I highly recommend Splunk Enterprise Platform for organizations with large volumes of logs and multiple servers, as it provides good ROI for big companies. However, due to its cost, it may not be suitable for small organizations.
To first-time users, I can say that proper analysis and bandwidth utilization, cloud resource monitoring, and cost optimization are the things I would ask one to check in the tool. It is not easy for beginners to use, and for freshers, it will take time to understand the tool. From a security perspective, I rate the tool a nine out of ten. From a user and the console perspective, I rate the tool a seven out of ten. In general, I rate the tool an eight out of ten.
Before using the Splunk Enterprise Platform, basic knowledge of log analytics tools like Logstash is beneficial. While it does not require specific prerequisites, having some background knowledge will help. Remember that Splunk is a paid service, unlike other log analytics tools like ELK Stack, which may offer free versions. I rate the overall solution a nine out of ten.
Currently, we are on-prem. However, we have started cloud migration in the last few months. I rate the overall solution a ten out of ten. In daily life, every IT company should use it to monitor its logs. It is an emerging tool.
Splunk Enterprise Platform allows customized data processing, making it highly versatile and easy to maintain. It seamlessly handles tasks like data masking and filtering, ensuring efficient data management. When it comes to the visualization on the dashboard within the Splunk Enterprise Platform, we do have the chart available, and all its features are included. Additionally, if you require customization for a new customer's preferences, we can implement it using HTML or XML code. The primary approach for developing dashboards is based on XML. Therefore, if you need specific features like radio buttons or checkboxes, they are readily available for inclusion in the dashboards. I recommend the solution. Overall, I rate the solution a nine out of ten.
Senior Software Engineer at Torry Harris Integration Solutions
Real User
Top 10
2024-04-25T15:13:00Z
Apr 25, 2024
Our experience with the Splunk Enterprise Platform has been positive regarding administration and development. However, there are some concerns regarding visualization. Despite our team's proficiency in activating and completing tasks, the dashboard's complexity has decreased user satisfaction. Many users find the visualization lacking when viewing multiple panels simultaneously. They express difficulty in navigating the UI and feel uncomfortable with it. Addressing these concerns would enhance the overall user experience from end to end. Overall, I rate the solution a nine out of ten.
Learn what your peers think about Splunk Enterprise Platform. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Splunk Enterprise Platform does not have a few application add-ons. Therefore, when we aim to integrate log sources from new or important ones that Splunk lacks add-ons for, we resort to developing custom add-ons. While this approach allows us to proceed with our work, it requires significant human effort and increases the likelihood of errors. Moreover, troubleshooting becomes time-consuming under these circumstances. Ideally, Splunk would offer add-ons for every possible application, significantly improving our efficiency and effectiveness. The Splunk Enterprise Platform offers excellent visibility through real-time monitoring. Whenever any data matches our client's SQL code, it triggers an immediate alert, allowing us to respond to incidents swiftly. This capability is highly beneficial during any incident, making Splunk an invaluable tool. There are various components, such as Universal Forwarder, Indexer, and Search Head. These components are relatively straightforward to set up. However, when implementing a distributed environment or setting up clustering, Splunk offers robust capabilities. Additionally, managing data storage sizing is also seamless. Overall, I rate the solution an eight out of ten.
The solution has helped us with our security information and event management. If someone performs deletion operations, we get an automated alert informing us that a privileged activity has been performed. We forward the logs in real-time. We are ingesting 10GB of data into the solution daily. We have some input filters in the solution's dashboard. Overall, I rate the solution an eight out of ten.
