Splunk Observability Cloud Reviews

Splunk Infrastructure Monitoring helps identify bottlenecks within the network domain, including issues related to server databases, application response times, and code. These problems can be resolved by our customers promptly.

It is easy to use. It offers a unique dashboard reporting tool called Ollie. Ollie is essentially an observability tool, and it's also referred to simply as "Ollie" for brevity. It's important to note that this product is agent-based only.

Splunk Infrastructure Monitoring helps improve the efficiency and performance of applications by up to 70 percent.

It has helped reduce our mean time to detect. It has helped to reduce our mean time to resolve by around 50 percent.

Splunk helps us focus on business-critical initiatives.

It integrates well with multiple sets of products.

The vibrant dashboards are valuable.

The main drawback of Splunk for network monitoring is its limited agent deployment. Splunk excels at collecting data from servers and databases where agents can be installed. However, it cannot directly monitor network devices, unlike Broadcom.

Broadcom offers Spectrum and Performance Management tools that primarily work on SNMP to collect data from network devices. Splunk doesn't have a directly comparable functionality for network devices.

While Splunk offers a wider range of data collection, including metrics, logs, and more, it can be more expensive. Splunk's licensing model is based on data volume (terabytes) rather than the number of devices. This can be costlier compared to Broadcom or similar tools, which often use device-based licensing.

The end-to-end visibility is lacking because Splunk cannot directly monitor network devices.

Broadcom provides a topology-based root cause analysis that is not available with Splunk.

I have been using Splunk Infrastructure Monitoring for 10 years. 

Splunk Infrastructure Monitoring is stable. 

Splunk deployment is simplified because it is cloud-based. The deployment takes no more than 15 days to complete.

Splunk's infrastructure monitoring costs can be high because our billing is based on data volume measured in terabytes, rather than the number of devices being monitored.

Replacing legacy systems with Splunk could cost up to $200,000.

I would rate Splunk Infrastructure Monitoring 7 out of 10.

The decision to move from another infrastructure monitoring solution to Splunk should be based on a customer's specific needs. While Splunk offers visually appealing dashboards and access to a wider range of data compared to Broadcom products, pricing can be a significant factor, especially in the Indian market.

Deploying Splunk for a customer can involve higher upfront infrastructure costs. This is because implementing Splunk effectively often requires writing custom queries to filter data and optimize license usage. While this approach minimizes licensing costs, it can be labor-intensive.

We use Splunk to monitor some devices in the company. We have several cloud groups for monitoring the energy companies in the state. The stack has several devices to monitor if you have a problem. There is a mixture of solutions.

The solution monitors the system in real-time. We can find the resources and investigate security incidents. Splunk and another solution, AppDynamics, monitor several devices.

We integrate Splunk with a data collection solution, and it plugs in the users to collect data at several points in the network and infrastructure. The data is indexed in Splunk, which can be visualized in different dashboards. Monitoring for fraud is critical for the company because you have to resolve many problems in the infrastructure with federal information in the dashboard. 

The company has many systems that the customer pays to access. Splunk APM issued via AppDynamics helps find problems in the feed. It reduces the risk of supervising all the devices. I can supervise the flow and simulate the conditions of the repository across several dashboards to show what's happening at the moment.

The dashboards are used mainly to visualize information about the infrastructure, but it isn't easy to construct or use the dashboards. While we tried to resolve the issue by calling support, it would be easier if they had an AI co-pilot to identify the problem and help you solve it. 

I have been using Splunk APM.

Splunk APM isn't easy to scale because you have to follow the steps and implement best practices, which can be a little awkward.

I rate Splunk support 10 out of 10. We had good documentation, and the support team at Splunk has a lot of experience with code and the tool. 

Positive

I haven't had any problems deploying Splunk. When I installed Splunk for the first time, I thought the product line was complex because I had to build the solution. After working on it for a while, it has become easier to do the solution next time.

Splunk APM is a crucial tool because it controls all the systems and solves a lot of problems.

I rate Splunk APM 8.5 out of 10. It's an excellent solution.

We use Splunk APM for performance testing. 

Splunk offers end-to-end visibility across our environment.

Splunk APM simplifies application performance monitoring. It also provides insights into data quality, including data security, integration, ingestion, and versioning of trace logs. We can directly inject data for monitoring purposes, trace the data flow, and monitor metric values.

Splunk can ingest data in any format, allowing us to easily monitor logs and identify blockages through timestamps, which saves us time.

