Splunk Cloud Platform Reviews

Our security team uses the Splunk Cloud Platform heavily. We index that data that is relevant to security for over a year. Most of our indexes, we only keep for 30 to 45 days. But for security, we keep it for a year here. It is an essential tool for our security team in investigating incidents and looking at the potential compromises, and exploits, of all those types of things. That's one example.

I'm one of two Splunk Engineers in the organization and almost every department uses Splunk. We create dashboards for different organizations. For example, We have temples all over the world. We produce statistics for the temples about how many people have visited each day, and how many sessions were done in different languages. That type of thing is all done through Splunk dashboards. Our missionary department has over 80,000 missionaries all over the world, statistics about what they are doing and the applications they are using are all done through Splunk.

Splunk Cloud Platform helped remove a lot of that administrative work, but also, it's much easier on the cloud for us to ramp up our SVC units if we see more demand and to be able to add more storage to our indexers. That's one thing for us as administrators that helps to be able to ramp it up quickly. When we were using Splunk Enterprise, that was a much more involved process, but now with Splunk Cloud, it's much easier to ramp that up. My partner and I are good at making sure that all of our users are using Splunk efficiently. We give them training regularly to make sure that their queries are well written, that they're not using indexes they shouldn't be, and that they're using the proper commands to be able to get the information they want. We do have to do this periodically because more and more of our users are using Splunk frequently, and we'll have to talk to a Splunk rep to increase our SVCs. For us, as administrators, that's very helpful.

We monitor multiple cloud environments using Splunk Cloud. It's been quite easy for us. We have an in-house Cloud Foundry and we use AWS and Azure quite a bit. We haven't had problems integrating or monitoring with any of those platforms. It's been great for us.

The end-to-end visibility that Splunk Cloud Platform has in our cloud-native environments is important. We do a lot of correlation across the entire enterprise. We need to have good visibility into all of our logs across all of our cloud Platforms, and in-house on-premise stuff, which we're getting with Splunk.

We use a lot of different monitoring tools, not just Splunk. We use Nagios, ThousandEyes, AppDynamics, and Dynatrace. Splunk is an important part of that. It is a mission-critical application for us. The alerts we set up in Splunk are ones we can't do with the other tools. Every one of those tools is a key piece of what we do as a monitoring team, but what we love about Splunk is that we can create alerts that we can't do with the other tools. That has helped us reduce our mean time to resolution.

The Splunk Cloud Platform has helped improve our organization's business resilience. Splunk helps predict, identify, and solve problems in real-time. What we love about Splunk is its flexibility to pull out data that we can't see in other applications or that the commercial office software has not produced itself. But through the logs and being able to adjust it to Splunk and being able to write the queries that we need to, we can pull that data out, and it helps us to be much more efficient in predicting potential problems because we know our applications well and know the red flags to watch for. We can create the alerts needed to predict when something can potentially go down or have problems.

We have seen cost efficiency by switching to the Splunk Cloud Platform. The biggest part for my partner and me is that Splunk Admins saves us time. I used to be the guy who would patch all of our enterprise indexers, servers, and distribution servers. That would take me quite a bit of time. Even though we had automated scripts that would do a lot of that, it still took a fair chunk of time to go out and do the maintenance and patching required. That freed up a lot of our time, made us a lot more efficient, and allowed us to work on other projects we couldn't do before. I do front-end development for some other products, but I didn't have the time before, and switching to Splunk Cloud has freed us up. Being able to ramp up our SVCs and storage is much easier than it was before. We had to spin up virtual servers, provision them, and ensure licensing. With Splunk Cloud, it's much faster and easier. The total cost of ownership has improved.

Before we started using Splunk Cloud, we were using Splunk Enterprise. My partner and I were spending quite a bit of our time keeping the servers patched, up to date, and running the way that we wanted them to. Now that's all gone with Splunk Cloud. That has freed up a lot of our time so that I can spend most of our time helping people, learning SPL, and helping them with their dashboards, alerts, and reports. Splunk Cloud has helped us to be able to focus on getting more information out of our data. Whereas before, we were doing mostly administrative stuff. Now we don't have to do that anymore.

