Splunk Cloud Platform Reviews

We use it for a lot of different things. I primarily use it for monitoring, alerting, and dashboarding.

It was a slow adoption at first, but as our development teams are learning the tool, we now have our teams making their own metrics for each of the different apps. I work in the web, mobile app, and email area. It provides insights into metrics that are happening and problems when they are happening. We also have alerting.

We monitor multiple cloud environments. It is pretty transparent because we have some on-prem stuff and we have off-prem in the cloud, so we are using both. We are transitioning from on-prem to off-prem. It is seamless because it does not matter from where data comes. When we switch to a new data source, I do not have to reinvent it. We are using AWS.

Splunk Cloud Platform has helped reduce our mean time to resolve (MTTR). I get alerts every day. Anytime things are out of kilter, it gives us an alert asking us to better go look and see if something is happening. A lot of times, something is happening. It could be serious. It could be not serious, but we use it a lot for monitoring. Identifying a problem is a lot quicker. Once you know what the problem is, it makes it a lot faster to resolve the problem. That is where different other tools come into play. I believe they now have the APM tool, and we are trying to ramp that up. For us, it is pretty critical that we quickly identify that we are having a problem. It probably makes the resolution 80% faster.

Splunk Cloud Platform has helped improve our organization’s business resilience. We manage multiple websites over nine different states. We have millions of users as our members. When we are having a problem, we do not want to impact them.

For my purposes, I like the ability to aggregate lots of data from different sources. I like being able to report for management and being able to get alerts on thresholds being out of sync.

It is sometimes slow. Some of that has to do with the queries themselves not being efficient, but sometimes it is slow. They changed their model a few years back. It seems to be working better for us as opposed to having some limits that they had.

I have been using Splunk since 2019.

I have not had any issues with it going down or not performing. It is sometimes slow, but that might not be because of Splunk Cloud. That could be because of our firewalls and other things that lead to Splunk Cloud.

Its scalability is fine. We have ITSI. We have Splunk Enterprise. We have some internal Splunk and external Splunk. Our company at first was weary about putting data on the cloud. We do not have those concerns now.

We have pretty good support. 

It is hard for me to rate them because I don't use their support much. We have a lot of expertise in-house.

I have used several old competitors. Computer Associates used to have a tool. New Relic was another tool. We are primarily using Splunk now.

We switched from New Relic. We have had Computer Associates's tool. A problem with these types of tools is they are costly to put in and then not that many people use them. You then have to justify it, so the adoption is the issue.

The setup is way easier for Splunk and the way the data is aggregated is easier. Overall, reporting and dashboarding are easier. A lot of the setup involved such as tagging and so forth is not as cumbersome in Splunk.

With Splunk, looking at our servers and all types of log files is excellent. I am kind of disappointed with our particular infrastructure. We invested all this money in Splunk. We are using it for monitoring, recording, and alerting, but our company has to embrace it for using it for security. We have already bought it. Our security team should be using and leveraging it, but they are not. They are using other tools. Our security team just does not want to use it, and they need a push and need to be shown that we are paying for it. They can still use the tools that they want, but maybe they need to be shown what all these tools can do. We could leverage what we are paying for better. Our management can push our security team and say that we are paying for this, and they should leverage this more or more now.

We had a consultant come in from Splunk and a third party. We did both.

I do not know what that is anymore. I have not been involved with that for a couple of years, but I know we are paying a lot.

Overall, I would rate Splunk Cloud Platform at least an eight out of ten. For the things that I do, such as dashboarding, reporting, and alerting, it is great. It does a good job.

I used it in my last organization for monitoring, intrusion detection, and intrusion prevention.

We wanted to take preventative actions so we implemented it.

The monthly security reports were detailed, and we got to know about a lot of vulnerabilities that we did not know about before.

It integrated well with other systems and applications in our environment. I would rate it a ten out of ten in terms of integration.

Splunk Cloud Platform had a good impact on decision-making processes in our organization.

It was helpful for data access for compliance and privacy regulations. I would rate it a nine out of ten in this aspect.

Splunk Cloud Platform had a very good impact on our organization’s security posture. The resilience that it offered was very important because we were dealing with client data.

For reporting, a lot of manual intervention was required to create the reports, but after that, it worked well.

Its interconnectivity with the cloud platforms, such as Azure and AWS, was valuable. 

