Splunk Observability Cloud Reviews

We have used Splunk to give us insight into the NetFlow of the traffic running through our network. We connect different networks but we only use on-prem. We are in the middle of a spider web, providing these services to different networks. We are trying to gain visibility into the traffic that traverses our network internally.

We are interested in the traffic volume because the services we are looking at are endpoint-encrypted, meaning encrypted traffic between a service provider and a client in another network. So we are not able to look into the media stream.

The networks we are connecting have their own security boundaries and their own security levels, and we don't mess with that. We are just trying to let them talk together. 

We have been using Splunk for monitoring who is logging in and how and when.

It has given us visibility into what is going on in the network, such as how much traffic is running to and from the services, but we are not using Splunk in a straightforward way. When we are looking into reports on how much data has been used, we need to look into another system and enrich it with data from Splunk.

Splunk has drawn our attention to how the network is running. If there are alarms on things that are not functioning, it gives us early warning on problems that could arise.

In terms of operational performance, the efficiency, Splunk has helped us improve. We could have found other tools that would have given us the same efficiency, but this was the tool that we chose. From that perspective, it has been of value to us.

It would have helped us reduce our mean time to detect but I can only guess at how much; perhaps by 25 percent. And we would see a similar reduction for mean time to resolve.

It's a bit difficult to use. It takes some time to get into it and to get it to do what you would like it to do. It is not straightforward to use it. Once you have the dashboards for collecting and analyzing transactions configured, they are okay, but it takes some time to do it. Configuration could be easier.

We have been using Splunk for about eight years.

We have not looked at Splunk as a means of being able to scale, but we have not been hindered by using Splunk. Our goal has not been growth, but maintaining stable and secure networking, and this is what we have achieved. But with or without Splunk, we would have achieved that anyway.

We really haven't had any technical issues where we involved Splunk's support.

We did not have a previous solution like Splunk, other than in-house-developed tools. We got acquainted with Splunk as part of the tender for our network infrastructure, and from that perspective, it has been okay.

Splunk has been fairly expensive, but it has been predictable. You are not punished if you are looking into much more data if you are, for example, under attack. Other tools could be more expensive to use if they charge per incident or the amount of data you are looking into. With other solutions, you could be punished if you need to index more data because of an attack, such as a DDoS attack, and you need to do some forensics on the data.

Why shift to something you don't know when you are, perhaps, happy enough with the tool that you already have? Think about whether you could develop that tool into something that would give you the visibility you would like to have, instead of using Splunk. Are you looking into incidents, traffic flows, indexing per day, or is the issue that you're looking for an alternative with a better price? Think about why you are considering shifting from a tool that you already know.

We primarily use the solution for network monitoring and to identify threats. It is a security measure. 

If anything suspicious happens in the banking system, the solution would be able to identify the threat. We've also been able to identify malicious domains and phishing attacks. 

The product provides a lot of valuable features. 

It's helpful for identifying threats. The solution helps protect against phishing and malicious domains.

We we see any spikes in the CPU, it might be a sign of suspicious activity, and we can monitor it to protect our company. 

It's a very easy-to-use solution. It's simple to install and configure.

The solution is stable.

It is scalable.

They need to offer better endpoint protection. They don't have their own platform for endpoint protection. It would be helpful if they added something that addressed that. They need more EDR functionalities. 

Support could be faster. 

I've used the solution for five years now. 

The solution is stable. It's reliable and the performance is good. There are no bugs or glitches and t doesn't crash or freeze. 

The solution is really scalable. You can easily add more components and different vendors. 

We're an IT service provider. We don't use Splunk ourselves. However, a bank we work for has about 500 employees right now that would be leveraging Splunk. 

We tend to support our customers. We can troubleshoot for customers.

We also use Splunk technical support, and they aren't too bad. They could be faster and improve their response time. 

We also use Cisco for EDR since Splunk doesn't really have any EDR options. 

The simplicity of the setup is great. It's easy to configure. Splunk is very straightforward. 

To have the solution up and running, you can deploy it in three hours. There might be more integration that needs to be done on top of that. There are a few other items that may make the deployment a bit longer, depending on the setup. 

Installing the system is very easy. However, for it to be useful, you need to customize it to integrate with your current use cases. You might have to spend some time testing use cases. It's important to understand the use cases before doing the configurations.

We have a manager and a few engineers that can handle deployment and maintenance tasks. 

We're a service provider and can implement the solution for clients. 

We use a free version of the solution. There is also an enterprise option as well. 