We're interested in learning more about the new AI features, especially the natural language to SPL conversion. While we jokingly worry these features might replace us, our main focus is helping users understand Splunk and build dashboards. We're curious how these AI features will integrate into our work, how many people will use them, and if there will still be a need for our Splunk expertise. Overall, we're excited to see how AI will impact our work.

I have been using Splunk Cloud Platform for three years.

Splunk Cloud Platform has been extremely stable. In some of the major upgrades, like, when we switched over to version nine there were a few hiccups that caused performance slowdown, but as far as stability, it's been great. In the last year, it's been extremely stable and very performant. It's just in the months after some of the changes over to version nine, we had a few problems, but nothing since then.

We have no concerns about scalability. We frequently upgrade the number of SVC units we require. We're using Splunk Cloud enterprise-wide. We're getting more and more departments using Splunk or asking to use it. Everything is on Splunk on a basic level. Security is a big deal. All our virtual servers, cloud environments, and everything that ties into security are already being adjusted to Splunk. As far as the application level, people want to get more information out of their application or data. We don't have problems, questions, or concerns about scalability. We know it's there.

We have a big instance in the cloud, and we have occasionally had a few issues here and there that took some time to resolve. For the most part, the customer service and resolution of issues have been very responsive from Splunk. We just had a handful of issues here and there but for the most part, the support has been good.

Positive

We have been using Splunk for many years. Before Splunk Cloud, we were using Splunk Enterprise.

The deployment was straightforward because we migrated from Splunk Enterprise on-premises to the Splunk Cloud Platform.

We used an in-house Splunk consultant who worked with us for six to nine months to transition from Enterprise. He was efficient but it was a big process. It took at least six months to fully transition over because of our big footprint.

We saw a return on investment when we switched to the cloud platform from Enterprise. We were able to consolidate everything with the cloud.

We were involved in the renewal process, and our organization does reviews of all our partnerships that we have every two to three years to ensure they are meeting our needs, there isn't a better solution out there, and we won't save money by going somewhere else. It's usually a four to six-week process when reviewing software and partnerships, and every time we go through Splunk, the review only lasts one day. We love Splunk and we're not switching.

I would rate Splunk Cloud Platform ten out of ten.

We leverage the Splunk Cloud Platform to effectively manage the vast amounts of machine-generated data, thereby ensuring application management security compliance.

We implemented the Splunk Cloud Platform to enhance our customer experience and optimize the data storage costs. We can convert the log data into numerical data points when requested.

The Federated search helps retrieve data in a better way.

Splunk Cloud Platform simplifies monitoring across multiple cloud environments, providing real-time insights into operational flow. It also streamlines data conversion, reducing the data-driven process for the company.

Splunk Cloud Platform's machine learning and AI capabilities simplify data management and provide clear visibility into multiple environments.

The AI makes it easy to integrate with other systems and applications in our environment.

The Splunk Cloud Platform reporting provides good insight.

Splunk Cloud Platform significantly boosted our performance and cost-effectively optimized data sets, delivering immediate benefits.

Thanks to the Splunk Cloud Platform we can make decisions within the organization much faster.

Splunk Cloud Platform empowers our organization to access data efficiently, ensuring compliance with privacy and regulations through actionable insights.

Splunk Cloud Platform strengthens our security, particularly in handling complex processes.

The data management and instant search features are the most valuable ones for us, as they allow us to instantly retrieve information needed for reports and security compliance.

Splunk should increase the frequency of new feature releases, particularly those related to real-time operational flow monitoring and analytics reporting. It has been over a year since any significant updates were added to the Splunk Cloud Platform.

I have been using the Splunk Cloud Platform for one year.

Splunk Cloud Platform is stable.

Splunk Cloud Platform is scalable.

Splunk Cloud Platform's resilience is good.

