Splunk Observability Cloud Reviews

Splunk Infrastructure Monitoring reduces our mean time to resolve. We are more proactive than reactive. I would be very confident to say that there is about a 25% reduction in time. We get things way quicker than when we were just doing it reactively.

It has the ability to identify and solve problems in real time. It saves time.

There is no one feature that stands out more than others. We use a little bit of everything. When we started using it, we did not exactly know it. It was new and fresh, so we just started gathering everything. We did not end up doing anything different. All of the features that we are using have had an effect on the monitoring that we are doing. Everything is very effective.

We never had any issues when it comes to the type of use cases we are using it for. We did not need more advancement on it, but I know that, in general, everything can be updated. There are tiny little tweaks that can be made regardless of whether it looks better or has a different flow to it than it does right now, but it works pretty well for what we use it for.

I have been using Splunk Infrastructure Monitoring for two to three years.

It is stable.

It is scalable. As we continue to grow and expand, the stability and the scalability are there.

They have been very helpful whenever we have had any issues. Only one or two times they did not know. That does happen. We are all humans, but that is the best that you can get.

Positive

I got onto the team when we started using it, so I am not sure what we were using before.

I would rate Splunk Infrastructure Monitoring a ten out of ten.

We mostly work with developers. They run some pipelines, and they use Splunk as a platform to identify the errors, instead of themselves debugging the logs and understanding what the issue is. This is one side of the business. On the other side of the business, we use the Splunk database for frozen buckets where we archive the data.

We can easily integrate it with other tools for monitoring our entire IT data infrastructure. I also handle AppDynamics. We have integrated Splunk and AppDynamics. With one click, we can understand what the actual issue is. It brings down the time to resolve. We have had some good experiences.

It improves our operational efficiency every day. In my previous company, we had integrated it with ServiceNow. For defined alerting conditions, it could directly open up a ticket for the right team. We did not have to look into a thousand cases to understand a problem.

In terms of integrations, most of the plugins are already available. If a plugin is not available, even then it is pretty easy to integrate. There are multiple ways to integrate. You can use the REST API and just forward the data. It can be easily integrated.

It makes it easy to have end-to-end visibility in the cloud environment. There are multiple types of devices in an environment. You might have AWS, Microsoft Azure, or something else. It operates beautifully. It is easy to integrate. This is the best part.

I am in the banking industry. It helps to keep track of how well our application is performing when somebody tries to do a transaction. There are multiple pieces to it, and we keep track of everything. We have our own business dashboard that the top-tier leaders can look into. All the visibility is there because of it.

I find the monitoring console very helpful. With one click, I can see how we are performing, and at the same time, I can see what data is flowing.

The clustering part of indexes can be more refined.

They can cut down a bit at the monetary level for the long-time customers. We recently had a scenario where we were in discussions to see if there was any flexibility from Splunk's side.

I have been using this solution for the past two years. I have also used it in my previous company.

It is pretty scalable. I would rate it a nine out of ten for scalability.

I have worked with Kibana and Logstash, but they are not comparable to this solution.

It is expensive.

Overall, I would rate it an eight out of ten.

We mainly use it for different divisions and departments within our company to keep track of our systems' health. We also ingest log files to get data and alerts for different groups.

We used to use a number of different tools before we were introduced to Splunk. We used to have a very hard time getting this data in and being able to effectively use it because we had such a massive amount of data. We also could not find a way to organize it effectively. Splunk helped us to effectively use all the data that we collect in a valuable way for different customers and groups that we have in our company.

It has definitely helped reduce our meantime to resolve (MTTR). A lot of our customers have difficulty getting to root cause analysis of different problems and situations. They also do not have the data to perform analytical responses for different problems that there could be within our industry. They are now able to use this data effectively, not just for alerting, but also for preventative maintenance.

It has definitely improved our organization’s business resiliency by a lot. I do not have the actual data to share at this time, but there has been a marked improvement in the organization. We are now able to keep track of all the raw data that we pull in and then use it effectively. This helps our organization run more efficiently.

It has improved our organization's ability to predict, identify, and solve problems in real time. We are able to use data and search for it effectively. We have different analytical forms and data that we can use to improve in different ways. 