I use the Platform to monitor my IT infrastructure. There are apps for Linux and Windows servers that capture performance metrics like CPU and memory usage. These metrics are collected and sent to the blank index through forwarders. Splunk helps with security information and event management by detecting and monitoring network equipment and firewalls. It saves searches for specific terms, like threats, in firewall logs. When a match is found, it alerts about potential security breaches, helping to detect and address them. The real-time processing capability in Splunk enhances data monitoring by centrally collecting all data. This allows for easy searching and scheduling of searches, reducing the need for manual intervention. The dashboard and visualization features in Splunk impact data analysis by providing a clear status of data analysis. Users can create customized views for management, helping them understand what is happening within the infrastructure more effectively. I would recommend Splunk to others, especially from the CIM perspective. Its data analysis and visualization capabilities are unmatched, making it an excellent choice for SIM. Overall, I would rate Splunk Enterprise Platform as a nine out of ten.
I rate the overall product a seven out of ten. I would recommend it for incident management reporting. I would not advise it for understanding user behavior or usage. If I had to choose between Splunk Enterprise Platform and Amplitude, I would probably go with Amplitude, but I also have no familiarity with what their incident reporting is like.
I can recommend the product after considering the needs and budget of the customers, as well as the company's size. I rate the overall tool an eight out of ten.
Splunk Enterprise Platform is a good and easy-to-use solution. It has to be regularly upgraded to the changing network or customer needs. Overall, I rate Splunk Enterprise Platform an eight out of ten.
Security Architect at a comms service provider with 10,001+ employees
Real User
Top 20
2023-10-12T10:33:04Z
Oct 12, 2023
I would recommend the product to those who plan to use it, provided the pricing of the solution is brought down. I rate the overall product an eight out of ten.
We have annual automation for our automated building and availability building. The maintenance is easy. We will do a vulnerability scan. Then, we need to ask someone from the Splunk team to confirm that upgrading to this version of Windows or applying monthly or weekly patches will not impact the Splunk application. It's not easy or feasible to reach out to Splunk directly. Splunk is an enterprise software platform that monitors storage, CPU, RAM, Windows logs, and Cisco network logs on large machine setups. I suggest Splunk to anyone with these needs. Overall, I rate the solution an eight out of ten.
I would suggest using Splunk Cloud first, and then Splunk Enterprise because the maintenance and the infrastructure management are easy. I would rate it an eight out of ten.
Explore data of any type and value — no matter where it lives in your data ecosystem. Drive business resilience by monitoring, alerting and reporting on your operations. Create custom dashboards and data visualizations to unlock insights from anywhere — in your operations center, on the desktop, in the field and on the go. Use data from anywhere across your entire organization so you can make meaningful decisions fast.
I highly recommend Splunk Enterprise Platform for organizations with large volumes of logs and multiple servers, as it provides good ROI for big companies. However, due to its cost, it may not be suitable for small organizations.
To first-time users, I can say that proper analysis and bandwidth utilization, cloud resource monitoring, and cost optimization are the things I would ask one to check in the tool. It is not easy for beginners to use, and for freshers, it will take time to understand the tool. From a security perspective, I rate the tool a nine out of ten. From a user and the console perspective, I rate the tool a seven out of ten. In general, I rate the tool an eight out of ten.
Before using the Splunk Enterprise Platform, basic knowledge of log analytics tools like Logstash is beneficial. While it does not require specific prerequisites, having some background knowledge will help. Remember that Splunk is a paid service, unlike other log analytics tools like ELK Stack, which may offer free versions. I rate the overall solution a nine out of ten.
Currently, we are on-prem. However, we have started cloud migration in the last few months. I rate the overall solution a ten out of ten. In daily life, every IT company should use it to monitor its logs. It is an emerging tool.
Splunk Enterprise Platform allows customized data processing, making it highly versatile and easy to maintain. It seamlessly handles tasks like data masking and filtering, ensuring efficient data management. When it comes to the visualization on the dashboard within the Splunk Enterprise Platform, we do have the chart available, and all its features are included. Additionally, if you require customization for a new customer's preferences, we can implement it using HTML or XML code. The primary approach for developing dashboards is based on XML. Therefore, if you need specific features like radio buttons or checkboxes, they are readily available for inclusion in the dashboards. I recommend the solution. Overall, I rate the solution a nine out of ten.
