Splunk Cloud Platform Reviews

We are using Splunk Cloud as a log aggregator. All our application logs come to one place, and we do the aggregation, troubleshooting, and investigation. It has many different kinds of production troubleshooting.

We went from a manually reviewing logs to an automated time-series base with Splunk Cloud. It has helped our organization a lot.

Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving

Splunk Cloud could improve by having pre-defined templates. It has very good design views, but there is no predefined template. You have to define your own. If they could add predefined templates for different use cases.

I have been using Splunk Cloud for approximately three years.

Splunk Cloud is highly stable. However, we had minor issues but we were about to fix them. We needed more capacity. The search capacity had to be increased as we looked at it because our logs move a minute of latency, it is almost in real-time

Splunk Cloud is scalable. If we want to expand we only need to add new hardware. it is much easier having the solution be cloud.

We use the solution every day. All the production support analysts are using the solution. There are approximately 50 people using it in my area.

I have not needed to use the support.

We have not used another solution previously.

The initial setup of Splunk Cloud was complex because we have a lot of logs. We had a lot of architectural setup discussions but we were able to do it. The level of difficulty for the implementation is in the medium range. It took us approximately 25 minutes.

It's an agent-based system, and you only have to enable it. There is an access control setup to control what to send, and what not to send. The deployment was quick. The adaptation or the implementation takes time  because you've got to go through all the infrastructure setup

I rate the initial setup of Splunk Cloud a four out of five.

We did the implementation of Splunk Cloud in-house and using two contractors. After the solution is implemented we do not need someone to manage it very often.

There are additional features that you would need to purchase depending on your use case.

I rate Splunk Cloud a seven out of ten.

Splunk is an event log manager. We have reservation and event logging dashboards integrated from the data dock to Splunk and we have all the specific dashboards that we work with in Splunk for log management.  

We became pretty complete with our reporting using Splunk for all the log and event capabilities. I would rate this product as somewhere around seven or eight-out-of-ten for the logging capabilities and how that has added to the oversight of our business.  

The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.  

The pricing models should be improved and optimized. Right now, the pricing is a bit too expensive.  

One other thing you need is more ability to customize the dashboard to the way you want to have it. If you had a template that you could create and label inside of Splunk that would be good.  

One good thing that could be added to the AWS side of the solution is that you should have an OPS (Operation Alert) alert built into the dashboard that comes with Splunk. That would be very useful. For example, if you have a pre-defined template creator to fill in the information to forms that are loaded. That would be really beneficial.  

I have been using Splunk Cloud for more than four years now, in total.  

We have not experienced or even heard much about bugs or other problems people are having with Splunk. It seems pretty stable.  

Scalability is good, but the cost factor in scaling is really high. That is the reason why we are interested in working with products and solutions that will help us optimize our costs and may be looking into other solutions.  

We probably have something around a hundred users who work with Splunk. Mainly they are architects, enterprise architects, and data-link architects. We also have business analyst systems. We have not had a problem in changing or growing these roles.  

I have not had direct experience with the Splunk technical support because I leave it to the other teams in our organization because I am not really in a position to use Splunk support.  

I have only been working with Splunk for these past three years. I am not too much of an expert. I left my role as an officer in an organization in 2014, so from 2014 to 2017 I was not in touch with the advancements of products in the industry. But I was using other solutions prior to Splunk.  

The setup and installation of the product are straightforward.  

The pricing model makes this an expensive solution.  

Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product.  

Interface-wise, I think the product is good.  

Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective.  

Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them.  

Whatever the use cases we had for Splunk, we were able to make it work.  

Cost optimization is the only thing that needs to be reconsidered.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.  

We use it a lot for IT operations. We monitor various services that we manage. 

We do not monitor a multi-cloud environment. We have a single stack. 

It is very stable. Many things get managed at the backend. The infrastructure is managed by Splunk. We just have to focus on the use cases and the value we can drive from Splunk. Being able to focus only on the outcome of the product is valuable for any organization.

There has not been a significant difference when it comes to the meantime to resolution because it all depends on the use case and how much time it takes to run. However, as an admin, just focusing on giving valuable insights and not having to manage the infrastructure has been the most beneficial. Otherwise, the quality of the use cases is still the same. There is no difference as such.

