to customers, as the cause could be anything within the platform.
Buyer's Guide
Splunk Cloud Platform
November 2024
Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
I have been using the Splunk Cloud Platform for four years.
What do I think about the stability of the solution?
The Splunk Cloud Platform is stable.
What do I think about the scalability of the solution?
I have some concerns about the SVC licensing model for deployments under 1 terabyte, and it's separate from Splunk Cloud. The bigger challenge customers face is managing the surge of data and historical information they ingest. This can lead to situations like an admin setting up numerous queries and then leaving, making users hesitant to disable them for fear of breaking something. While this can happen with any product with unchecked admin access, Splunk and Splunk Cloud themselves function as intended for large-scale environments. Ultimately, it's up to the customer to manage their Splunk instance effectively.
How are customer service and support?
Many people complain about back-and-forth interactions with Splunk support. It feels like a repetitive loop of explaining the problem, being asked for information and questioning why it's needed. There's frustration on both sides: support needs details to diagnose the issue, while users might feel it's a simple problem and supplying extra information is unnecessary. This can be true for any customer support experience.
How was the initial setup?
Splunk Cloud deployment complexity varies by use case. Starting fresh is simple: install, configure, and point data to the cloud. However, migrating from on-premises to the cloud with existing data can be complex. Deciding what data to migrate and the migration process itself adds significant challenges, although these are likely to become easier over time.
What was our ROI?
Splunk Cloud's value is clear: it eliminates maintenance headaches and simplifies connection, offering a hassle-free experience.
What's my experience with pricing, setup cost, and licensing?
The lack of transparency around the SVC licensing makes it difficult to explain the costs to our clients.
What other advice do I have?
I would rate the Splunk Cloud Platform nine out of ten. The rating is not because of customer service. I am strictly looking at the product. I've worked with it for seven years. I've been on over 70 engagements with other customers over those years, and I rarely find a use case that a customer can't solve when it comes to an architect-type scenario, which is great. It's the same thing for data. For the most part, if you know you have data and can get it written down to a file, you can adjust it, which is phenomenal. The on-prem infrastructure consists of only 12 CPUs and 12 RAM if it's hardware, and then you double it if it's virtual. Overall that's very inexpensive to stand up major components. I'm not including storage or any other sizing that can get more complicated. Overall, it doesn't ask much from actual servers if you want to host it on-prem. Even managing it yourself on-prem, is not terrible. The commands are still there, the resources are there to do it yourself. You have community groups out there that help you with questions. There are tons of providers out there that can get you from point A to point B.
I have always used Splunk but I am open to learning Chronicle soon depending on industry trends. While I believe Splunk remains the top SIEM tool. According to Gartner, competitors like Azure and Oracle are emerging. However, I have not needed to look for other solutions.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Consultant
Last updated: Jul 3, 2024
Flag as inappropriateLead Developer, Solution Analyst at a university with 10,001+ employees
A flexible and feature-rich product, but the documentation needs to be improved
Pros and Cons
- "The most valuable feature for me is the flexibility of being able to send the log to the https endpoint."
- "Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for."
What is our primary use case?
We have a public URL that allows anyone to authenticate for ADFS. This allows them to connect using Active Directory.
What is most valuable?
The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.
This is a feature-rich product.
What needs improvement?
Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for. For example, when something goes wrong, I can spend hours trying to figure out the problem and have nothing to refer to. I find that it confuses me somewhat, so it is something that can be improved.
I feel that technical support can be improved because it is always done through the use of a support ticket, which is not very convenient.
Setting up and configuring integrations are not easy to do.
For how long have I used the solution?
We implement this solution within the past year.
What do I think about the stability of the solution?
Splunk Cloud is quite stable. I do not remember having any issues with bugs or glitches.
What do I think about the scalability of the solution?
I would expect that the scalability is quite good, albeit expensive.
How are customer service and technical support?
Technical support is okay, although they are not as quick to respond as I believe they should be. I feel that some of the support processes are not very convenient.
How was the initial setup?
The initial setup is straightforward, although we still revisit it. We started several months ago and are still trying to set it up in a more structured way. Really, we are still in the deployment stage in some regards because we are struggling with exactly how it should be set up.
What about the implementation team?
We had some assistance from a consultant after the initial setup was completed. It worked well for simple uses, but now, we have some help in trying to configure it to meet our needs.
What's my experience with pricing, setup cost, and licensing?
The price is something that people complain about.
What other advice do I have?
My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Splunk Cloud Platform
November 2024
Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Senior Analyst at a computer software company with 11-50 employees
It's a good solution that can index a large amount of data in a short time.
Pros and Cons
- "The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds."
- "The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult."
What is most valuable?
The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds.
What needs improvement?