The product has a fairly flexible licensing model. You buy based on your requirements, whether it is six months or a year.

We are using the latest version of the product. 

I'd rate the solution eight out of ten.

Our use cases have not been completely sorted and executed. In that case, if this has been done and we know the way forward, the stabilization is more complete. This is not yet stabilized, and I would say at the moment, the focus is more on creating alerts and incidents, rather than how the user can view Splunk ITSI. That focus has not yet been set. Once it is done, I think that would help.

If there is an issue or challenge in Splunk at the product level, Splunk's internal log will call out every problem it is facing, which will help us to identify the root cause and fix it. This gives us a clue about what to do next if there is a problem we can understand the issue from the reports.

The alerts are the most valuable feature.

I don't see any issues yet because my use case has not been finalized. The point is, if anyone is going to acquire Splunk ITSI, their primary purpose should be to ensure that all infrastructure assets in production are logged into Splunk to ensure complete monitoring is enabled. Each organization has its own criteria for the importance of its applications and servers. All of these must be added for the monitoring to be effective.

The implementation can be more user-friendly.

I have been using the solution for a few months.

The solution is stable.

The Splunk technical support meets all the SLAs. There's a P1, P2, and P3 categories, and the support is being handled accordingly.

Positive

It is not possible to set up the solution without the assistance of Splunk professionals. A professional services representative must be present to handle the Splunk ITSI implementation.

The implementation requires either Splunk for PS or the hiring of a Splunk Certified Resource. We used a Splunk architect for our implementation.

I give the solution an eight out of ten. 

I suggest using Splunk Professional Services for enrollment review. Splunk has a set of recommendations for keeping our data clean and structured when logging into Splunk, which will make our application infrastructure monitoring more effective. Splunk also has best practices that need to be implemented. We can take care of this in one call, and Splunk inputs may help us make it even better.

We use Splunk Infrastructure Monitoring because it is a durable solution for our environment.

Splunk Infrastructure Monitoring is easy to use.

The dashboards are good.

Splunk Infrastructure Monitoring has helped improve our operational performance and efficiency. 

Splunk Infrastructure Monitoring has helped reduce our MTTD by 90 percent.

Our MTTR is good thanks to Splunk Infrastructure Monitoring.

The most valuable feature is log reporting.

The price has room for improvement.

I have been using Splunk Infrastructure Monitoring for five years.

I would rate the stability of Splunk Infrastructure Monitoring ten out of ten.

Splunk Infrastructure Monitoring is scalable.

I have used the technical support a few times and they were good.

Positive

I would rate the price of Splunk Infrastructure Monitoring as an eight out of ten, with ten being the most expensive.

I rate Splunk Infrastructure Monitoring ten out of ten.

Splunk Infrastructure Monitoring is a good service that provides visibility into our environment.

I recommend Splunk Infrastructure Monitoring to organizations for the logs that will help identify errors in their devices and assist them in resolving the issues.

One person is required to maintain Splunk Infrastructure Monitoring.

Primarily, our organization uses the solution to implement proper infrastructure in our campus environment.

The solution's basic visibility is one of its most valuable features. So, it is a solution that is easy to use.

The solution's stability is an area that has room for improvement. It needs to provide constant stability to its users. Also, the price of the license for the solution could be a bit better.

I have been using Splunk Infrastructure Monitoring for ten years. Also, I am using the solution's latest version.

It is a pretty stable product. Stability-wise, I rate the solution an eight out of ten.

It is a scalable solution. Scalability-wise, I rate the solution a seven out of ten. Around fifty to a hundred people are working on the solution. Also, the solution is extensively used in my organization. Currently, our company has no plans to increase the number of users using the solution.

The solution's initial setup process was straightforward. It took our company a week to complete the deployment process.

I implemented the solution in our organization.

I have seen an ROI using the solution in my company, especially in terms of increased visibility and productivity. Also, there is a commercial cost with increased visibility.

The solution's pricing is competitive. There is a need to make yearly payments for the licensing part. I rate the solution's pricing a seven out of ten. The price of the solution could be cheaper.

I would tell those planning to use the solution that they probably need to consider setting it up in a lab before deploying it.

Overall, I rate the solution a seven out of ten.

Right now, I am using the infrastructure monitoring module. It's mostly for monitoring the infrastructure workloads. We can monitor our server, database and networks. It's mostly metric-based monitoring. 

The time to go live is very fast. It takes mere minutes for the sys admin to set up the solution.

The features are pretty much ready out of the box. 

The visualization is very user-friendly.