The initial deployment was straightforward. The deployment took around four hours and required two people.

We evaluated Victoria Experience but it was not suitable for our environment.

I would rate Splunk Cloud Platform an eight out of ten.

We have around 150 users.

No maintenance is required from our end.

I recommend Splunk Cloud Platform. It helps monitor all the respective functions.

We use the Splunk Cloud Platform to log all the network devices, whether it's switches, routers, firewalls, wireless controllers, wireless access points, and applications such as MuleSoft or Adobe AEM. 

The team I manage is small and we don't have much time to maintain the on-prem infrastructure with patches and updates. With Splunk Cloud, we don't have to worry about patches or upgrades. It's always up to date with the latest and greatest features. That's the biggest benefit for us so far. It saves us time and headaches that come along with all the upgrades, patching, and administration of the Platform in general.

Splunk Cloud Platform has more features than the on-premise Splunk Enterprise version that we previously used. My team seems to like the GUI better.

Splunk Cloud Platform's ability to provide end-to-end visibility into our cloud-native environment is extremely important because we don't have any tool that has that feature.

It has sped up our mean time to resolve by 40 to 50 percent compared to the on-premise version of Splunk.

Our on-premises setup used an outdated Splunk version on aging Red Hat seven hardware. Upgrading would have required new Red Hat eight systems and consultant deployment expertise. By going to the cloud, we don't have to worry about hiring consultants or upgrades. That saved us time and money. The pricing that we were given was the same as renewing our maintenance and support for our on-prem version. So it was a no-brainer decision.

As soon as we migrated, my team liked the GUI because it made them more efficient. There are more functions and features that are not available with the on-premise version of Splunk.

We use Splunk Cloud primarily as a troubleshooting tool, so the most valuable features are the analysis and visualization.

Areas of improvement for Splunk Cloud Platform are difficult to say because we're still learning about the platform. I want to have the ability to process the ingestion before it is sent to the back end and Splunk just announced that the feature is coming, so now it just needs to be released.

I have been using the Splunk Cloud Platform for three months.

Splunk Cloud Platform is stable.

Splunk Cloud Platform is easily scaled on the cloud.

The few times we reached out to technical support, they were helpful and able to address the issues.

Positive

We previously used Splunk Enterprise and wanted to stick with Splunk because we feel it is the best product. So switching to the Splunk Cloud Platform was an easy decision for us.

The deployment was not difficult. We had consultants helping us. We thought it was going to take three weeks to migrate from on-premises to the Cloud, and it took half that time. It was a lot easier than we anticipated. And we were able to do most of the work ourselves without using the consultants.

We used Bitzios Consulting to help us with the implementation.

By moving to the Splunk Cloud Platform we saved on having to hire consultants to build a new environment and install it on-premises.

The price for Splunk Cloud Platform is the same as our maintenance costs for Splunk Enterprise on-premises.

I would rate Splunk Cloud Platform nine out of ten. Splunk Cloud offers several advantages in terms of ease of use. Since it's cloud-based, there's no need to worry about infrastructure maintenance, availability, or scalability. New features are automatically available, eliminating the need for manual upgrades and potential downtime that can occur with on-premise installations.

We have AWS and GCP but are using the Splunk Cloud Platform to monitor only the AWS for now.

While we currently use Splunk Cloud, we don't have Splunk security. We plan on implementing Splunk security and that's also going to integrate with all of our Cisco equipment. For now, I can't say that Splunk's unified platform has helped consolidate networking, security, and IT observability, but soon, it will because we'll be able to have one source, one point of reference for all of our logging and security information instead of managing separate tools for different tasks. Once we implement Splunk Security, it will be one single pane of glass where we will have everything.

I use the solution in my company, and its primary use cases have been related to the log correlation engine. Splunk Cloud Platform can be considered a central ingest point for gathering logs from all over our company's network, after which it is used to take and create reports. Security, detection, dashboards, and similar features are some of the use cases that can be associated with the tool.

