Splunk Observability Cloud Reviews

My main use cases for Splunk Observability Cloud include retail analytics.

The feature I appreciate the most about Splunk Observability Cloud is Synthetic Monitoring. These features have benefited my organization by increasing availability and decreasing downtime, providing assurance that makes you feel good, and ultimately enhancing well-being.

The out-of-the-box customizable dashboards are very effective. At the same time, we also use Splunk Cloud to enhance them. The Splunk Cloud is a better dashboarding experience.

Our teams have utilized the ability to enrich data with custom metrics in Splunk Observability Cloud. We've been doing a lot of that with event management and linking that into IT as well. So we're using that to be able to tie systems together. The integration we have between Observability Cloud and ITSI for event management is where we're using that type of stuff.

Splunk Observability Cloud could be improved by having more integration with Splunk Cloud because at the moment they're two separate products. They're making great moves on what they call unified access; tighter integration is always a good thing.

I have been using Splunk Observability Cloud for three years.

I would assess the stability and reliability of Splunk Observability Cloud as generally good. We have experienced the odd bug; however, nothing too serious, and Splunk has been quite good in terms of resolving issues; it's just routine stuff and nothing bad.

Splunk Observability Cloud scales incredibly with the growing needs of my organization. It just means the more we use it, the more expensive it is, but there are no issues reported.

I would evaluate customer service and technical support as fantastic; nobody is better.

Positive

During the deployment, we only had some challenges when we switched on unified access. However, they were just teething problems.

I have seen a return on investment with Splunk Observability Cloud as we have averted some things that may otherwise have resulted in downtime. We have had it avert potential problems, and the first time it happens is a return on investment. The second time, nobody notices, making measuring business value a challenge.

I would advise other organizations considering this solution to give careful attention to the use cases they have and how they plan to proceed in terms of their roadmap over the next two to three years, as there are alternatives. Having an idea of where you want to go will help you make a better-informed decision.

Additionally, it's good advice to have a customer reference call to learn from someone's experience and avoid pitfalls.

On a scale of one to ten, I would rate Splunk Observability Cloud overall as a good eight; as soon as it's all integrated neatly together, then it's up in the high numbers.

I use Splunk Observability Cloud for network logging analysis.

I prefer the dashboard building and search features of Splunk Observability Cloud the most. Splunk Observability Cloud has helped improve my operational performance. 

Previously, we used Elastic for similar purposes as Splunk Observability Cloud, and this has allowed us much more visibility into what we're working on with usable dashboards and metrics, which has been awesome.

The only strain point we've encountered with Splunk Observability Cloud is that the search times can be lengthy for some things. We have a large environment, so that's expected. That's the only complaint I've had so far.

I have been using Splunk Observability Cloud for approximately three months.

I experience slow searches occasionally with Splunk Observability Cloud, but there are no outages or anything in that regard, so it is pretty stable and reliable.

Splunk Observability Cloud scales with the growing needs of my organization effectively. As a large organization, we find it impressive that our volume has been handled with only occasional slow searches.

I haven't worked with customer service and technical support directly, however, another engineer on the team has shared positive feedback about their experiences.

Positive

Prior to adopting Splunk Observability Cloud, I was using Elastic. Support was a significant factor that led to switching to Splunk Observability Cloud. The previous solution wasn't fully supported by their team, and there weren't adequate integrations or visibility needed for some of our applications. Additionally, it was a legacy installation set up by former employees, so this was an opportunity to start fresh with people who are actively involved.

We haven't had Splunk Observability Cloud long enough for me to make substantial comments on its effectiveness in improving digital resilience within my organization.

I wasn't involved in the licensing. 

We haven't used the no-sample tracing feature in Splunk Observability Cloud specifically for eliminating blind spots in data collection. We haven't implemented the AI-powered analytics and guidance features provided by Splunk Observability Cloud either.

Our main security architect has done extensive work utilizing the ability to enrich data with custom metrics in Splunk Observability Cloud by setting up specialized dashboards and searches for our various integrated apps, including ISE and Palo firewall logging.

I haven't extensively used the out-of-the-box customizable dashboards provided by Splunk Observability Cloud as we're still using our custom ones. I wasn't involved in the pricing, setup, cost, and licensing. I enjoy using Splunk Observability Cloud, but I'm not familiar with the cost aspects.

Access to Splunk Observability Cloud has been reliable for all users. On a scale of one to ten, I rate Splunk Observability Cloud an eight. 

I recommend spending time working on your own dashboards and searches to fit your business needs, as that's where you'll get the most value out of Splunk Observability Cloud.