The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult.
For how long have I used the solution?
I've been using Splunk Cloud for about four years.
What do I think about the stability of the solution?
Splunk Cloud is reliable.
What do I think about the scalability of the solution?
Splunk Cloud's scalability is pretty good.
How are customer service and support?
Splunk support isn't so great. It takes a lot of time for them to respond.
How was the initial setup?
The initial setup is straightforward.
What about the implementation team?
We deployed Splunk in-house.
What's my experience with pricing, setup cost, and licensing?
The license costs around 100,000-150,000 rupees. Splunk Cloud is the basic version. It costs extra if you need Splunk interface or Splunk ICSA. Those are premium additions. There are additional costs if you want to use the other premium aspects of Splunk.
What other advice do I have?
I rate Splunk Cloud eight out of 10. It's a good solution that can index data in a short time. That's one advantage of Splunk over other solutions. However, the support isn't good, and you can't customize the Splunk interface.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
CYBERSECURITY ANALYST at a tech services company with 1-10 employees
Good visibility and speed with reasonable pricing
Pros and Cons
- "We only buy the services we need. We don't have to pay for other things we don't."
- "They need to provide more training options."
What is our primary use case?
Splunk Cloud helps us to combine all our environments. For example, multiple business units can be combined into one even if they are in different geographic locations.
What is most valuable?
It helps us with hosting from different geographical locations.
The speed of the cloud environment is great.
We only buy the services we need. We don't have to pay for other things we don't. It makes the pricing very economical.
We use the solution's federated search feature. It's easy for us to use. It helps us search logs, analyze, and manage data.
We are able to monitor multiple cloud environments using our Splunk Cloud dashboards. It makes the process very simple. We just have to maintain different teams for different environments.
The solution is great within hybrid environments. It gives us good visibility across everything.
It works well for sizable environments.
The product integrates well with other systems and applications in our environment. We haven't had any issues with integration at all. However, if we ran into issues, we could call Splunk support. Having an issue would be a very rare event.
Reporting is very good. It's the same for all Splunk solutions. Having multi-cloud instances in one place is great.
We have multiple business units and easily integrate them into the cloud, as well as different infrastructures from different areas. We can deploy a Splunk agent on any cloud - AWS, Google, etc.
The company can access data easily for compliance and privacy regulations. The privacy aspect has been very good.
Having resilience has been very helpful in our organization.
What needs improvement?
Training should be free of cost. They need to provide more training options.
There are no missing features at this time.
For how long have I used the solution?
I've been using the solution for two and a half years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
We have 30 people using the solution in our organization. The product is scalable.
How are customer service and support?
Technical support has been good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did also use LogRhythm. It has a very good UI in comparison to Splunk, yet it doesn't have as many capabilities and does have a few more restrictions. That said, it's a good product for creating use cases and automation, which is easier than Splunk. We moved to Splunk as LogRhythm did have some restrictions.
How was the initial setup?
I have previously done deployments of Splunk. The setup is pretty straightforward.
Were a system integrator of Splunk. We help clients set up the solution.
We've had six or seven people setting up the solution.
The maintenance is pretty manageable. I'd rate maintenance needs seven out of ten.
What was our ROI?
I'm not sure if we have noted any ROI while using Splunk.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable. They provide good options for licensing.
Which other solutions did I evaluate?
I did not evaluate any other options.
What other advice do I have?
We are integrators and also users of Splunk.
We have multiple solutions we use for security, of which Splunk is one of them. So far, it's been very good from a security perspective, although we don't solely rely on it.
I'd recommend users work with Splunk in the cloud environment. I'd recommend the product in general to others.
I would rate the solution nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director - Corporate Infrastructure at a tech services company with 10,001+ employees
Meets our requirements from a cost and requirements perspective
Pros and Cons
- "For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
- "The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market."
What is our primary use case?
We use it for Log Management and also for another bit of management. It feeds data into Splunk and Splunk writes the rules and based on that, it will pick up incidents.
It is good from a cost perspective, in terms of the cost of the data you're looking at. There is no cost barrier.
What is most valuable?
For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective.
What needs improvement?
The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market.
I did evaluate other products and installations. I can't compare it to Splunk.
For how long have I used the solution?
I have been using Splunk Cloud for a year.
What do I think about the scalability of the solution?
There are two people who are part of admin that use Splunk in my company.
We have a policy where we have to keep the domain controllers on lock with sensitive servers for about 90 days. We look at the controls around once a week to check if they need to be attended to.
How are customer service and technical support?
We initially contacted their support during the implementation. It was not for a very complex issue. It was more for a consultation.
Their support is good.
How was the initial setup?
I was new to Splunk and had a problem with understanding the forwarders and worker safety management.