The benefits my company has seen from using the tool would be that it gives you more of a single place to look at rather than having to jump from a bunch of different screens to look at current logs, as well as the ability to correlate data amongst different log sources.

Regarding the solution's most valuable features, I think that since many of our company's applications are Splunk-based, they can integrate with other tools within our tech stack, which allows us to expand our use cases.

In our organization, Splunk Cloud Platform provides end-to-end visibility into our cloud-native environment, and it is a very important area where we need visibility within our environment. It is one of the main tools I use for end-to-end visibility.

Splunk Cloud Platform has helped reduce the mean time to resolve. It helps find issues, which can lead to a better mean time to resolve overall. Depending on the detection type, it reduces the mean time to resolve by anywhere from 20 to 50 percent.

My company saw time to value using Splunk Cloud Platform pretty quickly, and we continue to see the value, specifically when we add in new sources and tune-up. In general, it has been pretty quick.

Splunk's unified platform helps consolidate networking, security, and IT observability tools since it gives our company a single platform where we can collect logs from all different sources.

I think the tool has some scalability issues, especially when used in larger organizations. I feel the searching part gets really slow, which is based on one's resources.

I have been using Splunk Cloud Platform for about six years. In general, I have been a Splunk customer for eight years.

I think the stability is pretty good. I haven't noticed any outages.

I think the scalability could be a little bit better because our company runs into some resource constraints that slow down our searches.

When it comes to the solution's technical support, I would say it all depends on what the request is or who is actually responding to our company's queries. We have had some people who have been great, but we have also had times where we had to escalate some issues to get our tickets looked at by someone from the support team. I rate the technical support a five or six out of ten.

Neutral

I think the tool has some scalability issues, especially when used in larger organizations. I feel the searching part gets really slow, which is based on one's resources.

The product's initial setup phase was fairly expensive since my company had to get some professional services to help us with the set up of everything. Overall, the tool freed up some manpower, resources, and hours from our personnel and management, so having the tool in our company made sense. Yeah.

The product's deployment phase was easy.

The solution is deployed using the cloud services offered by AWS.

My company had to get some professional services from a reseller named Resultant to help us with the setup of the tool.

I don't remember whether my company had evaluated other products against Splunk Cloud Platform. In the environment where our company made the switch over, I can say that we are happy with our Splunk usage in general. We just wanted a tool that was more resilient and didn't have to worry about the management on the back end.

My organization monitors one cloud environment with the help of Splunk Cloud Platform. The ease or difficulty of monitoring multiple cloud environments is not something that is applicable to my company.

In terms of Splunk Cloud Platform's ability to help improve our organization's business resilience and predict, identify, and solve problems in real time, I would say it is not possible in real-time. The solution gives our company the ability to do more of a retrospective analysis, which helps us with the current backup.

There are not any cost efficiencies I can think of that I have experienced after switching to Splunk Cloud Platform.

I think Splunk Cloud Platform is still probably one of the best tools out there in the market for enterprise organizations.

I rate the tool a seven to eight out of ten.

Our Splunk Cloud Platform centralizes logs from all OT assets, allowing OT business units to request various insights. These insights can include how often assets cycle down, memory storage usage, or data consumption over time. They can then configure dashboards to receive alerts based on these specific metrics.

The biggest benefit I have seen using the platform is the alerts because most of our sites are remote in the middle-of-nowhere deserts. If something goes down, they don't have direct eyes on them. Thanks to Splunk's automated alert that notifies us if something is down, we can quickly respond to it before it affects any other systems.

We do have several cloud environments that we're using because we got the Splunk Cloud Platform last month. We are integrating them all into one location, so we are still determining the ease of monitoring all the cloud environments using the Splunk Cloud Platform. Before having Splunk, it was a huge issue because we had to go to different locations. Having it all in one location under Splunk will make it much better for us.

It is important, especially for our cloud team to have end-to-end visibility into our cloud-native environments through Splunk Cloud Platform. The more visibility we have the better it is.