Not having to maintain any infrastructure is valuable. That frees up a lot of time as well.

We are on the classic Cloud that is hosted on GCP. There are a lot of functionalities that are missing for Splunk Cloud hosted on GCP but they are available on AWS. Adding more IPs to allow lists and many other functionalities are not supported on Splunk Cloud hosted on GCP. One good example is the ingest action which is not there in Splunk Cloud hosted on GCP. I wish they would add these missing features to the GCP platform.

I have been using Splunk Cloud Platform for a year.

It is very stable.

We definitely have room to scale. In the future, we might scale our environment. The amount of ingestion is going to increase.

I would rate them a seven out of ten based on my experience. There were many instances where we did not receive proper help, so we had to escalate the issue through our account team and our customer success manager.

After the migration, whenever there was any maintenance, there would be an email saying that it was just maintenance. There were not many details about it. Once we started talking about it and giving feedback, they started adding more information. There are still some gaps in the support or the quality of service. From that perspective, I would rate them a seven out of ten.

Neutral

We migrated to Splunk Cloud Platform from on-prem Splunk Enterprise a year ago. The main reason was to have no infrastructure management on our side. That was the main reason we shifted from Splunk Enterprise to Splunk Cloud Platform.

It was completely a smooth transition. There was a lot of data that we moved from on-premise to cloud. The transition was definitely smooth. The licensing and pricing were handled by the higher management. I have no idea about it, but the entire process of moving the data over was very smooth.

We are using Splunk Cloud hosted on GCP.

We utilized the professional services from Splunk for the migration, but after the migration, we have been taking care of everything.

We did not look into any other solution. We are totally into Splunk. We wanted a no-infrastructure-management environment and a better solution, so we moved to Splunk Cloud Platform.

Splunk's unified platform has not helped consolidate networking, security, and IT observability tools. The only product we use is Splunk Cloud. We are not using any of the other products like ITES, enterprise security, etc. No consolidation is required for us.

I would rate Splunk Cloud Platform an eight out of ten.

The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds.

The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult. 

I've been using Splunk Cloud for about four years. 

Splunk Cloud is reliable. 

Splunk Cloud's scalability is pretty good. 

Splunk support isn't so great. It takes a lot of time for them to respond. 

The initial setup is straightforward. 

We deployed Splunk in-house.

The license costs around 100,000-150,000 rupees. Splunk Cloud is the basic version. It costs extra if you need Splunk interface or Splunk ICSA. Those are premium additions. There are additional costs if you want to use the other premium aspects of Splunk.

I rate Splunk Cloud eight out of 10. It's a good solution that can index data in a short time. That's one advantage of Splunk over other solutions. However, the support isn't good, and you can't customize the Splunk interface. 

This solution is very useful for our Infosec team that manages our enterprise-level security. It collects logs from all of our on-premises devices and servers for search and analysis. All of the logs are collected on-premises and then sent to Splunk Cloud for analysis. 

The reporting and dashboards are very good.

In terms of reporting, everything is customizable. You can write a query to have the reports and dashboards created for you, and it will be based on that data.

The documentation is pretty good.

Integration with products and devices works well. We haven't had any limitations or problems connecting to our network devices.

The training models can only be accessed for 30 days, even if it is paid training. This is a limitation that I feel should be lifted because if we are paying for it then we want to be able to continue to use it.

I have been working with Splunk Cloud for a year and a half.

This solution is pretty stable. It is used on a daily basis and in the past year and a half, I haven't faced any issues.

We have a team of 20 for our SOC operations who will be monitoring the results of Splunk Cloud.

The support is pretty good. We are a premium customer so when we raise a ticket, they deal with it right away. Also, if it needs to be escalated then the account manager will get involved.

We did not use another log management solution prior to this one.

Splunk Cloud is pretty straightforward and easy to set up. It is a SaaS solution, so we don't have to do anything on our end.

We are a team of six people who maintain our security solution.

Compared to other products, Splunk Cloud is expensive.

The licensing is based on the amount of data that we send to the cloud on a daily basis. It is expensive, although it has more features than other SIEM tools.