The most valuable feature is dashboard creation. This allows us to easily monitor everything by setting the data we want to see. For example, imagine we're working on a project within the application. There might be different environments, such as development, testing, and production environments. In the production environment, we can use dashboards to monitor customer activity, like account creation or other user data. This gives us a clear view of how transactions are performing and user response times. This dashboard creation feature is one of the most beneficial aspects of Splunk that I've used in a long time. While Splunk offers many features, including integration with various DevOps tools, its core strength lies in data monitoring and collection.

Splunk's functionality could be improved by adding database connectors for other platforms like AWS and Azure.

I have been using Splunk APM for one year.

We previously used a legacy application for monitoring and when it was decommissioned we adopted Splunk APM.

Splunk offers a 14-day free trial and after that, we have to pay but the cost is reasonable.

I would rate Splunk APM eight out of ten.

Splunk APM requires minimal maintenance and can be monitored by a team of three.

We have our application development and we monitor our websites. I create alerts and dashboards to help us notify if we have any infrastructure issues.

We get our data in and then I create some SQL queries to find out where our averages are and do some predictive analysis. When we deviate from the normal, that is where I like to set up alerts and dashboards. I have alerts that trigger and link to dashboards to see the trend over time or what happened last hour. There is also alerting to the phones.

I believe Splunk Infrastructure Monitoring has improved our organization because, over time, it has always been pinpointing the source of the problem. We have pretty quick responses knowing that we have a problem, and we can drill in pretty quickly to find out where the problem might be occurring. Is it a specific server or is it happening to multiple systems across the board? It is easy to visualize that.

Monitoring multiple cloud environments is pretty easy because it just aggregates from different places, and when we have an outage, we can say, "Oh! Amazon West is having a problem."

Splunk Infrastructure Monitoring provides end-to-end visibility into our cloud-native environment. I am not directly involved with the cloud portion of it, but for our developers, end-to-end observability is important because we have multiple platforms and systems.

Splunk Infrastructure Monitoring has reduced our mean time to resolve. I cannot put a number on that, but compared to years ago, we now do a pretty good job of infrastructure monitoring. We can better monitor a bunch of different aspects of our business.

Splunk Infrastructure Monitoring has improved our organization's business resilience. We do not want to be down, and we do not want people to be not able to pay their bills online.

It is a great resource for us because we have so many different data sources and to be able to aggregate that and put it through a concise dashboard or an alert really helps.

We have both on-prem and cloud, and the challenge is getting all our log data aggregated or streams aggregated so that it is real-time. We do a pretty good job of that, but our organization is not using it as a security platform when it can do a great job of that. We have other tools that we use, but we should leverage this more in our organization because we have already got the tools and the software.

I have been using Splunk Infrastructure Monitoring since 2019.

It is very stable. Especially since we went to the cloud, it just makes it easier for us.

We have not had any issues there.

Their technical support has been very good. I have not had to use it a whole lot because we have pretty good and experienced staff. We use consultants, and in general, we have been lucky. We work with our representative, and we have hired a couple of contractors. 

We have used different solutions in the past. I used CA Wily. New Relic was another tool we had used for a time. 

We had several different tools that we were using for APM monitoring and website monitoring. Over time, we migrated more to the Splunk platform because it helps to aggregate the data. Having to configure all the agents was painful, and Splunk made that a lot easier.

It was pretty easy. We had to set up all of our collectors. Getting our feeds was critical. 

We have an on-prem setup, so we have a lot of forwarders. We are also on the cloud. We have a data center locally, and we have one in Texas. We also have a third one that I like to call the cloud, so we have three different environments that we move between, and it is nice that when we have a problem, we can tell exactly where it is.

John Ansett's company helped us with our initial deployment. They did an excellent job.

We have seen an ROI. It is hard to put a price on downtime, but our primary business is travel, insurance, as well as automotive. We are a diverse organization, but our bread and butter is insurance. If there is downtime, people cannot pay their insurance bills online, or they cannot look up the policy and that type of information. Being down is not good for our customers.

We have seen a time to value. I use a lot of dashboards for monitoring, and I have trained other teams in our organization on how to use the tool. It is starting to have a lot of legs now, and we got a lot of different diverse departments using the tool. We are getting a lot of experienced staff to use the tool and make their own desktops.

It is difficult to put a price on how fast you can find a problem and resolve the problem. We have got web services and servers, and sometimes, pinpointing where the problem is took the longest time. Having ITSI observability and Splunk dashboarding together has helped a lot with that.

