Splunk ITSI (IT Service Intelligence) Reviews

We have a couple of different use cases including incident management, correlation, and mapping out incidents.

Having a structure on how to resolve incidents is the most valuable aspect.

It is pretty important to us that it offers end-to-end visibility. That's how we do the ITSI incident setup. It needs to have an overview.

It has helped improve the business' resilience. Splunk's ability to predict, identify and solve problems in real-time is pretty good. I've been a Splunk customer for almost six years.

The time it takes to pinpoint an issue, from when it's triggered to resolution is where I've seen the most value out of Splunk.

We have seen time to value using ITSI. It took a few months to see this value. 

They should make it easier to use. Many people are new to it. It is hard and has a steep learning curve.

I have been using Splunk ITSI for one year.

The product is pretty stable.

We had a support person who was instrumental in getting it set up.

I would rate support an eight out of ten. It's nice to have the help but we'd also like to be independent and that's taking a bit of time to get onboarded. 

The initial setup is easy. We had someone come in. It took around a month or so and he's still with us helping to implement.

Overall, I rate the solution a seven out of ten. I'm getting up to speed with it. 

We use Splunk IT Service Intelligence (ITSI) to find out about system outages and reports about the outages. We have a lot of platforms that monitor solutions, outages, and downtime. Still, we're keener on the reporting, and how fast the insights can be generated, so those are our prominent use cases for Splunk IT Service Intelligence (ITSI).

After understanding and learning more about Splunk IT Service Intelligence (ITSI), particularly its capabilities, the solution helped my company look into recommendations and insights shared with stakeholders on improving the company's product.

The feature that stood out to me most from Splunk IT Service Intelligence (ITSI) was automated dashboarding or reporting. The solution lists the severity level of issues, and the response times, for example, so automated reporting is what I like best about Splunk IT Service Intelligence (ITSI).

Integration is the most critical area to improve in Splunk IT Service Intelligence (ITSI). It wasn't a great experience because you had to do a little back and forth to integrate the solution.

I want more integrations in the next release of Splunk IT Service Intelligence (ITSI), and the solution should be seamlessly connected with other solutions during integration.

I've used Splunk IT Service Intelligence (ITSI) for about six months, and I'm still using the solution.

Splunk IT Service Intelligence (ITSI) is a stable solution.

If you have the money, then Splunk IT Service Intelligence (ITSI) is scalable. It could be limited if you have to make do with whatever capacity or seats you have.

I have no experience contacting Splunk IT Service Intelligence (ITSI) technical support.

The initial setup for Splunk IT Service Intelligence (ITSI) was straightforward because you only needed to log in and connect your APIs.

I've seen ROI from Splunk IT Service Intelligence (ITSI).

We evaluated Accenture myWizard.

I'm into IT service intelligence or products focusing on monitoring and understanding systems, such as Splunk IT Service Intelligence (ITSI).

I don't remember the Splunk IT Service Intelligence (ITSI) version, but my company signed up for it in June, so it should be the latest version.

Five people use Splunk IT Service Intelligence (ITSI) within the company, and the same people take care of the deployment and maintenance of the solution.

There's no plan to increase the usage of Splunk IT Service Intelligence (ITSI), and there won't be for a long time because what my company has right now fits the budget and spending.

My advice to anyone looking into implementing the solution is to have a clear picture of the integration process and the timeline and have internal and technical capabilities, so you can address any breakdown that could happen while setting up Splunk IT Service Intelligence (ITSI).

As Splunk IT Service Intelligence (ITSI) has value and potential, I'd rate it eight out of ten.

We use this solution both on the cloud and on-premises. We are currently using the most recent version.

The observability is great and valuable because it allows us to work with all our sets.

There are no areas I can pinpoint that need improvement because the product is working well. It would be good if an interface was included in the next release.

We have been using this solution for two years.

The solution has very good stability.

The solution is scalable.

We have had positive experiences using customer service and support.

The initial setup was straightforward. We are in a NOC solution, and we have 30 people. We used a team of five people to deploy the solution. 