We had multiple cloud environments. It was easy to monitor multiple cloud environments using the Splunk Cloud Platform’s dashboard.

Considering its price point, it does not need any improvement. However, it does require manual implementation.

There can be more modules and more integration with other areas in the cloud and on-prem. I am not sure whether it includes network devices and things like that.

I worked with this solution for one year and a half.

It is stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability and extensibility.

I got great support from them every time. I would rate them a ten out of ten.

Positive

We were not using any similar solution previously.

It was deployed on a public cloud. Its setup was quite complicated. A lot of steps were involved in implementing it.

We had some engineers from Splunk to advise on a couple of things.

We had three people involved in the deployment. They were all cloud engineers.

It did require maintenance. We had one person involved in the maintenance.

It was a good model.

We evaluated other solutions, but I do not remember the names. I know there was one from AT&T.

I would rate Splunk Cloud Platform a nine out of ten.

We are primarily using it for InfoSec, cybersecurity intelligence, information gathering, and forensics. We also do a little bit of application performance monitoring for some appliances that can only be monitored through log ingestion.

We are starting to monitor multiple cloud environments. We have our internal cloud, and we are migrating to AWS. We are engaged in that path. In terms of monitoring, it is more or less the same because we are using the same integration pattern, which is to use Ivy folders and gather logs. We use it at its minimum, but the way I see it at the Splunk conference, we can go further. Will we go further? That is a million-dollar question.

It has end-to-end visibility into our cloud-native environment. For sure, it is important for operation and application support, but we need to embark our staff and management for that. They are the ones who are committing big dollars to that.

It has not reduced our mean time to resolve because we are using other tools as well. We are aiming to go on that path in the coming months.

It specifically has not improved our organization's resilience. There are a myriad of modern tools that we are implementing. Splunk is one of them. It is one of them helping us.

Index Manager is most valuable because we do not have to bother about internal storage. It is all managed by the Splunk team.

The security connection should have a seamless integration. Other than that, the way we are using it, so far, it seems quite good.

We have owned Splunk Cloud Platform for the last year and a half.

The stability of the solution is quite good. 

We had challenges with the sizing of the cloud tenant that we purchased, but that was based on past decisions, so we are stuck with that until our next move. That should come in the next year. At that time, we will resize the tenant in a more efficient way, so scalability does not apply because the tenant we bought is a closed one. There is no scalability on either side. I learned that after the fact, so I am not impressed because we did not buy it. I guess people who buy that type can have good feedback on scalability.

We migrated from an on-premise solution that we had for about three years. We saw cost efficiency when we went from on-premise to the cloud, but I do not manage the budget.

We are using Dynatrace in parallel. We used Splunk as a cybersecurity tool, and we embraced Dynatrace a few years ago. So far, Dynatrace does a great job. Splunk is closing the gap. With today's announcement at the Splunk Conference, they are catching up. We are also using Microsoft SCOM, so it is a trio. It helps us do a better job.

I was not involved with the setup of the on-prem one, but I was involved with the migration to the cloud. My experience was interesting because I started from zero, but with the help of Splunk's professional teams, we could achieve our project. On a personal side, it helped me to gather the knowledge that brought me here at the Splunk conference.

The setup is always challenging. We had four or five people involved in the migration. We also involved a lot of key players in application migration. We had 20 to 30 people involved at some point in the migration path.

We used professional services.

We have, for sure, seen an ROI with Splunk. Our DevOps team is able to gather faster answers to their questions. Obviously, it brings value, whether it is Splunk or any other tool. 

We could see the ROI in a few months. We gave time to our DevOps specialists to embrace the solution and get used to it. From there, as they made their own usage and use cases of the tool, it gave them speed to achieve what they were looking for.

I would rate Splunk Cloud Platform a seven out of ten.

We're migrating our on-prem environment to Splunk Cloud Platform. We're consolidating two separate Spark clusters because of a merger. Our primary use case is for unifying all of that data into one place.

It's made searching for data easier. Users like it. We're still in the migration process, but overall, it's a lot easier to use.

It's important to use that Splunk has end-to-end visibility in our native environments. We have to have that visibility because we manage multiple app applications that rely on it.

Splunk helped to improve our organization's business resilience. That's very important to us. Our users rely on Splunk heavily for the health of their applications. It helps them to get ahead of issues, and if there is an outage, it enables them to resolve them faster.