I am not in that circle, but we are currently licensing based on our queries. That is working out for us. Previously, it was by volume of data, and now, we can store as much data as we want. 

I would rate Splunk Infrastructure Monitoring a ten out of ten because that is primarily what I use every day. I love the product. 

Our primary use case for SignalFx was visualization, charting, and alerting. We also used it to fix our µAPM.

For one project I was working on, at least 15,000 people were using SignalFx. They used to monitor their application health in the SignalFx dashboard and get alerts from SignalFx. The users had different job profiles, such as engineers and architects.

One of the valuable features is that it is very user-friendly. We can directly search for a metric and create alert charts straightaway. There are multiple visualization options to create charts that allow users to create detectors and alerts and integrate them with downstream applications for getting notifications.

Moreover, the volume it handles is very good, including the number of metrics, the volume number of traces, and more.

There are some predefined metrics where we can directly install the SignalFx agent. It gives some informative CPU utilization where some things are inbuilt. But for specific applications, we may need to create customized metrics. Here, developer teams have an additional burden of creating the whole thing if they need to customize anything. The additional feature metric could be a custom metric edition. It would make it simple for any user or engineer to go beyond the default metrics and easily choose to add more metrics. It will help share dashboards, so when we have a single version, thousands of people can use the same single version of the dashboard.

The sharing option and custom metric would be the two additional features I would like to see in the improved version.

I used SignalFx for six to eight months for my previous project, and the version I used was Splunk Observability. I used it last in October 2022; I am not using it right now.

It is a stable product. There used to be some unplanned maintenance or intermittent issues. Most of the time, we used to get alerts or notifications from the SignalFx team. So, out of 100, I would give it a 90. It was stable, but in that 10% of the occurrence, we faced various problems like loading traces, dashboards, and more. In that project, we had a limit of detectors and a limit of a metric time series, and several subscribed metrics. So, we used to get some notifications when it reached 80% or 90% of the usage. Thus, it is completely related to the subscription. But we faced the fact that the number of MTS reached the limit.

In terms of stability, we faced intermittent issues so I won't give it a 100%; it is 90%.

It is scalable. Although the scalability depends on the subscription model, there are some related requests according to cost. For example, if I want to increase the metrics by up to 30%, store more metrics, or create more alerts, I can easily do it without impacting anything. For all those things, it is scalable.

I used to create a support case in the SignalFx portal itself, and I used to call them on their toll-free number and engage them with issues. So I had some experience with their team and I rate them an eight out of ten.

I would rate it an eight because customer support won't provide back-to-back service. If I expect updates every hour, sometimes I may not get updates every hour. For example, if I need someone to explain the issue, there might be delays. If I need to get some root cause of an issue in real-time, that might take time. So considering these factoes, I rate them an eight out of ten.

Positive

I have used some observability tools like Splunk, Instana, and Grafana. I found SignalFx the best one for visualization, and it is user-friendly too. For example, you can directly search for a metric, and we can create alert charts immediately. So there will be multiple visualization options to create graphs. From there, we can directly create detectors, create alerts, and integrate them with other downstream applications for getting notifications.

The initial setup was simple, and we used some package installers. We had a restrictive code for binaries in Artifactory. So we directly used some package installers and pulled it in individual service. Also, it was integrated with Puppet, so installing the SignalFx agent and starting it was simple.

I wanted to manually install, deploy, and download it on a single server, and the whole manual procedure took around 10 to 15 minutes. When I tested a group of services with the help of Puppet, even hundreds of servers were done within an hour or something. 

So I was working on a banking project, and we had a private cloud there; SignalFx agents were installed on servers, and our metrics were derived from there.

My company used an inbuilt application built by in-house developers, which was developed 15 years ago. Those tools were somewhat outdated and could not serve the purpose of the ever-growing volumes and other issues. So they preferred to have some third-party tool to solve their problems, and they found SignalFx useful. As a user, I also thought SignalFx was much better than other visualizations.

I would definitely recommend SignalFx. Compared to other installation tools, creating alerts, understanding charts, and creating dashboards is more straightforward. 

The functions are complex but SingalFx is very user-friendly. There is very defined documentation for everything, whether I have to create an alert or use some aggregation. We will have a direct link that says something like, "Click here to read more" or  "Click here to understand." Such links are there for everything. Moreover, if I want to create an alert, there will be multiple options; it will say, "What is the time of alert?" or "What is the threshold base?" All these details will be there; you will have a link to detailed documentation. It is a very user-friendly tool for any beginner. 