We are using the Splunk Observability Cloud for monitoring purposes and troubleshooting, and we are using that infrastructure in real time, in which we have infrastructure monitoring, application monitoring, log observer, and RUM synthetic monitoring. For troubleshooting purposes, we are installing the open telemetry collector agent on some of the servers, including Intel, Windows, and UNIX servers. 

I have also worked on the agent upgrade from version 0.103 to 0.1113, which is ongoing right now.

We are also using the dashboards and detectors in Splunk Observability Cloud. For client needs, we are creating dashboards, reports, and detectors as well. For the detectors, we mostly work on host-down situations. When a server is down, we troubleshoot using the detector infra host down and identify the root cause of the failure, such as why it was down or not reporting to Splunk Observability Cloud. We find out the root cause by using that detector when the alert gets triggered and cleared.

We use the tracing features in the Splunk Observability Cloud, primarily for application performance monitoring. It helps us figure out service maps for root cause analysis. It provides visibility and helps address blind spots in data collection.

Splunk Observability Cloud offers a transparent, customized tool with real-time visibility. We use AWS, ReactJS, Python, and Java for tracing. It helps create customized dashboards and service maps based on customer requirements. It has AI that automatically generates visualizations, allowing us to create more reports based on customer needs. My seniors are primarily working on creating dashboards, reports, and for monitoring purposes.

Their technical team is performing well. About a year ago, Splunk Observability Cloud was slow and lacked features compared to now. It didn't provide exact details for any searched server in the metrics, but the situation has improved significantly, and we can now retrieve complete data on when servers were down or up.

The best features in Splunk Observability Cloud are the metrics; I can see any logs or anything related to the server or services we want to monitor, and the metrics are a good function. It provides exact details. It offers unified visibility for logs, metrics, and traces.

In Splunk Observability Cloud, I notice room for improvement in synthetic monitoring. It does not provide output based on server names. It only gives a response when we input a URL. I'm not sure if this issue is specific to my organization, but it would be beneficial if server details could be retrieved directly in synthetic monitoring.

I have been using this solution for two years and two months.

I would rate its stability an eight out of ten.

I would rate its scalability an eight out of ten.

Around 100+ users access Splunk Observability Cloud in my organization, including the cloud SRE team, Windows Intel team, Linux team, and AD team.

My client base primarily consists of enterprise financial services.

If any issues arise, we can raise a vendor case, and resolutions are provided in a timely and accurate manner. 

Positive

In my organization, we also work with Sentry, Datadog, PagerDuty, and Dynatrace. Splunk Observability Cloud offers more features than Datadog, which also provides APM monitoring, log observer, and metrics, but does not match the feature set of Splunk Observability Cloud.

It is a bit complicated. For deploying Splunk Observability Cloud, we first need an access token, after which we connect to our AWS Cloud account and provide the access token. We must set up CloudWatch or AWS Lambda and forward the metrics or logs from all sources to AWS.

The implementation took about 45 days.

The return on investment varies based on requirements; for smaller tasks, we can leverage our team's capabilities effectively, so I can estimate around a 20% efficiency gain.

Currently, we are providing outputs to clients within the required time frames. If a client requests any dashboard, logs, APM monitoring, or synthetic monitoring, we have been able to deliver output on time, achieving approximately an 80% efficiency in response.

Splunk Observability Cloud is expensive.

For operational performance, we created monitoring within the Splunk Observability Cloud for most servers with agent installation. We upgraded the open telemetry collector from version 0.82 to 0.103, then again to a newer version, enhancing visibility and use cases, especially after the upgrade, which has improved operational purposes.

My impressions of Splunk Observability Cloud for focusing on business-critical initiatives are positive. I manage six tools, but Splunk Observability Cloud is one of my favorites, and I aspire to build my career specializing in it because it has great features, more attention in the market, and is a relatively new tool with promising growth.

I would recommend Splunk Observability Cloud to other users for its accurate data fetching, dashboard creation, report generation, and synthetic monitoring capabilities.

I would rate Splunk Observability Cloud a nine out of ten.

Our main use cases for Splunk Observability Cloud are to observe our application, our websites, and our infrastructure metrics.

What I appreciate the most about Splunk Observability Cloud is the APM part and the log analytics part. These features can help us with troubleshooting our problems between multiple systems. 

Distributed tracing is very useful to us, and the infrastructure part can help us identify problems with the infrastructure. Splunk Observability Cloud has helped improve our operational performance and our company's resilience on the path of adopting it, and I expect more improvements in the future.

