Splunk Observability Cloud Reviews

Our primary use case for SignalFx was visualization, charting, and alerting. We also used it to fix our µAPM.

For one project I was working on, at least 15,000 people were using SignalFx. They used to monitor their application health in the SignalFx dashboard and get alerts from SignalFx. The users had different job profiles, such as engineers and architects.

One of the valuable features is that it is very user-friendly. We can directly search for a metric and create alert charts straightaway. There are multiple visualization options to create charts that allow users to create detectors and alerts and integrate them with downstream applications for getting notifications.

Moreover, the volume it handles is very good, including the number of metrics, the volume number of traces, and more.

There are some predefined metrics where we can directly install the SignalFx agent. It gives some informative CPU utilization where some things are inbuilt. But for specific applications, we may need to create customized metrics. Here, developer teams have an additional burden of creating the whole thing if they need to customize anything. The additional feature metric could be a custom metric edition. It would make it simple for any user or engineer to go beyond the default metrics and easily choose to add more metrics. It will help share dashboards, so when we have a single version, thousands of people can use the same single version of the dashboard.

The sharing option and custom metric would be the two additional features I would like to see in the improved version.

I used SignalFx for six to eight months for my previous project, and the version I used was Splunk Observability. I used it last in October 2022; I am not using it right now.

It is a stable product. There used to be some unplanned maintenance or intermittent issues. Most of the time, we used to get alerts or notifications from the SignalFx team. So, out of 100, I would give it a 90. It was stable, but in that 10% of the occurrence, we faced various problems like loading traces, dashboards, and more. In that project, we had a limit of detectors and a limit of a metric time series, and several subscribed metrics. So, we used to get some notifications when it reached 80% or 90% of the usage. Thus, it is completely related to the subscription. But we faced the fact that the number of MTS reached the limit.

In terms of stability, we faced intermittent issues so I won't give it a 100%; it is 90%.

It is scalable. Although the scalability depends on the subscription model, there are some related requests according to cost. For example, if I want to increase the metrics by up to 30%, store more metrics, or create more alerts, I can easily do it without impacting anything. For all those things, it is scalable.

I used to create a support case in the SignalFx portal itself, and I used to call them on their toll-free number and engage them with issues. So I had some experience with their team and I rate them an eight out of ten.

I would rate it an eight because customer support won't provide back-to-back service. If I expect updates every hour, sometimes I may not get updates every hour. For example, if I need someone to explain the issue, there might be delays. If I need to get some root cause of an issue in real-time, that might take time. So considering these factoes, I rate them an eight out of ten.

Positive

I have used some observability tools like Splunk, Instana, and Grafana. I found SignalFx the best one for visualization, and it is user-friendly too. For example, you can directly search for a metric, and we can create alert charts immediately. So there will be multiple visualization options to create graphs. From there, we can directly create detectors, create alerts, and integrate them with other downstream applications for getting notifications.

The initial setup was simple, and we used some package installers. We had a restrictive code for binaries in Artifactory. So we directly used some package installers and pulled it in individual service. Also, it was integrated with Puppet, so installing the SignalFx agent and starting it was simple.

I wanted to manually install, deploy, and download it on a single server, and the whole manual procedure took around 10 to 15 minutes. When I tested a group of services with the help of Puppet, even hundreds of servers were done within an hour or something. 

So I was working on a banking project, and we had a private cloud there; SignalFx agents were installed on servers, and our metrics were derived from there.

My company used an inbuilt application built by in-house developers, which was developed 15 years ago. Those tools were somewhat outdated and could not serve the purpose of the ever-growing volumes and other issues. So they preferred to have some third-party tool to solve their problems, and they found SignalFx useful. As a user, I also thought SignalFx was much better than other visualizations.

I would definitely recommend SignalFx. Compared to other installation tools, creating alerts, understanding charts, and creating dashboards is more straightforward. 

The functions are complex but SingalFx is very user-friendly. There is very defined documentation for everything, whether I have to create an alert or use some aggregation. We will have a direct link that says something like, "Click here to read more" or  "Click here to understand." Such links are there for everything. Moreover, if I want to create an alert, there will be multiple options; it will say, "What is the time of alert?" or "What is the threshold base?" All these details will be there; you will have a link to detailed documentation. It is a very user-friendly tool for any beginner. 

