We are a solution provider with many technologies. We use Splunk to customize solutions with Splunk. For example, we try to give our customers a great visualization experience. And sometimes we develop on the Splunk platform, like JavaScript, to provide the customers a better visualization. We also implement ITSI. In-house we can implement Enterprise Security.
Splunk Consultant at Yssy
Stable with good customization potential and easily scalable
Pros and Cons
- "The flexibility to develop and consolidate many solutions into one platform is great."
- "Some of our customers occasionally require the development of the connectors when there are no native connectors so that we can develop in Python or for customer slash comments as well. If they could adjust that, it would be ideal."
What is our primary use case?
What is most valuable?
We can customize the visualization. For example, if the customer wants to have a better visualization experience, we can develop it on the front-end of the platform in order to provide a better user experience.
The flexibility to develop and consolidate many solutions into one platform is great. We've portrayed many parts of the solution in order to provide complete solutions. We can develop various parts that customers desire into Splunk platform due to the fact that it is so flexible and does allow for customization and specific tweaks.
What needs improvement?
Some of our customers occasionally require the development of the connectors when there are no native connectors so that we can develop in Python or for customer slash comments as well. If they could adjust that, it would be ideal.
For how long have I used the solution?
We've been using the solution for a while. We implement it for clients.
Buyer's Guide
Splunk ITSI (IT Service Intelligence)
March 2025

Learn what your peers think about Splunk ITSI (IT Service Intelligence). Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,651 professionals have used our research since 2012.
What do I think about the stability of the solution?
The solution is great in terms of stability. It doesn't have bugs and it's not glitchy. It doesn't crash or freeze. It's rather reliable.
What do I think about the scalability of the solution?
The scalability is great. We can scale horizontally, meaning we can deploy a small solution, and if, according to the needs, it needs to expand, it can horizontally do so.
We implement Splunk to our clients, and they all vary in size. We've implemented it to banks and in places where there are more than 500 users on Splunk. Some of the implementations were sizable.
How was the initial setup?
Typically, implementation is complex initially. Splunk is easy to set up when you are looking at the basics. When you're looking for advanced configurations or advanced development it's never easy but it's possible.
What other advice do I have?
We are a Splunk reseller. We're consultants. We use Splunk to develop a solution for our customers and therefore use multiple deployment models.
Overall, on a scale from one to ten, I would rate this solution at a ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Senior consultant at a tech services company with 51-200 employees
Enables comprehensive event management and improves organizational security through efficient alert correlation
Pros and Cons
- "Having worked closely with Splunk support engineers, I've observed their high capabilities in resolving issues."
- "Splunk ITSI could benefit from including more features that other solutions support, such as vulnerability management modules."
What is our primary use case?
Splunk ITSI (IT Service Intelligence) is primarily used for managing alerts and events. It helps me monitor different APIs in inbound and outbound scenarios and triggers alerts. The tool is primarily used to handle threat intelligence and manage event alerts, despite certain limitations like false positives.
How has it helped my organization?
Splunk ITSI has enabled us to better manage events and alerts, aiding in quicker data retrieval and enhanced system uptime. Its ability to correlate multiple event sources allows for comprehensive integration, which has been valuable in improving our organization's security posture.
What is most valuable?
Splunk ITSI allows for integration with threat intelligence, enabling my organization to correlate more than two events for generating alerts. It has a swift data ingestion and retrieval capability due to its robust query language. The system helps reduce data loss and improve event management, offering a platform for various deployment models. The global trust in its capabilities is evident, especially given the preference by financial sectors. Additionally, having features like IT Service Intelligence enhances our organization by providing actionable insights quickly, which is crucial for operational efficiency.
What needs improvement?
Splunk ITSI could benefit from including more features that other solutions support, such as vulnerability management modules. This would help manage vulnerabilities effectively, allowing my organization to track patch management and compliance more thoroughly. It would be beneficial to include a feature that provides comprehensive vulnerability management similar to open-source solutions.
For how long have I used the solution?
I have been working with Splunk ITSI (IT Service Intelligence) for nearly two and a half years.
What do I think about the stability of the solution?
Splunk ITSI is quite stable, and I would rate its stability at around eight point five to nine. The setup, however, must be done correctly as incorrect deployment can lead to issues.
What do I think about the scalability of the solution?
Splunk is highly scalable, with the ability to expand efficiently. I would rate its scalability at nine.
How are customer service and support?
Having worked closely with Splunk support engineers, I've observed their high capabilities in resolving issues. The technical support is excellent, and I would rate it at ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we have used other solutions like Wazuh and IBM QRadar. We recommend Wazuh primarily due to its lower cost and robust capabilities, although it may lack in certain areas where Splunk ITSI excels.
How was the initial setup?
The initial setup for Splunk ITSI can be a complex process, especially when compared to the simplicity of open-source solutions like Wazuh.
What's my experience with pricing, setup cost, and licensing?
Pricing can vary significantly based on the selected modules and deployment choices. Splunk ITSI tends to be more expensive compared to some open-source solutions.
Which other solutions did I evaluate?
We have evaluated several solutions, including Wazuh, IBM QRadar, and other open-source platforms.
What other advice do I have?
Overall, I would rate Splunk ITSI at nine or nine point two. I would recommend it for enterprise-level organizations due to its cost implications; smaller companies may prefer open-source solutions to reduce expenses. The solution could improve by integrating more vulnerability management features. I would rate the overall solution at nine.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 26, 2025
Flag as inappropriate
Buyer's Guide
Download our free Splunk ITSI (IT Service Intelligence) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
IT Alerting and Incident Management Application Performance Monitoring (APM) and ObservabilityPopular Comparisons
Splunk Cloud Platform
Buyer's Guide
Download our free Splunk ITSI (IT Service Intelligence) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How do you decide about the alert severity in your Security Operations Center (SOC)?
- What is an incident response playbook and how is it used in SOAR?
- What is the difference between mitigation and remediation in incident response?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- What measures should a business have in place to enable an effective incident response for data breaches?
- Why a Security Operations Center (SOC) is important?
- When evaluating Incident Management Software, what aspect do you think is the most important to look for?
- What are some Incident management best practices to keep in mind?
- GoDaddy has been hacked again. What can be done better?
- Why is IT Alerting and Incident Management important for companies?