We implemented this solution through our partner organization.

We would rate this solution a ten out of ten.

Our use cases for Splunk ITSI have been created around our critical services like payment gateways.

Splunk ITSI lacks out-of-the-box solutions for enterprise users. Currently, everything needs to be created from scratch.

In their next release, Splunk should offer API integrations with products like ThousandEyes, and AppDynamics, or some other network monitoring tools or dashboards. 

I have been using Splunk IT Service Intelligence for two years.

Splunk ITSI is stable. We have less than 24 technical staff.

The solution is easy to scale. All you need is to procure another license from Splunk and add new users.

Our company has approximately 500 users of Splunk ITSI.

Technical support from Splunk is very good. I would rate them a five out of five for service and support.

Positive

The initial setup of Splunk ITSI is simple.

The pricing of Splunk is a bit high. I would rate it a four out of five when thinking about the affordability of the solution.

I would recommend this solution to all big enterprises that actually have live traffic, like banks or telecoms.

Overall, I would rate Splunk ITSI an eight out of ten.

ITSI's most valuable feature is that it's easy to integrate DLP.

I've been using Splunk ITSI for two to three years.

ITSI is stable.

Splunk's technical support is very fast.

The initial setup was straightforward.

We used a vendor team.

The cost of the license could be lower.

Splunk ITSI is fast and provides a lot of out-of-the-box integration. I would give this solution a score of eight out of ten.

We primarily use the solution for monitoring our infra.

We use it for monitoring the potential application, depending on what the data source ingestion is. There are many use cases. Based on the data source, we can know the best recommendation use case to provide to the customer. For example, if you are ingesting data from the firewall, you can see any traffic from the firewall itself.

There are many use cases. You can use it for all kinds of ingested data. 

The solution is stable.

It's scalable and expands well. 

It's easy to use. 

We haven't come across any shortcomings. 

We'd like them to show more inputs on the dashboard. 

The Wizard should be easier to use. 

I've been dealing with Splunk for three years and this particular solution for two. 

The solution is very stable. There are no bugs or glitches and it doesn't crash or freeze. 

It is a scalable product. 

We have around ten people using it currently. 

I don't have any insights into technical support. It's the same level of support as Phanton, as far as I know. 

I don't directly handle the deployment. I can't speak to if the implementation is easy or hard. 

There is a licensing fee a company would have to pay. The amount would depend on the data ingestion. It varies according to a company's use. It's not overly expensive. 

We sell and support this product. 

The product can be deployed on-premises and the cloud. 

I'd rate the solution nine out of ten. We're quite pleased with its capabilities. 

I would recommend the solution for others who need to monitor their infrastructure. 

I use Splunk IT Service Intelligence (ITSI) for SIEM.

Splunk IT Service Intelligence (ITSI) is a very good tool.

Splunk IT Service Intelligence (ITSI) is superior to QRadar in my opinion. We can get results with the help of Splunk.

Splunk outperforms IBM QRadar in terms of functionality.

The dashboard queries should be improved. More queries should be suggested in order to produce better dashboards.

I have been working with Splunk IT Service Intelligence (ITSI) for one year.

Splunk IT Service Intelligence (ITSI) is a stable solution.

I have never contacted technical support.

I have worked with IBM QRadar, Splunk, and Sentinel.

People say that IBM QRadar is easier to implement as well as to query things.

The initial setup is straightforward. It is very easy to implement.

Splunk pricing is high.

I was exploring LogRhythm, and multiple SIEM solutions, because we wanted to purchase a SIEM tool.

Definitely, I would recommend this solution to others who are interested in using it. Splunk should be used because it provides a better solution in terms of SIEM as well as reporting. If you want to use that tool for reporting purposes, it is a fantastic tool. You only need to create a query to get started.

I would rate Splunk IT Service Intelligence (ITSI) an eight out of ten.

The primary use case of this product is for infrastructure monitoring, and involving machine learning with IT-related scenarios.