I would rate it as nine out of ten. 

I have the logs of my applications, and they're usually a bit volatile. The log switch doesn't stay there on the application for a long time, so Splunk can require that. It can take 15 days for the logs to be available to do some kind of research. I'm using Splunk to ingest application logs, create dashboards, and set up alerts. 

The biggest benefit of Splunk is that we can retain logs and correlate the data. Telemetry data has a huge impact because it's much easier to see everything. 

Splunk has significantly reduced our mean resolution time. The workflow at my company involves application microservices applications running on the cloud. These logs are highly volatile, so they're only retained for three to five minutes, and we had to reproduce an issue to trace why it failed. That meant we had to do everything again to capture the log at the moment.  Now, we have the data to analyze one or two hours.

Splunk's dashboards are great. The solution provides end-to-end visibility across my environment. Visualizing large amounts of data is easier because we can correlate the data from any target source. 

The licensing model is expensive. We need to monitor the amount of data ingested because the cost is based on the data collected. 

I have used Splunk APM for three years now.

We have instances for production and development. I've never seen the production instance go down. Our development instance has gone down, but that's expected. 

I used tools like Elasticsearch, which is similar to Splunk. I've also used other observability tools like Grafana and Dynatrace, but they have different features.

I rate Splunk APM 10 out of 10.

My main use cases for Splunk Observability Cloud include Application Performance Monitoring, Real User Monitoring, and Synthetic Monitoring.

Splunk Observability Cloud has proven to be beneficial for our organization. In evaluating its effectiveness in improving digital resilience within my organization, I have experienced lower costs of unplanned digital downtime.

The solution has helped improve operational performance and company resilience.

Splunk Observability Cloud can be optimized to its full potential. 

I have been using Splunk Observability Cloud since this year.

The stability and reliability of Splunk Observability Cloud has been satisfactory. Customer service and technical support have been evaluated positively.

Splunk Observability Cloud scales effectively with the growing needs of my organization.

Positive

I have always used Splunk products.

My experience with the pricing, setup costs, and licensing has shown a return on investment with Splunk Observability Cloud.

I would recommend organizations to consider implementing Splunk Observability Cloud. 

On a scale of one to 10, I would rate Splunk Observability Cloud overall as nine.

Our primary use case for this solution is as a supplement to Dynatrace, so the log analytics is done in Splunk instead of Dynatrace.

We built a tool for firewall log monitoring and we powered all firewall logs to Splunk. In addition, we built a little dashboard that just specifies sources and the destination addresses and port numbers. It passes all the logs and tell us if there are any blocks or drops on the firewall level. This is a very useful tool for us.

The features I have found most valuable are log searching and log analytics, both of which are quick features.

There's a component in this solution that is particular and takes a lot of manual work and that is the automation. There is a lot of room for improvement with the automation. They should also improve the discovery and detection of all the infrastructure components so that it is more automated and takes less manual work.

I have been using this solution for about five years.

I would rate the stability of this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the technical support of this solution a 10, on a scale from one to 10, with one being the worst and 10 being the best.

Positive

At first, we were deployed on-premises and then about one year ago we migrated to the cloud. So I would say they did most of the work around migration. There are around 1,000 users of this solution in our company.

We have seen the ROI.

I would rate the pricing of this solution a two, on a scale from one to 10, with one being the most expensive and 10 being the best price.

Our model of deployment is the cloud.

I would rate this solution as a whole a 10, on a scale from one to 10, with one being the worst and 10 being the best.

I would advise other people looking into this solution to do their due diligence and make sure they do their pre-work and post-work.

We have a lot of applications that we monitor. We have a lot of hardware that runs on VMware. We monitor all of that as well.

Dashboards have been helpful because people can go and look for themselves how their systems are running. The requests for us to go look at something have gone down because people can go and do it themselves.

It is important for us that Splunk Infrastructure Monitoring has end-to-end visibility. Developers and those types of teams can look at and troubleshoot any kind of issues quickly.

Splunk Infrastructure Monitoring has helped reduce our mean time to resolve, but I do not know how much. We just help as needed, but for the most part, it is just the teams going in there and looking at things themselves.