It is stable.

The solution scales well.

The pricing is very reasonable. 

We can't really configure the solution. 

The UI enhancements could be a way to improve the solution in the future. 

We'd like the solution to be better integrated with Splunk Cloud. 

I've used the solution for almost a year. I haven't used it for that long.

The solution is pretty stable. There are no bugs or glitches. It doesn't crash or freeze. It is reliable. 

This is a very scalable solution. You can have different deployment modules. It's flexible. 

I've never contacted technical support. We don't take care of that aspect of the product. 

This offers a very easy setup.

The deployment is fast. It was very quick. It does depend on how fast your infrastructure is. 

The solution is reasonably priced compared to the competition. We do not find it very expensive at all. 

I'm an end-user and customer.

We're using the SaaS deployment. We don't have visibility into the version number. 

I'd recommend the solution. We've had a good experience firsthand. It's a very simple solution to grasp and understand from an end-user perspective. You just might need a bot of configuration to visualize the data. 

I'd rate the solution nine out of ten. 

I am using Splunk APM mostly for telemetry and logs.

The Splunk APM proves to be extremely useful for troubleshooting production issues. We rely heavily on its detectors to monitor the traffic flow between microservices, and any sudden deviations in traffic, whether due to errors or changes in inflow, trigger alerts. This allows us to quickly investigate the source of the traffic and identify bottlenecks in the microservice ecosystem. once we have a problem, we are looking through the logs, and it has really helpful filters. We are able to find what we want quickly.

When an issue arises, we search through the logs using the highly effective filters that are provided. This enables us to quickly locate the required information with ease.

The most beneficial aspect of Splunk APM is the ATM, which is the map displaying the inbound and outbound relationships of the microservices, as well as the traffic between these dependencies. This feature provides us with valuable insights and helps us understand the interactions between different microservices.

Primarily, the logs in Splunk APM can be challenging to navigate and comprehend, making it difficult to understand the details within each log. Compared to other tools like LogDNA, which are more intuitive in this aspect, the logs in Splunk APM can require more effort to understand.

It would be beneficial to have a feature that addresses the scaling of microservices. At times, issues with microservices may not be related to the code, but rather to the available resources. Therefore, it would be useful to have a feature that indicates the status of the microservices, including their scaling status and any relationship between the two.

I have been using Splunk APM for approximately one year.

The metrics in Splunk APM may not always be accurate as they depend on the computer generating the report. If the reporting machine is underperforming, it can show lower metrics, which can be misleading. Therefore, it's important to be cautious when relying solely on Splunk APM for accurate metrics.

I rate the scalability of Splunk APM an eight out of ten.

The scalability of the solution is good.

We plan to increase our usage because new features of the solution are coming out.

I rate the scalability of Splunk APM an eight out of ten.

I have not used the support. I did not have any problems.

I have previously used LogDNA for logs and Newrelic for telemetry .

The initial setup of Splunk APM was straightforward.

We have received a return on investment after switching from our previous solution to Splunk APM.

The price of Splunk APM is less than some of its competitors.

We choose Splunk APM over other solutions because of the cost benefits.

If you're planning to use Splunk APM, my suggestion is to exercise caution, especially if the machines you're using are under heavy load with graphics or other resource-intensive tasks. In such scenarios, the data you get from Splunk APM may not be entirely reliable. Nonetheless, it's an excellent tool that can provide a comprehensive overview of your system if you integrate it into all aspects of your operations. With Splunk APM, you can easily identify bottlenecks and improve your programs, making it an incredibly useful tool.

I rate Splunk APM an eight out of ten.

We primarily use the solution for monitoring. 

The solution has a lot of features. 

It's a good traditional monitoring platform. 

The solution is stable and reliable. 

It can scale well. 

It's a little bit technical. 

The cardinality is pretty low. They need to expand their reach.

I've been using the solution for three or four years. 

The stability is good. I'd rate it eight out of ten. There are no bugs or glitches, and it doesn't crash or freeze. 

The scalability of the solution is pretty good. I'd rate the ability to expand at an eight out of ten. 

I'm not sure how many people are using the solution in our company. 

Technical support has not been an area of the solution I've dealt with. 

We previously used open-source solutions previously and found SignalFx to be better. 

I wasn't directly involved in the deployment of the solution. 

I have not looked into the ROI. I can't say if we have seen ROI or not. 

I haven't dealt with the pricing and licensing aspects of the solution. 

I don't know which version of the solution I'm using. 

I'd rate the solution seven out of ten overall.