Splunk gives the different application owners the ability to configure alerting specific to their needs so they can customize it however they want. If they know their applications better than you know, admins, I'll give them that flexibility.

The administration could use improvement. We have to rely on support more often than we're used to.

We have been using Splunk Cloud Platform for nine months.

Stability has so far been good. We haven't had any issues.

Their support is great, especially the agent that we have now. They're very responsive, willing to help out, and give suggestions.

Positive

We previously used Splunk Enterprise. We switched to Cloud Platform because we wanted to consolidate a couple of instances to one place and we're moving our security team to the cloud. 

I wasn't involved in the setup directly but I was aware of what they were doing. The setup is a little complex. We had some issues we had to deal with. Bringing both environments together and getting the different environments to communicate with Splunk Cloud was complex. We have a lot of data. Getting a handle on that before we were able to start sending data to the cloud was complex. 

It's expensive. We're still trying to figure out Cloud licensing. 

It's not so easy to monitor multi-cloud environments using Splunk. We have some difficulties, but we have some things in place, but it's not easy.

I would rate Splunk Cloud Platform an eight out of ten. There's a lot we haven't tapped into yet, so the rating can go up.

We mostly use Splunk Cloud Platform for monitoring performance and looking for performance events.

We have seen many benefits of Splunk Cloud Platform, which is why we are still using it. With the alerting, we can find outages faster, and we can find performance impacts faster. We are then able to use them to diagnose and dig through our logs to find out what possibly caused it or look for a time when it happened to find a correlating deployment or something else that caused the problem.

We monitor multiple cloud environments. Splunk Cloud Platform is pretty good for monitoring multiple cloud environments. We have it all come into the same index irrespective of the system. Even though we have multiple data centers, everything comes into the same Splunk index, so we monitor it all in the same place.

Splunk Cloud Platform has end-to-end visibility into our cloud-native environment, which is very important for us because otherwise, we would not be able to have the data or be able to diagnose and find issues.

We have been using Splunk Cloud Platform for a very long time. I do not even know a time without it, so it is hard to say how much it has reduced our mean time to resolve (MTTR).

Splunk Cloud Platform has improved our organization’s business resilience. We use it very heavily to look for issues that may arise. In terms of Splunk’s ability to predict, identify, and solve problems in real-time, we mostly rely on our own searches. We do not rely on a lot of advanced observability features. We are mostly using our own alerts that we have written and our own dashboards.

Dashboards and alerting are the most valuable features. The dashboards let us see how the system looks in terms of anomalies, and the alerts trigger us to go and look at what possible problems are happening.

Its performance can be better. The searches sometimes take a long time. There could be better searches, but mainly, it needs to improve the performance with a vast amount of data. That will make it better and easier to use.

Their support can also be better.

I have been using this platform for 12 years.

Its stability has been very good. We have only had a few outages that I can remember where Splunk has been down.

Its scalability seems okay. Most of our issues come with our data storage. We are storing mass amounts of data, and it seems to handle that right now.

Their support has been lacking a little bit. We have several outstanding bugs that have not been fixed yet, and we are still waiting for Splunk to fix them. For example, we cannot use Splunk Mobile because of an issue with the authentication and what permissions are available. We have not been able to use Splunk Mobile since the new app. I have used the old apps, and I was quite disappointed when they were broken. I have never been able to use the new app.

I would rate them a seven out of ten. For emergency issues, they are good. For lower-priority issues, we are still waiting.

Neutral

I was not involved in its deployment.

I know that the company evaluated a few other solutions, but I have not been as involved in those. We are still using Splunk.

I would rate Splunk Cloud Platform a nine out of ten because it does a good job at what it does. I wish I could use the mobile app, but the rest of it works very well.

The best value that I have received by attending Splunk conferences is finding out new things that I can do with my own job. Most of the time, it is disappointing because a lot of the new features have new applications that we have to buy, and I have no say in the purchase of new applications. However, there have been some new improvements in the applications that we already have, and I come for those updates. I am able to see if the new features in the existing applications are more useful to me.

We use Splunk Cloud Platform for IT operations, IT security, and business value. 

We implemented Splunk Cloud Platform to resolve our IT security issues.

The federated search feature is a valuable tool that can be used effectively in the right architecture. However, the extent it is utilized will vary depending on the customer's needs. In my experience, more advanced customers tend to use this feature more heavily.