Splunk Infrastructure Monitoring has helped improve our organization’s business resilience.

Different teams can see a lot of different aspects of what is going on. They can see network traffic. They can see applications, and they can see hardware peaks and performances. They can see everything they need.

We could see the value of Splunk Infrastructure Monitoring within a couple of weeks of implementing it.

Dashboards help the application support teams to have a quick look at how their systems are running. It helps other teams as well.

They can get more integration with a few more products.

They can also update some of the dashboards that are in there now.

It is pretty good in terms of the ability to predict, identify, and solve problems in real-time, but there is always room for improvement.

I am in a new role. I have been there for two months. That is as long as I have been using it.

It is very stable. It is good.

Its scalability is great.

It is very good. I would rate them a nine out of ten. They are usually pretty helpful and knowledgeable.

Positive

We have it on-prem, and we also have a cloud instance. Our cloud provider is AWS. We do not monitor multiple cloud environments.

Deploying it was pretty straightforward. We just had to make sure that we were getting the logs right and setting the apps right. That was pretty much it.

We have seen an ROI in terms of manhours and less work for everyone.

I have always used Splunk.

I would rate Splunk Infrastructure Monitoring a ten out of ten. It is great. It is much better than a lot of other products, so it is definitely up there.

Splunk Infrastructure Monitoring reduces our mean time to resolve. We are more proactive than reactive. I would be very confident to say that there is about a 25% reduction in time. We get things way quicker than when we were just doing it reactively.

It has the ability to identify and solve problems in real time. It saves time.

There is no one feature that stands out more than others. We use a little bit of everything. When we started using it, we did not exactly know it. It was new and fresh, so we just started gathering everything. We did not end up doing anything different. All of the features that we are using have had an effect on the monitoring that we are doing. Everything is very effective.

We never had any issues when it comes to the type of use cases we are using it for. We did not need more advancement on it, but I know that, in general, everything can be updated. There are tiny little tweaks that can be made regardless of whether it looks better or has a different flow to it than it does right now, but it works pretty well for what we use it for.

I have been using Splunk Infrastructure Monitoring for two to three years.

It is stable.

It is scalable. As we continue to grow and expand, the stability and the scalability are there.

They have been very helpful whenever we have had any issues. Only one or two times they did not know. That does happen. We are all humans, but that is the best that you can get.

Positive

I got onto the team when we started using it, so I am not sure what we were using before.

I would rate Splunk Infrastructure Monitoring a ten out of ten.

We mostly work with developers. They run some pipelines, and they use Splunk as a platform to identify the errors, instead of themselves debugging the logs and understanding what the issue is. This is one side of the business. On the other side of the business, we use the Splunk database for frozen buckets where we archive the data.

We can easily integrate it with other tools for monitoring our entire IT data infrastructure. I also handle AppDynamics. We have integrated Splunk and AppDynamics. With one click, we can understand what the actual issue is. It brings down the time to resolve. We have had some good experiences.

It improves our operational efficiency every day. In my previous company, we had integrated it with ServiceNow. For defined alerting conditions, it could directly open up a ticket for the right team. We did not have to look into a thousand cases to understand a problem.

In terms of integrations, most of the plugins are already available. If a plugin is not available, even then it is pretty easy to integrate. There are multiple ways to integrate. You can use the REST API and just forward the data. It can be easily integrated.

It makes it easy to have end-to-end visibility in the cloud environment. There are multiple types of devices in an environment. You might have AWS, Microsoft Azure, or something else. It operates beautifully. It is easy to integrate. This is the best part.

I am in the banking industry. It helps to keep track of how well our application is performing when somebody tries to do a transaction. There are multiple pieces to it, and we keep track of everything. We have our own business dashboard that the top-tier leaders can look into. All the visibility is there because of it.

I find the monitoring console very helpful. With one click, I can see how we are performing, and at the same time, I can see what data is flowing.

The clustering part of indexes can be more refined.

They can cut down a bit at the monetary level for the long-time customers. We recently had a scenario where we were in discussions to see if there was any flexibility from Splunk's side.

I have been using this solution for the past two years. I have also used it in my previous company.

It is pretty scalable. I would rate it a nine out of ten for scalability.

I have worked with Kibana and Logstash, but they are not comparable to this solution.