The most valuable features are the agility, being able to ingest many data sources with no limitation on capacity.

It's flexible in terms of capacity and different sources, which is very good. You can build reports, alerts, and dashboards very quickly.

It offers comprehensive visibility and integration with the applications in the Splunk base, where you can find more than 2000 applications and most of them are free. 

It allows you to integrate with the leading vendor's software and hardware. Through these applications, you can extend the capabilities of the platforms.

You can get the pre-built dashboards and connectivity to many deeper elements with the product. For example, for Palo Alto firewalls, VMware, and all of the main vendors, it is easy to extend this on your own. 

The Splunk community will add knowledge as the documentation is very comprehensive, and has a Q&A site. 

You can store the entire data and keep it saved from different sources. The schema is only defined as soon as you ask the question and you do the search.

On the IT side, machine learning has the ability to analyze patterns in the data and predict events according to the trends. It can detect anomalies and display them on dashboards with the ability to drill up, or down to the specific elements or a specific event.

Splunk stores the data collectively, meaning that the same data can be used by different departments in the organization. It avoids the silo structure that is very common, unfortunately. Many organizations including big enterprises generate large amounts of data and the ability to collect it centrally with all of the different parts of the organization, with different access to the same data is very helpful.

The problem becomes the price, as Splunk is an expensive product. In some regards, it's not a large issue because when you compare apples to apples and not look only into the price tag, but, look at the infrastructure, the platform,  office time, and the people that you need to operate the other products, you will see that it's not necessarily an expensive product. It may even be cheaper than the others when looking at the bigger picture.

I have been using this solution for four months.

It's a stable tool.

This solution is scalable and it's up and running very quickly.

With technical support, there is a strict SLA that is published. It's public and except for one case, which was very nonstandard and not according to best practice, usually, it's very good.

I came from a different background. I was not selling any other product before Splunk.

It's very intuitive. The language is rich.

The return on investment is very quick. As soon as your implementation is complete, adding new data sources is fast. It's intuitive and if you know how to use it, you can get value within days.

I would prefer that the price be reduced, as it would be easier to implement it and to sell it.

Splunk is an organization that identifies the needs in the market.

They see that it would take time to develop in-house, so they look into other companies that are doing the best at the stream and they simply purchase it and embed it into Splunk. Some examples are Phantom and the SignalFx.

If you want to make the best out of this product, you need to learn it. You will need dedicated personnel because there is a lot that can be done with it. In fact, there are practically no limits. You just have to have a good imagination and the sky's the limit. You can do whatever you want.

The language is very rich. It allows you very deep analytics and it's very fast. The ability to present the insights is very quick and it's adaptable and extendible.

In the last few years, the need to analyze data is increasing. There are many organizations that use 30 to 50 different tools. My advice would be to get to know the philosophy of Splunk. It is a centralized data platform that can digest any kind of data.

It can be extended to whatever size they need and they can eliminate the need for usage of all other tools. 

A problem is that sometimes their decision may not be made based on logic. If for example, the customer purchased a different solution a few years back and from that moment on, even with the product limitations and was a very good product at the time, it lacks a lot of functionality today. The organization already invested thousands of man-hours in this product, which is consuming a lot of resources within the organization. It's not a logical decision, it's an emotional decision. 

What I learned in business administration when I was in university was "Forget Splunk costs, this is the main rule when you are doing your assignments."  Splunk is Splunk.

It is very easy to work with startups with new organizations. A startup company is one thing but when you have already invested in many other solutions you need to rethink your strategy and the way you work with the data, the value of the data, and where you think that your data can take you.

Many are not aware of the solutions that are available to them.

I am not aware of any specific areas in which the product lacks. Splunk is not only a great product but also, as a company it really supports its users with the customer support program and all of the documentation they have available, all of the conventions that are arranged, meet the experts, case studies, use cases, and the YouTube channel. If others were exposed to these concepts they would think it was the right decision to go with this product.

I would rate this solution a seven out of ten.