I would rate it as nine out of ten. 

I have the logs of my applications, and they're usually a bit volatile. The log switch doesn't stay there on the application for a long time, so Splunk can require that. It can take 15 days for the logs to be available to do some kind of research. I'm using Splunk to ingest application logs, create dashboards, and set up alerts. 

The biggest benefit of Splunk is that we can retain logs and correlate the data. Telemetry data has a huge impact because it's much easier to see everything. 

Splunk has significantly reduced our mean resolution time. The workflow at my company involves application microservices applications running on the cloud. These logs are highly volatile, so they're only retained for three to five minutes, and we had to reproduce an issue to trace why it failed. That meant we had to do everything again to capture the log at the moment.  Now, we have the data to analyze one or two hours.

Splunk's dashboards are great. The solution provides end-to-end visibility across my environment. Visualizing large amounts of data is easier because we can correlate the data from any target source. 

The licensing model is expensive. We need to monitor the amount of data ingested because the cost is based on the data collected. 

I have used Splunk APM for three years now.

We have instances for production and development. I've never seen the production instance go down. Our development instance has gone down, but that's expected. 

I used tools like Elasticsearch, which is similar to Splunk. I've also used other observability tools like Grafana and Dynatrace, but they have different features.

I rate Splunk APM 10 out of 10.

Our primary use case for this solution is as a supplement to Dynatrace, so the log analytics is done in Splunk instead of Dynatrace.

We built a tool for firewall log monitoring and we powered all firewall logs to Splunk. In addition, we built a little dashboard that just specifies sources and the destination addresses and port numbers. It passes all the logs and tell us if there are any blocks or drops on the firewall level. This is a very useful tool for us.

The features I have found most valuable are log searching and log analytics, both of which are quick features.

There's a component in this solution that is particular and takes a lot of manual work and that is the automation. There is a lot of room for improvement with the automation. They should also improve the discovery and detection of all the infrastructure components so that it is more automated and takes less manual work.

I have been using this solution for about five years.

I would rate the stability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the technical support of this solution a 10, on a scale from one to 10, with one being the worst and 10 being the best.

Positive

At first, we were deployed on-premises and then about one year ago we migrated to the cloud. So I would say they did most of the work around migration. There are around 1,000 users of this solution in our company.

We have seen the ROI.

I would rate the pricing of this solution a two, on a scale from one to 10, with one being the most expensive and 10 being the best price.

Our model of deployment is the cloud.

I would rate this solution as a whole a 10, on a scale from one to 10, with one being the worst and 10 being the best.

I would advise other people looking into this solution to do their due diligence and make sure they do their pre-work and post-work.

We have a lot of applications that we monitor. We have a lot of hardware that runs on VMware. We monitor all of that as well.

Dashboards have been helpful because people can go and look for themselves how their systems are running. The requests for us to go look at something have gone down because people can go and do it themselves.

It is important for us that Splunk Infrastructure Monitoring has end-to-end visibility. Developers and those types of teams can look at and troubleshoot any kind of issues quickly.

Splunk Infrastructure Monitoring has helped reduce our mean time to resolve, but I do not know how much. We just help as needed, but for the most part, it is just the teams going in there and looking at things themselves.

Splunk Infrastructure Monitoring has helped improve our organization’s business resilience.

Different teams can see a lot of different aspects of what is going on. They can see network traffic. They can see applications, and they can see hardware peaks and performances. They can see everything they need.

We could see the value of Splunk Infrastructure Monitoring within a couple of weeks of implementing it.

Dashboards help the application support teams to have a quick look at how their systems are running. It helps other teams as well.

They can get more integration with a few more products.

They can also update some of the dashboards that are in there now.

It is pretty good in terms of the ability to predict, identify, and solve problems in real-time, but there is always room for improvement.

I am in a new role. I have been there for two months. That is as long as I have been using it.

It is very stable. It is good.

Its scalability is great.

It is very good. I would rate them a nine out of ten. They are usually pretty helpful and knowledgeable.

Positive

We have it on-prem, and we also have a cloud instance. Our cloud provider is AWS. We do not monitor multiple cloud environments.

Deploying it was pretty straightforward. We just had to make sure that we were getting the logs right and setting the apps right. That was pretty much it.

We have seen an ROI in terms of manhours and less work for everyone.

I have always used Splunk.

I would rate Splunk Infrastructure Monitoring a ten out of ten. It is great. It is much better than a lot of other products, so it is definitely up there.