The most valuable thing that we have seen within our group is the ability to ingest all this raw data and have it organized in a certain way so that different groups can get effective alerting from this massive amount of raw data that is out there.

A lot of customers had a hard time effectively searching within the data in Splunk. There is a learning curve from searches to indexes and using all the macros that we have created. It is a little difficult for somebody who has not used it quite a bit and does not have a lot of practice with it, but the AI features that we have been hearing about through Splunk will make it a lot easier for us to use human language to search this data. That is big. That is pretty powerful, and that will help a lot with our customers. At the Splunk conference, some of the talks have been about the AI platform and more effective and easier ways to search within Splunk through indexes and other things. These features will help correct some of the things with which we are having a hard time with some of our customers.

We have been using this solution for about four years.

We are not on the cloud. We are all on-prem. We have had certain issues with space on the servers and things like that, and while moving things up to what we need, we have not had any issues on the Splunk side.

It is great. We have not had any major issues with getting support from Splunk. With our monthly license, there are a certain amount of hours that we have with Splunk support. We are able to use it when we are getting close to the end of the month. In our meetings, we make a list of different topics that we would like to explore and discuss with Splunk. We create meetings for that, and they are always very helpful. We never had any issues in getting support from Splunk. I would rate their support a ten out of ten.

Positive

We used to use Tivoli. We also use AppDynamics in addition to Splunk for different parts, but we are starting to learn that Splunk does have a lot of similar toolsets. Splunk does the same as what AppDynamics does, and in some cases, there are more powerful tool sets that would help us. We are thinking of petering down our different tools to get into one tool, possibly Splunk. We already got rid of Tivoli, and we are using Splunk fully in place of Tivoli. We have seen a positive response to it.

We have seen cost efficiencies by switching to this solution. Because of the wider range of tools that Splunk offers, we were able to get rid of Tivoli and get rid of that licensing obligation on an annual basis. We are able to save a good amount of money on that and move that budget over to our Splunk budget to keep everything under one umbrella.

I was not involved in its deployment. I came on the year after.

We are currently on-prem, but we are working on developing and moving everything over to a Google Cloud platform. The announcement that Splunk is partnering with Google Cloud, in addition to AWS, is pretty good for us because we are working on moving over to the cloud in the next couple of years.

We have definitely seen an ROI. Our team is able to spend more time learning one tool as opposed to having to learn multiple different toolsets. Therefore, we are able to get more work done in a more efficient manner.

We have seen time to value using this solution. Our company has a very heavy push toward work-life management. Since we have been able to, especially in our group, switch to this tool, we could cut down on our on-call time and have our groups run on different patterns where people who are off are actually off. They do not have to be called in because essentially, everybody is able to access the tool and use it effectively because it is the one tool that we use as opposed to having different tool sets. Everybody knows how to use it, so it definitely has helped us in that way.

I know there was a panel and a team that was going through different tools. I was not a part of that process, but I know there were quite a bit of tools that they were looking at. Splunk must have worked out better than everything else.

I would rate Splunk Infrastructure Monitoring a ten out of ten.

We are monitoring our servers and their health. We are monitoring their functionality and supporting the Kubernetes platform.

Our team supports multiple different projects. They all have their own clusters and ways of operating, but we just use one Splunk Infrastructure Monitoring system.

Splunk Infrastructure Monitoring has helped improve our organization’s business resilience.

I have primarily used it to go back into the past and understand why something happened. It provides enough information to do research and figure things out.

One thing I recently ran into was that the logs on the server most often get Gzipped after they have been rotated. We found that we were not monitoring some of the things, so we had to go back and pull them in. Right now, it pulls one at a time, untars it, or unzips it, so I cannot look at the entire history. There can be an improvement in that area.

I have been using Splunk Infrastructure Monitoring for four years.

It is stable.

About a year ago, we added another 600 servers and scaled up. We are getting more in the next year or later this year. It works smoothly.

They are good. I have a ticket open now. I told them to go ahead and close it because we thought it was a hardware issue, but they said that they would keep the case open till the hardware replacement to see if the issue goes away. That was pretty nice.