Overall, I find that Splunk is pretty good. It is a very mature product and I can see that compared to when I used to five years ago as an end-user, they have been improving in every way. The interface is something that has become more user-friendly over time. When there is something missing, it is handled by another product from the vendor. For example, if you need to add predictive analysis then you use Splunk Phantom.

There are many other SIEM tools on the market, such as IBM QRadar and ArcSight Logger. Splunk is comparatively more expensive but it has many features and good functionality. I definitely recommend it.

I would rate this solution a nine out of ten.

We use it for Log Management and also for another bit of management. It feeds data into Splunk and Splunk writes the rules and based on that, it will pick up incidents. 

It is good from a cost perspective, in terms of the cost of the data you're looking at. There is no cost barrier. 

For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective.

The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market. 

I did evaluate other products and installations. I can't compare it to Splunk. 

I have been using Splunk Cloud for a year. 

There are two people who are part of admin that use Splunk in my company. 

We have a policy where we have to keep the domain controllers on lock with sensitive servers for about 90 days. We look at the controls around once a week to check if they need to be attended to. 

We initially contacted their support during the implementation. It was not for a very complex issue. It was more for a consultation. 

Their support is good. 

I was new to Splunk and had a problem with understanding the forwarders and worker safety management.

My team was able to install it themselves. 

In terms of how long it took to deploy, between coding, testing, and other things, it took about four weeks to complete the project to complete the initial installation. Altogether it was four to five weeks. They should improve the customization. 

Splunk is a leader in its marker. 

Splunk offers more features than its competitors. Other solutions are not on the same level to be able to compare them. 

I would rate Splunk a nine out of ten. 

The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.

We are a Splunk reseller and Splunk Cloud is one of the main products that we work with.

Our customers implement this product for log management, application management, application testing, and process management. They also have it for customer service use cases.

The most valuable feature of Splunk Cloud is the quick setup.

The only thing that is missing compared with Splunk Enterprise is the ability to manually edit all config files. This task is easily handled with support tickets but sometimes is would be nice to experiment directly.

I have been selling Splunk products for ten years.

We have not heard any complaints about stability. 

Scalability with Splunk is the best because it scales to anything. Their promise to users is scalability and availability. Our customers range in size from very small companies to large ones.

Over the past ten years that we have been selling Splunk products, they have been in constant contact for support. I would say that it is invaluable. They have great response time and great skills, and I couldn't compare it with any other software company.

Installing Splunk Cloud, itself, is nothing. The length of time for the total deployment depends on how many log sources that you have. It can be completed in a matter of hours.

Being a cloud-based product, Splunk does all of the maintenance. We don't have to do anything to maintain it.

The licensing costs depend on the data ingest volume. If you weigh the costs and the benefits, the benefits are great and it is money well spent. 

I feel that Splunk Cloud is good as it is. It is the best tool on the market.

My advice to anybody who is considering this solution is to start now and don't wait. Every day that you wait, you can be wasting time and money.

I would rate this solution a nine out of ten.

We have a public URL that allows anyone to authenticate for ADFS. This allows them to connect using Active Directory. 

The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.

This is a feature-rich product.

Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for. For example, when something goes wrong, I can spend hours trying to figure out the problem and have nothing to refer to. I find that it confuses me somewhat, so it is something that can be improved.

I feel that technical support can be improved because it is always done through the use of a support ticket, which is not very convenient.

Setting up and configuring integrations are not easy to do. 

We implement this solution within the past year.

Splunk Cloud is quite stable. I do not remember having any issues with bugs or glitches.

I would expect that the scalability is quite good, albeit expensive.

Technical support is okay, although they are not as quick to respond as I believe they should be. I feel that some of the support processes are not very convenient.

The initial setup is straightforward, although we still revisit it. We started several months ago and are still trying to set it up in a more structured way. Really, we are still in the deployment stage in some regards because we are struggling with exactly how it should be set up.

We had some assistance from a consultant after the initial setup was completed. It worked well for simple uses, but now, we have some help in trying to configure it to meet our needs.

The price is something that people complain about.

My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features.

I would rate this solution a seven out of ten.