Our experience with the Splunk Enterprise Platform has been positive regarding administration and development. However, there are some concerns regarding visualization. Despite our team's proficiency in activating and completing tasks, the dashboard's complexity has decreased user satisfaction. Many users find the visualization lacking when viewing multiple panels simultaneously. They express difficulty in navigating the UI and feel uncomfortable with it. Addressing these concerns would enhance the overall user experience from end to end. Overall, I rate the solution a nine out of ten.
Splunk Enterprise Platform does not have a few application add-ons. Therefore, when we aim to integrate log sources from new or important ones that Splunk lacks add-ons for, we resort to developing custom add-ons. While this approach allows us to proceed with our work, it requires significant human effort and increases the likelihood of errors. Moreover, troubleshooting becomes time-consuming under these circumstances. Ideally, Splunk would offer add-ons for every possible application, significantly improving our efficiency and effectiveness. The Splunk Enterprise Platform offers excellent visibility through real-time monitoring. Whenever any data matches our client's SQL code, it triggers an immediate alert, allowing us to respond to incidents swiftly. This capability is highly beneficial during any incident, making Splunk an invaluable tool. There are various components, such as Universal Forwarder, Indexer, and Search Head. These components are relatively straightforward to set up. However, when implementing a distributed environment or setting up clustering, Splunk offers robust capabilities. Additionally, managing data storage sizing is also seamless. Overall, I rate the solution an eight out of ten.
The solution has helped us with our security information and event management. If someone performs deletion operations, we get an automated alert informing us that a privileged activity has been performed. We forward the logs in real-time. We are ingesting 10GB of data into the solution daily. We have some input filters in the solution's dashboard. Overall, I rate the solution an eight out of ten.
I use the Platform to monitor my IT infrastructure. There are apps for Linux and Windows servers that capture performance metrics like CPU and memory usage. These metrics are collected and sent to the blank index through forwarders. Splunk helps with security information and event management by detecting and monitoring network equipment and firewalls. It saves searches for specific terms, like threats, in firewall logs. When a match is found, it alerts about potential security breaches, helping to detect and address them. The real-time processing capability in Splunk enhances data monitoring by centrally collecting all data. This allows for easy searching and scheduling of searches, reducing the need for manual intervention. The dashboard and visualization features in Splunk impact data analysis by providing a clear status of data analysis. Users can create customized views for management, helping them understand what is happening within the infrastructure more effectively. I would recommend Splunk to others, especially from the CIM perspective. Its data analysis and visualization capabilities are unmatched, making it an excellent choice for SIM. Overall, I would rate Splunk Enterprise Platform as a nine out of ten.
I rate the overall product a seven out of ten. I would recommend it for incident management reporting. I would not advise it for understanding user behavior or usage. If I had to choose between Splunk Enterprise Platform and Amplitude, I would probably go with Amplitude, but I also have no familiarity with what their incident reporting is like.
There are some problems in managing the tool when it exceeds certain limits. Overall, I rate the product a nine out of ten.
I can recommend the product after considering the needs and budget of the customers, as well as the company's size. I rate the overall tool an eight out of ten.
Splunk Enterprise Platform is a good and easy-to-use solution. It has to be regularly upgraded to the changing network or customer needs. Overall, I rate Splunk Enterprise Platform an eight out of ten.
I would recommend the product to those who plan to use it, provided the pricing of the solution is brought down. I rate the overall product an eight out of ten.
We have annual automation for our automated building and availability building. The maintenance is easy. We will do a vulnerability scan. Then, we need to ask someone from the Splunk team to confirm that upgrading to this version of Windows or applying monthly or weekly patches will not impact the Splunk application. It's not easy or feasible to reach out to Splunk directly. Splunk is an enterprise software platform that monitors storage, CPU, RAM, Windows logs, and Cisco network logs on large machine setups. I suggest Splunk to anyone with these needs. Overall, I rate the solution an eight out of ten.
I would suggest using Splunk Cloud first, and then Splunk Enterprise because the maintenance and the infrastructure management are easy. I would rate it an eight out of ten.