All of our hardware is HPE-based. We rely mostly on OneView, but it does not give us the service aggregation and other things that Splunk Infrastructure Monitoring is giving us.

One of the gentlemen on other teams came to ours. He is very knowledgeable about Splunk, so he helped with the implementation.

All of our servers are RHEL-based.

A different organization group within our organization had Splunk, and they liked it, so we just went with Splunk.

I would rate Splunk Infrastructure Monitoring a ten out of ten.

My customers used the solution for application performance in uptime and networking.

Splunk Infrastructure Monitoring has helped our customer's organization by making troubleshooting easier. The solution helped them have a centralized place where they could dig in across multiple other tools and consolidate all the information in one place.

Splunk Infrastructure Monitoring provided our customers with visibility into their overall infrastructure. They could quickly start identifying where the problems were coming from. If something was going sideways, they could more easily target the specific pathways.

One of our customers was on-premises. The other was a hybrid with on-premises and private cloud.

I was on a team helping them build a brand new tool, which was instantaneous. Another team got it a while ago, and they weren't sure what to do with it. So, we came in and helped them over a six-week engagement. We pivoted them from not feeling like they were getting all that much value to getting good value. It was more of a learning curve situation.

Splunk's unified platform has helped our customers consolidate networking, security, and IT observability tools. I was on the team of a company that was helping build a brand-new monitoring solution. They had probably a dozen separate stand-alone silo tools that could not talk to each other.

Instead of logging on to 12 different places to check each tool individually, Splunk Infrastructure Monitoring helped consolidate everything into a single location for viewing. We didn't get them to the point where they were ready to fully decommission the other systems.

They were going to decommission 12 systems on the six-month game plan. By now, they would have realized the cost savings. It would have been a multimillion-dollar savings for them.

Our customer, with 12 separate systems, was all on-premises. Part of our other customer's footprint was in AWS. It was incredibly easy for our customers to monitor multiple cloud environments using Splunk Infrastructure Monitoring. It was a combination of cloud and on-premises for our customer.

The solution provided them with a single pane of glass where they didn't have to log into multiple places and see everything in a single location. You can develop dashboards that give you cross-platform visibility, which is a huge win.

A wide variety of logging makes log onboarding difficult. Over the years, Splunk has done various things to make it easier, so I want to give them props for that. However, the reality is that every vendor has its own logging format. Some vendors have multiple log formats because they change their own products over time.

They have different log formats for different products in their own suites, and no industry standard makes it chaotic. Splunk is probably the best product out there in terms of how they handle it, but it's not perfect yet. They need to keep pushing that cutting edge and trying to improve it. I have no idea how they could do that because they're trying to wrangle chaos, and it's hard.

I have been using Splunk Infrastructure Monitoring for two years.

I think Splunk Infrastructure Monitoring is a solid product from an infrastructure perspective. I haven't seen any bugs in the tool. Like many things with Splunk, everybody knows there will be patches when there's a core upgrade. However, that's more with Splunk Core and not specifically the Splunk Infrastructure Monitoring part.

The solution's scalability is wonderful. I've worked with customers as small as 25 gigs a day, which is tiny, all the way up to close to a petabyte a day. You have to make sure you scale the tool intelligently, but it's more of a budgetary constraint than a technical one. The solution handles the big ones beautifully if you have the budget to have the needed hardware.

Splunk's technical support has significantly improved in the last year. The support went through a rough patch about a year and a half ago. I had to coerce customers to use it because it was really bad there for a while. Splunk's support has vastly improved recently, and I hope it continues to improve.

Those people who changed the attitude, mindset, and processes need all the accolades because it's so much better than it was. Unfortunately, that does mean that it was really bad at one point.

Splunk's technical support still has some room for improvement in certain areas. Mostly, you can tell the more junior people who just read off of a script and really don't know where to go. I always introduce myself as a consultant to let the support person know that I have already done the basic introductory troubleshooting, and they can skip the first ten pages in their script.

Some frontline people in Splunks' support team are wonderful and clearly have more experience. However, it is still obvious that they occasionally bring in somebody brand new who's a little lost.

I rate the technical support seven and a half to eight out of ten.