Splunk Cloud Platform provides good visibility into multiple environments, including cloud, on-premises, and hybrid.

Splunk Cloud Platform is the best tool for a reason. It is a high-functioning solution with high integration for getting data in and out, and it is customizable.

The most significant benefit of using Splunk Cloud Platform is the freedom of data. The security team can see the data that's relevant to them, IT Ops can see the data that's relevant to them, and the business can see the data that's relevant to them. Sometimes, the same data is applicable to all three groups. Sometimes, it's not. But everyone has access to the data, and it's immutable. It can't be changed or deleted. The ability of all of these departments to leverage the same data is how Splunk Cloud Platform has benefited our company the most.

Splunk Cloud Platform has helped us make key decisions, such as cost-saving decisions related to licensing. It has also improved uptime and helped us improve performance in areas where our network or servers were not performing well. Additionally, it has helped us make better business and IT decisions and has supported our planned growth.

Splunk Cloud Platform helps us access data for compliance and privacy regulations. It currently has the features to mask data, perform the least privileged access, and provide only certain commands and functions within the platform.

We are the best in the industry because of Splunk Cloud Platform. Splunk Cloud Platform fills the SIEM role for our organization, and without the best SIEM, we would be no better than our competitors.

Splunk's extensibility is one of its best features. It offers a wide variety of ways to ingest data, generate reports, and create dashboards. Its integrations with other systems are also very impressive.

Splunk Cloud Platform's most valuable features are enterprise security and ticketing integration.

The reporting provided by Splunk Cloud Platform is often good, but it only provides the data and not the flash, whereas the other platforms provide both. From an enterprise standpoint, we are more limited in terms of what data we can export and how we can present it.

Navigating the solution can be more user-friendly.

The documentation has room for improvement and the price is high and can be improved.

I have been using the Splunk Cloud Platform for over five years.

When architected properly and maintained to an optimum level, Splunk Cloud Platform is unbelievably stable.

One of Splunk Cloud Platform's key selling points is its ability to scale to petabytes and beyond.

Base-level support is suboptimal. Enterprise customers need the premium support package. Responses are often delayed, and resolution is slow.

Neutral

Over the past 25 years, I have used several different solutions. In the past, I preferred using a terminal interface rather than a web interface. Splunk has an API and a mobile app, but ultimately, Splunk users are confined to their browsers. This is one thing I would like to change, as I would prefer to be able to use Splunk outside of a browser. However, this is also one of Splunk's biggest advantages, as it is a universal platform.

We used Splunk Enterprise before migrating to Splunk Cloud Platform.

My knowledge of Splunk has since grown exponentially, but the first time I deployed Splunk Enterprise eight years ago, it was unbelievably hard. There were so many moving parts and things to consider. It was too much for one person to figure out, and I didn't have the budget to get help from the Splunk team.

The cost of using Splunk Cloud Platform is high, but the value it provides is worth the investment.

I give Splunk Cloud Platform a nine out of ten.

Monitoring multiple cloud environments is never easy. We are looking forward to new features from our cloud partners, such as AWS Security Data Lake, Google, and Microsoft. These features will make it easier to integrate our cloud environments. Splunk Cloud Platform is currently the best solution for collecting data from multiple cloud environments. AWS has five million different ways to export data, and we need to use all of them to collect all of the security and IT-related data. Splunk supports all of these data sources.

A year ago, I would have said that Splunk needed automated response, an easy-to-detect, easy-to-run, and manage business analytics platform, a user and entity-based business analytics platform that is integrated within the product, threat intelligence, and a current dashboarding tool. Splunk now has all of these features. A year ago, Splunk's competitors had these features, but Splunk did not. Splunk has since acquired or developed these features in-house. Very little in Splunk's product is not tightly integrated into the current releases. If someone is starting from scratch, meaning they are just rolling out a new security solution, and they do not choose Splunk, they are making a mistake. Splunk provides so much of everything that it is the best choice for most organizations.

We perform daily maintenance on the solution.

I advise new users to find someone who knows Splunk. Even a good technical person will not be able to do this on their own. They are not going to train them on day one. Good technical people who know Splunk are valuable assets, so they should seek them out and get them on the project.

I was working as a DevOps engineer in India. I was working for the payments domain of a client. We were mostly using Splunk for monitoring the production, deployment of API, and traffic. 