The RUM part of Splunk Observability Cloud can be improved significantly. We are currently struggling to use it since our application is mixed mobile and non-mobile. Some AI features in the search functionality could be beneficial in the next release of Splunk Observability Cloud.

In GCP, Cloud Run is not natively supported by Splunk, and we are challenged with bringing data from Cloud Run to Splunk. Native support of it in the future would be great for us.

We started using Splunk Observability Cloud one year ago.

I would assess Splunk Observability Cloud as quite reliable. The only problem is the graphical interface, which sometimes is buggy. It crashes, doesn't display data, and requires reloading the browser. I have experienced downtime with Splunk Observability Cloud only once, which lasted one hour due to issues that prevented us from logging into the platform.

Splunk Observability Cloud scales with the growing needs of our organization quite efficiently. I have expanded the usage of Splunk Observability Cloud, and the process of expanding usage was smooth apart from one part.

Customer service and technical support respond very quickly. That said, sometimes the solutions take too long to implement.

Neutral

Before adopting Splunk Observability Cloud, we used DataDog, and before that, we had no solution. The factors that led me to consider the change were mainly because my company has different IT offices. My IT office used DataDog, another IT office used New Relic, and others used different tools. We needed to adopt Splunk across the group to have something standard in my company.

My experience with deploying Splunk Observability Cloud was quite good, mainly since we almost have everything on cloud and that makes deployment quite easy.

My advice to other organizations considering Splunk Observability Cloud is to adopt it if you don't have anything else as it's a very good tool, and having something for observability is very good. Not only for the observability part but for all the Splunk platform, that's great. 

On a scale of one to ten, I rate Splunk Observability Cloud a seven out of ten.

We primarily use Splunk Real User Monitoring to analyze performance bottlenecks and application transactions. It allows us to see how applications are experienced on the user side, making it easy to capture any bottlenecks or performance issues.

The most valuable features include user time tracking and the ability to analyze application load times. Splunk provides advanced notifications of roadblocks in the application, which helps us to improve and avoid impacts during high-volume days. It is very useful for identifying performance bottlenecks.

It would be beneficial to have more enhanced features with capabilities to adapt more integrated applications. Improvements in dashboard configuration, customization, and artificial intelligence functionalities are desired. There is room for improvement in customer support due to delays and standard feedback responses.

I have been working with Splunk Real User Monitoring for almost two years.

In terms of stability, I would rate it a nine out of ten. It is a very stable solution.

Splunk Real User Monitoring is definitely scalable. I would rate its scalability a nine out of ten.

Technical support is rated an eight. There is some delay in their in-depth responses and standard answers to questions.

Positive

I worked with Splunk alongside Dynatrace. Before Splunk, I did not use any other services.

It takes about an hour to set up the client for real-time monitoring.

We have a separate team for deployment, consisting of about three to four people.

We have achieved a return on investment between 10% to 20% as it helped in removing roadblocks, which could lead to more savings with wider usage.

Splunk is a little expensive, however, it is in line with the current market pricing. I would rate the pricing an eight on a scale of one to ten, as it reflects the going rate in the market.

I would recommend this product to other users because of its capabilities in monitoring and analytics. 

I rate the overall solution eight out of ten, considering the comparison with other products like Dynatrace.

My main use case is end-to-end monitoring for the application.

We utilize the APM and auto-detectors, as the core metrics and core alerts are available for us, which are the features of Splunk Observability Cloud that I appreciate the most.

We lead the SRE, so our job is to ensure reliability, stability, and uptime, and without good observability monitoring, there is no way we can accomplish that. This is the main tool that we would use.

I would evaluate the effectiveness of Splunk Observability Cloud in improving digital resilience by saying that the idea is to minimize incidents. If any incident happens, the first thing I would do is go back to see why Splunk Observability Cloud did not detect that. I will take it back, do the reverse engineering to find out where it was missed out, and then work with the team to ensure these things are identified.

I have yet to experience the No-Sample Tracing feature in Splunk Observability Cloud, however, I am only in conversation with the teams where distributed tracing is required, and we want to provide the traces. My teams utilize the ability to enrich data with custom metrics in Splunk Observability Cloud, and I appreciate the feature supported within the Observability Cloud. Custom metrics could also be introduced from within the microservices, so I am yet to explore the OTEL library. I gave this feedback to the Splunk team that they should have their dedicated .NET library that customers can embed and start using; I do not think that is there today.

We are the first project within the company for a fully cloud-native application, so we will set the ground for the rest of the teams to get motivated. Therefore, I expect that I will have the best experience to become an example for others.

