Splunk Enterprise Platform Reviews

We use the product for real-time monitoring purposes.

The product's most valuable feature is the ability to explain the values and provide insights into transactions. It allows us to understand successful and failed transactions with a graphical representation easily.

Areas for improvement include enhancing dashboards, reports, alerts, and the monitoring console. With the monitoring console, users can track server performance metrics such as data ingestion, server uptime, CPU, and memory utilization. Integrations with third-party apps can provide comprehensive server monitoring capabilities. However, setting up such integrations may require significant time and effort, as experienced in the mentioned case took nearly 20 days to complete.

We have been using Splunk Enterprise Platform for four years now.

I rate the platform's stability an eight out of ten.

The product is highly scalable.

The complexity of the initial setup largely depends on the level of experience. I find it straightforward due to my proficiency in establishing connectivity, creating DNS, and performing installation configuration. I rate the process a nine and a half out of ten.

The time required for deployment varies depending on the process in place. If changes need to be made within a specific window, such as raising an instance, the window period opens only for a set duration. Deployment in such cases involves raising a change request and obtaining approval, which can take up to seven days. However, from a technical perspective, initial deployment typically takes up to one or two hours. Yet, procedural requirements, like awaiting change request approval, may prolong the process, necessitating additional days of waiting before deployment can proceed.

The product is expensive, and the cost depends on the amount of data ingestion.

When clients request specific data for a particular period, we retrieve the relevant information from our servers and generate statistics. Later, we create reports, alerts, and dashboards based on the requested data. This process involves fetching the necessary data attributes, such as service names, and displaying their corresponding values in the generated reports, alerts, and dashboards.

The platform's alerting capabilities enable the automation of alerts based on predefined conditions. When specific results exceed predefined thresholds, alerts are triggered automatically. For example, if a value exceeds a specified threshold, an email alert is generated and sent to the relevant stakeholders, prompting them to take appropriate action. This automated alerting mechanism enhances operational efficiency by promptly notifying stakeholders of critical events, allowing them to respond swiftly and effectively to potential issues or deviations from expected outcomes.

I recommend Splunk to other people. It's a very good tool, offering many features that surpass other tools like Kaspersky. Its comprehensive monitoring capabilities and insightful analytics make it a valuable user asset.

I rate it a ten out of ten.

Splunk Enterprise Platform is useful as a tool for its SIEM and SOAR functionalities.

The most valuable features of the solution stem from the fact that it provides local support to users in Indonesia. The features that Splunk Enterprise Platform provides to users are the same as the ones provided by ArcSight, so I cannot compare both products.

The solution has certain shortcomings when it comes to APIs, making it in an area where improvements are required.

Integration is an area that can be considered as one of the challenges we face with the solution in our company. From an improvement perspective, the solution should make the integration of the product with other tools in the market possible.

I have been using Splunk Enterprise Platform for almost three years.

It is a stable solution. The product stays stable from the development stage to the production environment. Stability-wise, I rate the solution an eight out of ten.

It is a scalable solution.

Around 1,400 employees in our company use the solution.

My company does plan to increase the use of the solution.

I have experience with ArcSight.

The product's initial setup phase was very complex.

During the product's first time deployment, the product is dispatched to the user for assessment, after which a user can deploy it and take care of the areas from implementation to production.

The solution is deployed on a hybrid cloud.

The solution can be deployed in three to five months.

Around seven people are required to manage the deployment and maintenance of the product.

The deployment can be carried out with the help of our company's in-house team.

There are yearly payments to be made towards the licensing costs attached to the solution.

I can recommend the product after considering the needs and budget of the customers, as well as the company's size.

I rate the overall tool an eight out of ten.

Our use case for Splunk Enterprise Platform involved deploying the solution for a client requirement, focusing on their data monitoring and management needs.

Splunk Enterprise Platform has significantly improved operational efficiency by making it easier to monitor infrastructure, detect errors, and read logs. It has reduced troubleshooting efforts from one hundred percent to about twenty percent, thereby increasing productivity significantly. The platform's ability to monitor Docker containers directly has also been beneficial for us.

The most valuable features of Splunk Enterprise Platform include its performance, ease of implementation, and user interface, which are superior compared to other on-premises products.

Pricing is an area that needs improvement, as it is considered high. Additionally, the addition of AI capabilities would be beneficial for analyzing IP activity patterns and providing alerts. During the integration with Docker, we noticed that Splunk only shows container IDs and not their names, which is a drawback.

I have used Splunk Enterprise Platform for one to two years for the projects I have mentioned.

Splunk Enterprise Platform is a stable solution, and I would rate its stability as nine out of ten.

Splunk Enterprise Platform is scalable, though the implementation can be challenging. I would rate scalability as eight out of ten.

We have not opted for paid support but have utilized community support, which is good but could benefit from more contributions. I rate the support a seven out of ten.

Neutral

We have tried multiple products before, but they were difficult to implement. Splunk Enterprise Platform is much easier to implement and execute quickly, which is why we chose it.

The initial setup was not considered easy and required learning and implementation by ourselves. It was an average difficulty process, not too difficult but not very easy either.

The deployment and implementation were done by myself and one of my teammates, totaling two people involved in the process.

Monetary ROI was not directly measured, but using Splunk Enterprise Platform has reduced time spent on troubleshooting, therefore enhancing productivity.

I would rate the pricing around three out of ten, considering the tool's cost. We haven't used any extra features, so I'm not sure about additional offerings.

We evaluated several other products, but they were found difficult to implement. Splunk was the easier solution.

I highly recommend Splunk Enterprise Platform for organizations with large volumes of logs and multiple servers, as it provides good ROI for big companies. However, due to its cost, it may not be suitable for small organizations.

The product comes with a faster installation and response time. When I search something on the log, they give the result in a few seconds. Even if I didn’t have EDR, I can investigate rules in Splunk.

The solution is only meant for big companies.

I have been using the Splunk Enterprise Platform for three years. 

I rate the solution’s stability a ten out of ten.

We have around ten people working with the solution.

I rate the solution’s scalability a ten out of ten.

I didn’t contacted the customer support. Spunk has a website and community which has everything you need.

The initial setup is easy. For deployment, I created a Splunk demo on my computer and on a POC environment. I ran the demo for 10 clients on 10 machines, and it took about 20 minutes.

Spunk is used by big companies like with 2000 clients. 

I rate the solution’s pricing one out of ten.

There are around ten engineer required for troubleshooting of the solution.

I recommend the solution to other organisation since it is very responsive.

Overall, I rate the solution a ten out of ten.

We use Splunk Enterprise Platform for point-in-time security detection. It can be applied to security and IT operations scenarios, offering control and insight into user activity, registration processes, and customer data.

The solution has a status query and feed. I can reach them by phone at the residential. It is stable and has a fast response.

The product is expensive.

The product is stable.

I rate the solution’s stability a nine out of ten.

Splunk Enterprise is a powerful platform. It's a leader in its field with a large and active community. Users can access support in various ways, including forums and documentation.

Overall, I rate the solution an eight out of ten.

Splunk Enterprise Platform can be used for security, IT monitoring, and observability.

The solution’s pricing could be improved.

I have been working with Splunk Enterprise Platform for six years.

Splunk Enterprise Platform is a stable solution.

I rate the solution an eight or nine out of ten for stability.

Splunk Enterprise Platform has very high scalability.

Customers need to pay a yearly licensing fee for Splunk Enterprise Platform.

On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing around seven or eight out of ten.

I would recommend Splunk Enterprise Platform to other users.

Overall, I rate Splunk Enterprise Platform an eight out of ten.