Positive

I've worked with Core Splunk as a consultant for seven years and was a customer for seven years before that. So I've seen it all: the good, the bad, the ugly, and everything in between. Usually, the actual building of Splunk is super easy because I've done it so many times. Every customer's environment is unique in terms of how to get the data.

It's more about navigating the local customer's politics and archaic technical debts. Somebody thought that a certain architecture was a good idea ten years ago, but today, that doesn't make any sense whatsoever. Wrangling customer chaos is hard, but the Splunk piece is usually easy.

There's always room for improvement, but Splunk Infrastructure Monitoring is a solid product overall. It definitely helps customers who have a lot of legacy systems that don't work well together.

Overall, I rate the solution an eight out of ten.

In my company, we use Red Canary MDR to perform MITRE ATT&CK, after which I import the lot or whatever commands were run by Red Canary MDR to my Splunk system for further analysis. I use a type of real-time monitoring by Splunk.

The most valuable feature of the solution is the way it formats the raw data and helps make the understanding process much easier for the users. When you see the unformatted lots, it looks gibberish, especially for first-time users who may not understand a lot of things, but using Splunk Real User Monitoring (RUM) can make their job easier.

I had tried onboarding Splunk Real User Monitoring (RUM) on the cloud, but unfortunately, I couldn't onboard it on the cloud. It is an issue from my end that Splunk can try to improve.

I have used Splunk Real User Monitoring (RUM) for over half a year. I use the solution with an enterprise license for a trial period of six months. I am a customer of Splunk.

It is a stable solution.

Everyone in the SOC team, consisting of 50 to 100 people in my new company, uses Splunk Real User Monitoring (RUM).

The initial setup of Splunk Real User Monitoring (RUM) was easy.

The solution is deployed on-premises.

My company decided to go with Splunk Real User Monitoring (RUM) over other solutions since it has the ability to format raw data making the job of the organization easier.

I recommend the tool to those planning to use it since even though similar tools are available in the market, Splunk Real User Monitoring (RUM) is easier to use, especially for businesses.

I rate the overall solution a nine out of ten.

Right now it improves the gap between our on-prem data centers and our cloud environment. We've been using Splunk on-prem for eight or nine years now and it's been useful seeing existing tools that we've used like Splunk integrate into cloud environments and bridge that gap. We use the integration the most.

It has reduced our mean time to resolve. It's been easy to aggregate logs and infrastructure data in one place, making it easier to find a single point as opposed to jumping around tools. It's ten to fifteen percent better. It makes aggregating data and logs faster for our cloud purposes.

There's a feature that allows you to connect to AWS infrastructure that we've been using. Its integration with the cloud is what we're looking forward to the most.

It is very easy to monitor multiple cloud environments. It's like a single pane of glass for us. We can use it to monitor our on-prem and both of our cloud environments as opposed to having different tools for each environment. It makes it all come together in one tool.

It's fairly important that it has end-to-end visibility into our native environment. We host a lot of other programs in our program. We host an infrastructure platform. It's good to have the integration that we can pass on to our customers to show them that there are tools they can use to better their program while we're using them to better ours. So it's been pretty beneficial.

Splunk's ability to predict, identify, and solve problems in real-time is good. I was very happy with the keynote. A lot of the use of machine learning is cool. We're excited to get our hands on that once it makes its way to Enterprise.

We still use Splunk Enterprise licensing. A lot of the newer features go into Splunk Cloud before Enterprise. We're not looking to switch our licensing over, so we're falling behind on the newer features. I know Splunk has plans to move their cloud features into Enterprise at some point. The only improvement we would like is to have more features put into Enterprise that focus on the cloud. Some people come from an on-prem environment and slowly move to cloud and would have to make a full jump into the Splunk Cloud licensing to get any of the cool Cloud features.

The program that I'm on has been using Splunk Infrastructure Monitoring for around three years now. We started off mainly on-prem for data centers and we've slowly migrated into AWS and Azure for cloud footprint.

The company has been using Splunk since we were a lot smaller. We were using Splunk for data logs, aggregation, and things like that.

It's very stable. We've never had issues with that. Anytime we do have stability issues, it's something that we can work on to fix. It's not an inherent flaw with the product.