My team was able to install it themselves.
In terms of how long it took to deploy, between coding, testing, and other things, it took about four weeks to complete the project to complete the initial installation. Altogether it was four to five weeks. They should improve the customization.
Which other solutions did I evaluate?
Splunk is a leader in its marker.
Splunk offers more features than its competitors. Other solutions are not on the same level to be able to compare them.
What other advice do I have?
I would rate Splunk a nine out of ten.
The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at a reseller with 1-10 employees
Quick to set up and the technical support is invaluable
Pros and Cons
- "The most valuable feature of Splunk Cloud is the quick setup."
- "The only thing that is missing from Splunk Cloud is the command-line interface."
What is our primary use case?
We are a Splunk reseller and Splunk Cloud is one of the main products that we work with.
Our customers implement this product for log management, application management, application testing, and process management. They also have it for customer service use cases.
What is most valuable?
The most valuable feature of Splunk Cloud is the quick setup.
What needs improvement?
The only thing that is missing compared with Splunk Enterprise is the ability to manually edit all config files. This task is easily handled with support tickets but sometimes is would be nice to experiment directly.
For how long have I used the solution?
I have been selling Splunk products for ten years.
What do I think about the stability of the solution?
We have not heard any complaints about stability.
What do I think about the scalability of the solution?
Scalability with Splunk is the best because it scales to anything. Their promise to users is scalability and availability. Our customers range in size from very small companies to large ones.
How are customer service and technical support?
Over the past ten years that we have been selling Splunk products, they have been in constant contact for support. I would say that it is invaluable. They have great response time and great skills, and I couldn't compare it with any other software company.
How was the initial setup?
Installing Splunk Cloud, itself, is nothing. The length of time for the total deployment depends on how many log sources that you have. It can be completed in a matter of hours.
What about the implementation team?
Being a cloud-based product, Splunk does all of the maintenance. We don't have to do anything to maintain it.
What's my experience with pricing, setup cost, and licensing?
The licensing costs depend on the data ingest volume. If you weigh the costs and the benefits, the benefits are great and it is money well spent.
What other advice do I have?
I feel that Splunk Cloud is good as it is. It is the best tool on the market.
My advice to anybody who is considering this solution is to start now and don't wait. Every day that you wait, you can be wasting time and money.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Technical Lead at a tech services company with 501-1,000 employees
We use it for login collections, but the documentation available could be improved
Pros and Cons
- "The initial setup was straightforward."
- "There is sometimes no documentation or updated documentation available."
What is our primary use case?
Our primary use case for the solution is login collections.
What needs improvement?
The documentation available could be improved as there is sometimes no documentation or updated documentation available. For example, I tried to get the metrics from MongoDB, and there's very low documentation for the module.
For how long have I used the solution?
We have been using this solution for a few months.
What do I think about the scalability of the solution?
We haven't used it enough to comment on its scalability. We have approximately 100 people utilizing the solution.
How are customer service and support?
We don't have experience with customer service and support.
How was the initial setup?
The initial setup was straightforward and took approximately 20 minutes.
What other advice do I have?
I rate the solution a five out of ten. The documentation available could be improved.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Founder at a marketing services firm with 11-50 employees
User friendly and very extensive compared to similar tools
Pros and Cons
- "The solution is user friendly and has extensive uses."
- "Customization could be simplified."
What is our primary use case?
My primary use case was trying to build a centralized log database and making some logs on my servers. I also use it to install tools in Splunk Forwarder. I'm a company founder.
What is most valuable?
Splunk is a very user-friendly tool and it's very extensive compared to other tools.
What needs improvement?
From my perspective, customization needs to be simplified and I'd like to see a reduction in the cost of the solution.
For how long have I used the solution?
What do I think about the stability of the solution?
It's stable, but if you try to customize it, it will take some time because there's a specific language behind Splunk. Thankfully they have a good community which is a big help.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
The initial setup is very straightforward.
What's my experience with pricing, setup cost, and licensing?
Licensing costs are paid annually and are quite expensive.
What other advice do I have?
I recommend this solution for any company that has the money to buy it and rate it eight out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Splunk Cloud Platform Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Apache Superset
Buyer's Guide
Download our free Splunk Cloud Platform Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What's your experience or opinion about Spotfire vs. Tableau vs. Qlik?
- A journalist is writing a story about which Data Visualization software product to choose. Can you help him?
- What enterprise data analytics platform has the most powerful data visualization capabilities?
- When evaluating Data Visualization, what aspect do you think is the most important to look for?
- What are the best self-service and Excel-like filtering / display tools?
- What data visualization tool/s do you find to be the best?
- How many users on average are licensed users of Data Visualization software in a company?
- Why is Data Visualization important for companies?