We had two cloud platforms. When I joined the team, we were deploying all our APIs in Pivotal Cloud Foundry (PCF). We then migrated to AWS Kubernetes. We were able to monitor both platforms in Splunk. When we migrated to Kubernetes, Splunk helped us. When we were having the transaction loss, we were able to find out which node was throwing the error. We were able to fetch the details according to the nodes in Splunk. We were using different keywords on these platforms for fetching the data. 

We could create our own query, and we could create our own alerts for a particular API. We could also configure these alert notifications to be mailed to particular managers and owners. We could just go through the alert to check if the API was running well or needed to be fixed.

As compared to other tools, it is very easy. It is very easy to learn. It also integrates well. 

The reporting features are very good. The dashboards are very nice. We could create our own dashboards to monitor any volume dips or transaction loss. 

The search for bulk data needs to be improved. When we were looking for the flow, we had to search really hard. I wanted to request the Splunk team to add some features for better search because getting the flow of the bulk data was sometimes hard.

I have worked with this solution for almost three years.

It is stable, but we did experience two or three downtimes.

We had three or four monitoring tools other than Splunk. We had AppDynamics, Grafana, and others, but we were mostly concentrating on Splunk because we were able to fetch all the details from a particular transaction using Splunk. We were able to create our own dashboard so that we get alerts regarding errors or transaction loss for the customer. The most useful thing was that when we were fetching details from a payment ID or a grid, we were able to track the complete workflow for that API. We were also able to fetch the details about whether the issue was in our team or the external team. We were able to track that very accurately using Splunk.

It is not that complex. We just need the knowledge. We just need to know how to query the alert and set up dashboards. As compared to AppDynamics and Grafana, it is a lot easier.

Our dev team could set up a dashboard and deploy everything in two weeks.

It is not that expensive.

If the company is working on API-based deployment and API-based developments, then I would recommend Splunk. It is useful for tracking the flow and fetching the data.

Overall, I would rate it a seven out of ten.

Splunk Cloud helps us to combine all our environments. For example, multiple business units can be combined into one even if they are in different geographic locations. 

It helps us with hosting from different geographical locations. 

The speed of the cloud environment is great. 

We only buy the services we need. We don't have to pay for other things we don't. It makes the pricing very economical. 

We use the solution's federated search feature. It's easy for us to use. It helps us search logs, analyze, and manage data.

We are able to monitor multiple cloud environments using our Splunk Cloud dashboards. It makes the process very simple. We just have to maintain different teams for different environments.

The solution is great within hybrid environments. It gives us good visibility across everything. 

It works well for sizable environments. 

The product integrates well with other systems and applications in our environment. We haven't had any issues with integration at all. However, if we ran into issues, we could call Splunk support. Having an issue would be a very rare event. 

Reporting is very good. It's the same for all Splunk solutions. Having multi-cloud instances in one place is great.

We have multiple business units and easily integrate them into the cloud, as well as different infrastructures from different areas. We can deploy a Splunk agent on any cloud - AWS, Google, etc.

The company can access data easily for compliance and privacy regulations. The privacy aspect has been very good.

Having resilience has been very helpful in our organization. 

Training should be free of cost. They need to provide more training options. 

There are no missing features at this time. 

I've been using the solution for two and a half years. 

The solution is stable.

We have 30 people using the solution in our organization. The product is scalable.

Technical support has been good. 

Positive

We did also use LogRhythm. It has a very good UI in comparison to Splunk, yet it doesn't have as many capabilities and does have a few more restrictions. That said, it's a good product for creating use cases and automation, which is easier than Splunk. We moved to Splunk as LogRhythm did have some restrictions. 

I have previously done deployments of Splunk. The setup is pretty straightforward. 

Were a system integrator of Splunk. We help clients set up the solution. 

We've had six or seven people setting up the solution. 

The maintenance is pretty manageable. I'd rate maintenance needs seven out of ten. 

I'm not sure if we have noted any ROI while using Splunk.

The pricing is reasonable. They provide good options for licensing. 

I did not evaluate any other options. 

We are integrators and also users of Splunk. 

We have multiple solutions we use for security, of which Splunk is one of them. So far, it's been very good from a security perspective, although we don't solely rely on it.

I'd recommend users work with Splunk in the cloud environment. I'd recommend the product in general to others. 

I would rate the solution nine out of ten.