Scalability is excellent. That's what Splunk is designed for, big data aggregation. It's been very easy and seamless to scale up over the years.

I've only had a couple of Splunk support cases, and they've been very, very prompt in responding, especially compared to some of the other big enterprise tools we use.

Positive

We have seen ROI. It's made onboarding better and it's easier for engineers in our project because there's a single pane to view all of these different environments.

We have seen time to value. It makes it a lot easier to train new people and get them spun up. We had our cloud environment for a couple of years before we started integrating with Splunk. It was a pretty quick improvement within a couple of months, noticing how beneficial it was to have a single pane of glass in all of our different environments.

I understand Splunk wants people to move towards Cloud licensing for a lot of the newer features, especially for multi-cloud. It would be nice to see those in Enterprise. I understand why they do it but that is my main concern. 

I would rate Splunk Infrastructure Monitoring a seven out of ten. There's more we can do with it. We just haven't explored it. 

I am a technology analyst. I have been working on a financial project in the US. For this project, I used Splunk APM for troubleshooting and reviewing the logs, and finding errors. Most of our APIs ran on Splunk APM, and we used it to find errors in our production environment.

We are no longer using Splunk APM. We have switched to Dynatrace.

Splunk APM is very good for monitoring purposes. You can watch application-to-application flows. If you just click on a flow, you can go step by step and debug an issue. The places with errors are marked in red. The API or the application in which you are getting an error is red. From there, you can go to the log or the error, and then the person responsible for that particular API or application has to fix it.

Splunk APM gives tools for user monitoring, logs observability, infrastructure monitoring, synthetic monitoring, and automated on-call. 

Splunk APM provides real-time data. In the logs, if you want to see errors related to status 404, you can just write one keyword, and you will get the results.

Splunk APM offers end-to-end visibility across the environment, but it also depends on how your business is set up on Splunk APM.

Splunk APM helped to reduce our mean time to resolve (MTTR). Previously, I had to log into my VPN, run commands, and see the logs. After having Splunk APM, I could click on one link and go through the logs. 

We could set up Splunk APM based on our environment. I worked on one project with Splunk APM. In that project, we faced a lot of issues, and I resolved the issues with the help of Splunk APM. I found the accurate logs and the easiest way to resolve the errors.

Splunk APM is the most advanced application for performance monitoring and troubleshooting for cloud-native applications and microservices.

The ability to troubleshoot is valuable. While running any product or API, we need to troubleshoot issues. We need to find the error in the logs. In Splunk APM, we have the section logs. In that section, we can search with any particular keywords. Before Splunk APM, I also worked with Splunk Enterprise where we have various dashboards to monitor. 

It is an application performance monitoring and observability tool. It is a very good tool. You need to use the documentation on Splunk's website. From there, you can learn many things. I have Splunk certification. You can dive deep into it. For me, it gives end-to-end visibility into our production environment.

They can improve the flow system and the keyword language. It has predefined keywords, but they can be improved. I also use LogMeIn where I can use predefined keywords to see the logs. 

They should give us the option to use our own language to search. For example, I should be able to search for an ID name along with an error or status code. 

I worked with Splunk APM for one and a half years.

I have not faced any downtime. I have worked with Splunk APM for one and a half years, and I did not face any downtime during this duration of time.

I have never faced any issues with scalability.

I did not have any need to contact support because I did not face any issues. 

We used another solution previously. In Splunk Enterprise, it is easier to create dashboards. You can easily set up application alerts and infra alerts. You can search with metrics and you can set alerts based on a specific error. Whenever that error occurs, you will receive an alert.

I am not involved in its deployment. In terms of maintenance, it is owned and managed by Splunk. Everything is maintained by Splunk. I have not faced any downtime with Splunk APM. I have also used Splunk Enterprise previously. With both of these products, I did not face any downtime. 

The pricing is reasonable.

It is a good tool. It allows you to set alerts for application and infrastructure monitoring, and it allows you to create dashboards. You can set alerts based on the threshold or traffic.

For logging purposes, Splunk APM is very good, but we should be able to use our own search query language. Currently, we can only search based on the predefined tags.

Overall, I would rate Splunk APM a nine out of ten.