Splunk Cloud Platform has significantly reduced our mean time to resolve because instead of us having to go out to the site or having somebody on the site tell us a few hours later there is an issue, it could be within minutes now that we can resolve the issue. After all, as soon as it goes down, we get the logs, we get notified, and then we can immediately go in and check it out. So it is a significant amount of time that Splunk is helping us reduce for resolution.

Splunk Cloud Platform's ability to predict, identify, and resolve problems in real time has been huge, especially because our business units are operational technologies. They generate revenue for us. That's how our business stays afloat because we're in the energy sector. So If something goes down or if they want a quick dashboard, the biggest thing we're to be using as well besides the alerts is the dashboards showing how quickly we're remediating vulnerabilities and showing where they are vulnerable. That's going to be huge for the business side and will help us a lot.

Splunk Cloud Platform helps consolidate network security and IT observability tools. The cyber group gets all the alerts, but we can direct it to which person we want to send the alert to. That's good because they can go to IT, which is where we're at, Cyber, which can potentially help fix the problem, and then networking too in case something goes down. That is one of the requests is if an on-site asset goes down, the network team can see why it's off the network. So it's good that it spreads out everywhere, and whoever can help fix it can be on top of it.

Alerts are a huge benefit because we can customize them to each business unit's needs. Splunk automates the process and sends email notifications directly, which saves me time.

The AI features will be a huge improvement for Splunk. Using basic natural language in English instead of writing a regex expression will be helpful. For example, I can tell Splunk AI that I need to get the logs from last week between eight AM and ten PM on a specific asset. Instead of me going in, doing the regex expression, and then having to Google what it is because it's super hard to do sometimes. That is the biggest area for improvement. Hopefully, it will be released soon because that will simplify things for me and non-technical people. 

I have been using the Splunk Cloud Platform for one month.

Splunk Cloud Platform is stable.

Splunk Cloud Platform can handle terabytes of data.

The support has always been great for the few times I have used it.

Positive

The deployment is super easy. We deployed the Splunk Forwarder file and from there, we have a batch file, a PowerShell file, and it runs in the background. The users don't even know it's being installed.

The implementation was completed in-house.

In regards to a return on investment, the metrics are the biggest thing. Data is everything. The business units enjoy the dashboards that Splunk Cloud presents. And it is quick to present them.

Splunk Cloud Platform fell within our budget so we pulled the trigger and implemented it.

I would rate Splunk Cloud Platform ten out of ten. All the applications I need are readily available in a user-friendly dropdown menu. Exploring them is a breeze, and the platform's speed is impressive.

We mainly use it for the purposes of analyzing application logs to get a bit of understanding of what is normal application performance and then use that to highlight errors and inconsistencies when they occur.

Resilience is incredibly important to us. We are in the medical field. It is insurance. When people are using our service, we should be able to provide that. Having that resilience is key for us because we are helping people. The resilience that Splunk offers has been valuable in that regard. There is peace of mind for us and our customers.

We have multiple cloud vendors that are being utilized in Splunk. It has been useful. Splunk is able to handle a lot of things out of the box. There is a good bit of value in being able to make sense of multiple types of logs in one environment and being able to cross-reference them. It has just taken a lot of effort out of that.

We have integrated it with other tools. At the moment, it has been with Cribl as a pipeline tool so that we can be agnostic with Splunk in some regards. Cribl handles the logs being sent to Splunk, and then from there, if there is anywhere else where we want to send them, Cribl can handle that too. That has been our main integration. The ease of integration varies. Splunk offers out-of-the-box support for some tools and applications. Integration with them has been quite simple. Other things have been a bit more difficult. Integration can be more difficult if it does not have a Splunk base, but there is a good range of things that are available out of the box.

Its reporting has been excellent. We have integrated it with tools like ServiceNow, so we are able to create an instance for teams and integrate it with our NOC. The reporting has been incredibly valuable.