The integrations need to be improved for Splunk Observability Cloud. Currently, they do not have great support for Azure. We are on Azure, and I know they invested a lot of time in AWS yet not in Azure.

I had given feedback to the teams here, as the integration from Azure Cloud, how we supply the logs and the metrics, is not clearly documented yet, which was acknowledged by the team. For example, the OTEL collector has a thousand parameters, and we need a very specific use case with 10 parameters required for our integration. We can't go through the thousand parameters; we can, however, that is basically why I think some integrations need to get better for Azure.

There's a lot of talk about AI-powered analytics and guidance in Splunk Observability Cloud. I didn't get a great sense of how much of it is actually working; there are a lot of AI hallucinations. I think it probably needs much more improvement to contextualize it so that it is very clear and precise about what it randomly thinks, but it needs to match the context better.

Customer service and technical support need some improvement. We had issues with technical support, and the professional services were struggling as well.

I've been using Splunk Observability Cloud for six months.

I would assess the stability and reliability of Splunk Observability Cloud by saying no crashes or performance issues have been experienced.

On a scale of one to ten, I would rate customer service as eight.

Positive

My experience with deployment has been good. It's just the routing, the matrices, and the integration is where we were struggling a little bit. That said, having the cloud as observed to provision was never a problem.

I hope to see a return on investment with Splunk Observability Cloud. I have not applied this for production. That said, we already use Splunk Cloud for production, and we are good with that, so I see the value.

The cost is fine, and we are good with what is given. It's a centralized tool for my organization, so at the org level, a lot of things were decided, but we are actually happy with the cost we received because I know I have to approve my budget, and it's within our range, so we are okay with it.

My advice to Splunk is to mix Splunk Cloud and Splunk Observability Cloud into one. Don't make oObservability only needed in Splunk Cloud, too. You don't want to have two products competing with each other; you want to compete with someone outside your organization. Combine this, as there's a lot of confusion. Even in different classes and training sessions meant only for Splunk Cloud, they were not for Splunk Observability Cloud, and they are different today. The acquisition of SignalFx, which is not its own, adds to the confusion. So, to the customer, provide one interface, and combine them.

On a scale of one to ten, I rate Splunk Observability Cloud an eight overall.

For the retail sector, we are building a solution for customer stores in order to know how the products are sold.

The feature of Splunk Observability Cloud that I prefer most is the easy deployment on the cloud. The benefit of that feature for my organization is to optimize the deploys and implementation and the response to our customers, to quickly make a demo. Splunk Observability Cloud has helped improve our operational performance, especially for our customers.

My experience with the out-of-the-box customizable dashboards provided by Splunk Observability Cloud is that they are effective in showcasing IT performance to business leaders. For the initial point of contact, it helps and works nicely as a star point. Then, you have the basics and use that as a framework to deploy others, so they are very helpful.

Splunk Observability Cloud can be improved. In terms of additional features I would want to see in future releases, since Cisco acquired Splunk, more Cisco integration could be beneficial.

I have been using Splunk Observability Cloud for the last two years.

I have not experienced any downtime, crashes, or performance issues.

Splunk Observability Cloud scales very well with the growing needs of my organization, as we just need to add a license or data ingestion.

I would evaluate customer service and technical support for Splunk Observability Cloud as good. They respond effectively and in time.

Positive

Prior to adopting Splunk Observability Cloud, we used other solutions to address similar needs, such as Dynatrace and ElasticSearch.

It is easy to deploy on the cloud.

I have not seen a return on investment with Splunk Observability Cloud yet, as we are relatively new to it.

My experience with pricing, setup cost, and licensing of Splunk Observability Cloud is that it is somewhat expensive, considering I am from Mexico and the market in Mexico is very different from the market in the USA. It is expensive, especially when there are other vendors that offer something similar for much cheaper.

The factors that led me to consider the change to Splunk Observability Cloud include performance and cost, and it depends on the customer. If the customer is a network user or partner with all Cisco solutions, Splunk Observability Cloud fits perfectly.

However, if we have a new customer that doesn't have any Cisco products, it might be better for them to use another solution that is easier to deploy and not as complete as Splunk Observability Cloud, especially if they only need one or two features.

My advice to other organizations considering using Splunk Observability Cloud is that if you want a comprehensive, consistent tool or solution, it is one of the leaders in the market because it integrates with the network side of their organization, including Cisco solutions. Regarding customers who don't come from the Cisco world, it is a good choice, depending on their use. However, for small customers or those that are not large companies, Splunk Observability Cloud may not be the best fit, as it is a comprehensive tool. In Mexico, we observe that customers claim they only need APM or infrastructure monitoring, a very basic requirement, and don't require the entire Splunk portfolio.