It is expensive.

Overall, I would rate it an eight out of ten.

We mainly use it for different divisions and departments within our company to keep track of our systems' health. We also ingest log files to get data and alerts for different groups.

We used to use a number of different tools before we were introduced to Splunk. We used to have a very hard time getting this data in and being able to effectively use it because we had such a massive amount of data. We also could not find a way to organize it effectively. Splunk helped us to effectively use all the data that we collect in a valuable way for different customers and groups that we have in our company.

It has definitely helped reduce our meantime to resolve (MTTR). A lot of our customers have difficulty getting to root cause analysis of different problems and situations. They also do not have the data to perform analytical responses for different problems that there could be within our industry. They are now able to use this data effectively, not just for alerting, but also for preventative maintenance.

It has definitely improved our organization’s business resiliency by a lot. I do not have the actual data to share at this time, but there has been a marked improvement in the organization. We are now able to keep track of all the raw data that we pull in and then use it effectively. This helps our organization run more efficiently.

It has improved our organization's ability to predict, identify, and solve problems in real time. We are able to use data and search for it effectively. We have different analytical forms and data that we can use to improve in different ways. 

The most valuable thing that we have seen within our group is the ability to ingest all this raw data and have it organized in a certain way so that different groups can get effective alerting from this massive amount of raw data that is out there.

A lot of customers had a hard time effectively searching within the data in Splunk. There is a learning curve from searches to indexes and using all the macros that we have created. It is a little difficult for somebody who has not used it quite a bit and does not have a lot of practice with it, but the AI features that we have been hearing about through Splunk will make it a lot easier for us to use human language to search this data. That is big. That is pretty powerful, and that will help a lot with our customers. At the Splunk conference, some of the talks have been about the AI platform and more effective and easier ways to search within Splunk through indexes and other things. These features will help correct some of the things with which we are having a hard time with some of our customers.

We have been using this solution for about four years.

We are not on the cloud. We are all on-prem. We have had certain issues with space on the servers and things like that, and while moving things up to what we need, we have not had any issues on the Splunk side.

It is great. We have not had any major issues with getting support from Splunk. With our monthly license, there are a certain amount of hours that we have with Splunk support. We are able to use it when we are getting close to the end of the month. In our meetings, we make a list of different topics that we would like to explore and discuss with Splunk. We create meetings for that, and they are always very helpful. We never had any issues in getting support from Splunk. I would rate their support a ten out of ten.

Positive

We used to use Tivoli. We also use AppDynamics in addition to Splunk for different parts, but we are starting to learn that Splunk does have a lot of similar toolsets. Splunk does the same as what AppDynamics does, and in some cases, there are more powerful tool sets that would help us. We are thinking of petering down our different tools to get into one tool, possibly Splunk. We already got rid of Tivoli, and we are using Splunk fully in place of Tivoli. We have seen a positive response to it.

We have seen cost efficiencies by switching to this solution. Because of the wider range of tools that Splunk offers, we were able to get rid of Tivoli and get rid of that licensing obligation on an annual basis. We are able to save a good amount of money on that and move that budget over to our Splunk budget to keep everything under one umbrella.

I was not involved in its deployment. I came on the year after.

We are currently on-prem, but we are working on developing and moving everything over to a Google Cloud platform. The announcement that Splunk is partnering with Google Cloud, in addition to AWS, is pretty good for us because we are working on moving over to the cloud in the next couple of years.

We have definitely seen an ROI. Our team is able to spend more time learning one tool as opposed to having to learn multiple different toolsets. Therefore, we are able to get more work done in a more efficient manner.

We have seen time to value using this solution. Our company has a very heavy push toward work-life management. Since we have been able to, especially in our group, switch to this tool, we could cut down on our on-call time and have our groups run on different patterns where people who are off are actually off. They do not have to be called in because essentially, everybody is able to access the tool and use it effectively because it is the one tool that we use as opposed to having different tool sets. Everybody knows how to use it, so it definitely has helped us in that way.

I know there was a panel and a team that was going through different tools. I was not a part of that process, but I know there were quite a bit of tools that they were looking at. Splunk must have worked out better than everything else.

I would rate Splunk Infrastructure Monitoring a ten out of ten.