I come from a monitoring background. I knew from the get-go the value that we could get from Splunk, but we actually started to see its value once we started enforcing logging standards. It made it very easy for us to validate if something was or was not following our standards.

It has been great from the compliance perspective. It began to show value to some of our customers when they were able to search multiple applications because of the standards and compliance built into it.

It has had an impact on the decision-making processes in our organization. It has been mainly around compliance. Given it is a financial and medical sector, decisions have been made around what information we are storing in the logs and how we are managing the data that comes directly from Splunk.

It has been good for helping our organization access data for compliance and privacy regulations. It has been useful for pinpointing things. We are able to ensure that we are abiding by those standards. It has been incredibly useful in that space.

Dashboarding has been very powerful. I work with a lot of different customers, so being able to tailor the data for different customers has been valuable. I am able to make visuals and have reports where they can self-serve.

It would be nice to see more comparisons between Splunk and other log management tools. There are some legacy tools that people are often coming off. It will ease the transition if you are coming off a Windows LogViewer or any other logging tool. Splunk could offer more advice on how to transition into it or onboard it.

I have been using this solution for two years.

I have not had any issues related to stability.

This is outside of my department, but it seems like it would be easy to scale up. However, there is a cost concern. That always seems to be the linchpin when people discuss Splunk. It comes at a cost.

When it comes to extensibility, they make it relatively simple, but it is an expensive tool. There are always going to be conversations that need to be had.

The quality of the answer has been good. We have had to leverage the support only a small number of times. We found the actual portal to get support difficult. Some members of the team were not able to raise certain types of requests. However, when we got through to support, we had no issues.

Neutral

Prior to Splunk, we had a mixture of things. LogViewer and Graylog were used. Some folks had their logs locally. There was not one central system. 

I was not directly involved in decision-making, but some of the things that I called out as useful were the analytical tools that Splunk offers. We can very quickly get to the root cause by using its query language. It provides a lot of power with little effort. That is what initially drew me to it.

Moving to Splunk allowed standardization. That is the key. It does not matter which part of the company you are from. Splunk has given us a mechanism to say that we expect the logs to look like this, and we all are going to abide by that. It has made standardization a lot easier. Previously, you would not know what you were getting while dealing with a logging problem.

I was involved in its deployment only in a small cluster. I was mainly involved in setting up standards around logging. It was challenging. It was dense, but it was manageable. The feature set of Splunk allowed us to know what we could or could not do.

The main part of maintenance is the ingestion of new logs. New teams and applications get stood up every day, or a new cloud vendor comes in, so there is some maintenance involved there.

We had Splunk technical support. We had a mixture of people from other departments. We had some folks from security, and we had some folks from operations. There were 15 regular faces and 2 Splunk contractors. We involved other teams on an ad hoc basis, but the core team had 15 people.

Overall, we had 20 to 30 people who directly worked with Splunk in some way or for some period of time. We also had to involve all of the teams to get their feedback and educate them on how to use Splunk.

I do not personally deal with that side, but from discussions, I know that it is one of the more expensive tools. I do not have anything to compare it with.

New users should focus on the Splunk free courses. They are an excellent resource. If you are a customer, you should take up the search and reporting classes. That is probably going to be what 99% of people are using it for day to day. If you are a sysadmin user or someone setting up the instance, there are free classes for managing licenses and ingesting data. I would highly recommend them. The free classes are a great start, and if you think it would be valuable, take some of the paid classes as well. They are incredibly detailed.

When it comes to security, we definitely have a stricter attitude when things are going to the cloud because they are not fully in our control. Going to the cloud is always a little bit scary, but we have put in a refined approach for the data going into Splunk.

I have not made much use of federated search. I have come across it, but it is not something I have leveraged.

I would rate this solution a seven out of ten. What it does, it does well, but I do have qualms with it here and there. There are obvious features that are missing from time to time, but I am happy with what is there.

We use Splunk Cloud for monitoring various ticketing tools, servers, applications, URLs, and client transactions. We're monitoring the transactions and data flow. 