On a scale of one to ten, I rate Splunk Observability Cloud a nine.

We use the solution to monitor and calculate the number of systems, applications, and DR sites we have. Then, if there is any problem, we can detect the information on which server belongs to which application. This really helps us.

We have seen 28% to 29% optimization and performance with Splunk Infrastructure Monitoring. You will know the moment you see any anomaly in the system, the server, or the infrastructure. The solution has given us more visibility not only from the infrastructure or server point of view but also from the network perspective.

Splunk's GUI and dashboard capacity are the most valuable features of Splunk Infrastructure Monitoring.

Compared to Microsoft Azure, Splunk Infrastructure Monitoring can ingest all the log sources. You can ingest all the data in one single source. Then, it accumulates the data, calculates internally, and gives you the right information you're looking for. Splunk Infrastructure Monitoring is the optimal solution, where you can see everything on one screen.

Our organization monitors multiple cloud environments, including GCP (Google Cloud Platform) and AWS (Amazon Web Services).

We're all completely dependent on Splunk's end-to-end visibility into our cloud-native environment to see everything, including any incident that comes.

Splunk Infrastructure Monitoring has helped drastically improve our meantime to resolve, detect, and investigate.

The solution has helped reduce our mean time to resolve by 28%, which is a huge number. We aim to reduce it by 30% to 37%, but that would definitely require some AI concept and new enterprise security. That's our plan for next year.

Splunk Infrastructure Monitoring has helped improve our organization's business resilience. The moment you receive an incident, you have full visibility. You can go deep into the investigation, do threat hunting, and find the root cause analysis. That's the visibility and performance we look for in enterprise security solutions like Splunk.

Splunk's unified platform helps consolidate networking, security, and IT observability tools. When you have multidimensional solutions and a multi-cloud environment, you have specific applications for finance and patient care. You can see everything consolidated in one solution.

DevOps and GRC compliance solutions come into one solution, and visibility extends. That gives you confidence, and we build trust with the business. Businesses are confident when they're going outside. Because we have full visibility, we provide that trust to the patient and my health care entities that we are safe.

The utilization of the use cases is not available. You need to write custom out-of-the-box use cases. There's no standard use case available where you can see the utilization of the number of use cases I have. For example, if you have 200 use cases, do you know if you are utilizing all 200 and if they are actually clicking at the right time?

If I can work 20 use cases out of 200, it is 20% utilization for the use cases. So, I'll focus more on 20% and try to optimize them based on my business requirements rather than focusing on 200.

I have been using Splunk Infrastructure Monitoring for six years.

The solution's scalability is marvelous because we can just add on. We are currently using two TB, and the solution gives us the flexibility to add an extra 500 GB next month.

Sometimes, we face technical difficulties because of the limitations of the connectors. Integrating Splunk with post-relational databases like InterSystems is challenging because such applications or databases are not very much publicly exposed. The technical team faces a lot of challenges when integrating because they need to write some custom connectors to integrate the data.

We have some clinical applications specific to a particular specialty, and you have different applications and databases for that. For that, you need to write custom connectors. Sometimes, the technical team lingers on and passes the time because they're also exploring.

I rate the solution's technical support seven and a half out of ten.

Neutral

We previously used a different solution called RSA. We switched to Splunk because RSA was not providing the latest changes and many of the upgrades we were expecting. Also, a lot of functionality we were expecting, like XDR, optimization processes, and connectors, was not available. We used RSA for four and a half years. RSA had performance issues, and a lot of use cases were not met because it was an old solution.

We had a system integrator who initially helped us integrate and deploy the solution. They helped us to deploy the solution, and we take their help to develop any new use cases.

We have seen a return on investment with the solution. Our KPIs have become smooth. When we have more visibility, our KPIs definitely increase. We can easily measure meantime to detect and meantime to resolve. You will definitely be up to the mark when your incident response capability increases. Our performance has increased. Our IT environment and DevOps team have more visibility and are more transparent now.

The solution's pricing is costly. We're now looking for a cloud version that would have a completely different pricing calculation.

Splunk Infrastructure Monitoring has use case capability, visibility capability, and performance. It also has a vast dashboard capability that no other solution currently provides. There are many solutions in the market, but Splunk stands out separately. With Splunk Infrastructure Monitoring, you can correlate data and ingest any kind of data with your connectors. Flexibility is another important functionality of Splunk.

Overall, I rate the solution an eight out of ten.