Splunk has sped up our response and reduced the time we spend manually monitoring any logs for ticketing tools or servers. It saves us around 2 hours daily. 

We can onboard multiple data types for monitoring from various ports and use Splunk to monitor laptops or other devices directly. If everything is stored in our database, we can also monitor that and see who is logging in and when. You can monitor which files are being used most and which ones aren't. We can also check for any fraudulent activity in the system. The reporting is highly detailed.

Splunk is best when used for real-time monitoring. We can use AI and machine learning, too. Splunk plans to launch new observability features soon. The federated search feature has helped us eliminate redundancy in data servers and discontinue servers that aren't being used much. We can remove those servers from the environment to cut costs. 

We can use Splunk to monitor multiple environments. The ease of monitoring depends on the source, application, or cloud environment size. 

Sometimes, integrating with other systems is difficult, and it isn't feasible to connect with other applications, but it's easy most of the time. I rate Splunk 7 out of 10 for its ability to integrate with other systems. 

Every time they launch new versions, we experience a few bugs. The most recent version had a couple of bugs in the databases. We contacted the vendor and got assistance solving these bugs, so the environment is more stable. 

I have used Splunk Cloud for 4 years. 

I rate Splunk 8 out of 10 for stability. It has some bugs, but that is common in any product. At least, Splunk resolves bugs quickly. 

Splunk's scalability is nice. 

I rate Splunk's technical support 9 out of 10. 

Positive

Splunk is easy to deploy. We have it deployed across data centers at multiple locations. Splunk requires some maintenance after deployment. 

Splunk is a bit pricey, but it's reasonable for the features offered. 

I rate Splunk Cloud Platform 8 out of 10. I would definitely recommend Splunk to others. 

The primary use cases of Splunk Cloud Platform are security log monitoring and compliance.

The most valuable feature of Splunk Cloud Platform is its flexibility and readiness because it's already prebuilt, and everything is click-to-go. Splunk has multiple features, but the cloud feature comes with that. It is built for a smaller organization, but that's how organizations grow. The solution is good for a new budding organizational group.

Splunk Cloud Platform should improve its integrations and consider multiple integrations or direct integration with other platforms like Microsoft Azure, Google Cloud, or AWS.

I would like to see more integrations because integration is related to bringing in more data. More integrations would increase the visibility and customer's point of scope. Customers are initially tied to one platform and stick to it because of its feasibility. Integration becomes a major challenge when they want to bring in different solutions.

Once they have different integrations from Splunk, they need not worry about security, things to monitor, or what compliance they must meet. Everything will be physical, and integration will bring in a lot of things.

I have been working with Splunk Cloud Platform for one and a half years.

Splunk Cloud Platform is a stable solution.

Splunk Cloud Platform's technical support is good. The support's technical capabilities are always great because everyone who is capable joins in and contributes. However, at a high level, we understand there is always a gap in automation. We have process automation that can be resolved or detected by customers.

The flaws in our cloud can be fixed. We can send an integration update to the customer and tell them that you must fix this so everything works fine. For a download-compatible system, you can update an older heavy forwarder version to a newer version to grasp the maximum out of it.

Positive

I have worked with a lot of other products, but not as a cloud solution. I have designed cloud solutions for other products like what Splunk currently has. I have worked with IBM, which has its own cloud platform, cloud monitoring solutions, and security solutions. Similarly, we have other market solutions that will act as a security solution, but they are in different behaviors. We have designed one for other customers, which monitors other cloud and hybrid solutions.

Splunk is currently at the top rating because I haven't explored other ones. I started exploring Microsoft Sentinel, which is a good competition for the Splunk Cloud Platform, and it's a healthy competition. I would like to see a very light-flavored source solution integrated with the Splunk Cloud. Once people start tasting source solutions, they will surely explore them more because that's how hunger is created. Other solutions already have the source solution in them. For example, Sentinel has its own source solution, which they give as an integrated part.

Splunk Cloud Platform’s initial setup was quite easy.

The Splunk team was involved in the solution's deployment.

Splunk Cloud Platform's pricing is a little on the higher end. When smaller organizations start their journey of onboarding log sources or security solutions, they think Splunk is quite worth it. But when they start growing, they feel it's quite eating up their budget on security. So, it is fine for smaller organizations. It all depends on how the discounts are provided.

Splunk Cloud Platform is used in our customer's company. The solution is deployed on the Spunk Cloud in our organization.

Splunk Cloud Platform is a very good product in the market, and you can use it wisely. Compared to other products for the cloud solution, you can use Splunk Cloud Platform for a wide range of tools. Splunk Cloud Platform is the best product to onboard for a new startup or a working good industry with a very small number of people. You don't have to sit in an office and work. You can work it from anywhere and integrate the log sources. That's how easy it is.

The cloud is not for a bigger organization. The one which is sitting in the environment can be used. For example, if you have one terabyte of ingestion per day, that is not what we expect a bigger organization to ingest on a cloud. It would become quite expensive to store, manage, and process.

It is good for smaller organizations because they have around 25, 30, or 100 GB of ingestion per day. If you want to grow bigger and bigger, you can use a hybrid model. If that model is available, that would be great for bigger organizations. For example, the cloud is integrated into the cloud, and on-premise is integrated into data centers. That should work fine.

Splunk does the solution's maintenance. From our side, the local integration material has to be maintained as per the cloud instance. It all depends on the customer. If the customer is fully on the cloud, it should not be a problem. We still have to upgrade heavy forwarders, universal forwarders, and deployment servers. However, the rest is taken care of by Splunk itself.

Our customers monitor multiple cloud environments, which are distinguished in their environment. It is integrated in a different format and not directly integrated. Monitoring multiple cloud environments using the Splunk Cloud Platform’s dashboards is quite easy and reliable.

It's a standard thing. I don't know about other comparative tools, but the first time I used Splunk Cloud Platform, it was quite good enough and can be used for the current organization.

I rate Splunk Cloud Platform's integration with other systems and applications in our environment a seven to eight. This is an average rating where you can see that the growth still has to be achieved. Splunk Cloud Platform should work on its integration with third-party products.

Splunk Cloud Platform has different types of formats, and those are enough. The rest of the reporting, like the presentation, should be done by itself. No one gives those. The reporting that Splunk Cloud Platform currently provides is enough.

It depends on the industry, but for financial or banking industries, Splunk Cloud Platform plays a major role in decision-making. If I want to rate it, you have to consider ten out of ten as Splunk or any other tool before they make any decision. If they have Splunk already, they should consider Splunk as a major partner to integrate and bring in more services apart from bringing any other solutions. That will create a multiple-glass observation, which will not be an easy decision. If one of our customers has Splunk, they must consider it a priority before bringing in any other solution.

Splunk Cloud Platform helps our organization access data for compliance and privacy regulations. Right now, Splunk is so feasible that it can integrate with any tool, anytime, and in any data format. So, it should not be a problem. Anyone brings in data in any format, Splunk Cloud Platform will surely meet it. The only thing is they need a good engineer to design it properly so that it brings in data properly.

An organization that does not have a security posture review is considered a zero, not a negative. We don't know when it becomes negative. The day they bring Splunk into the environment, it will obviously increase their visibility. Every time the security posture increases, they get to know the flaws.

Their observation of 24/7 monitoring, compliance, log monitoring, and forensics will come into the picture. They can enable everything in a single solution or product.

Splunk Cloud Platform is a resilient model. SIEM tools can perform post-detection. SIEM is not an EDR tool because it doesn't automatically detect something. A SIEM tool is used for compliance and audit. It is helpful for future investigation because it can record logs and keep them aside.

However, a SIEM tool does not have an automatic detection module. Although it has a prediction model, it does not have an auto-detection or blocking model. It cannot be a resilient tool, but it can be a vigilant tool.

Overall, I rate Splunk Cloud Platform a nine out of ten.