Listing Thumbnail

    Splunk Cloud

     Info
    Sold by: Splunk 
    Deployed on AWS
    If you are looking for security and operational visibility across your AWS environment including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more then Splunk Cloud is the right solution for you.

    Overview

    If you're looking for security and operational visibility across your AWS environment - including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more - then Splunk Cloud is the right solution for you. Organizations of all sizes leverage Splunk visibility with AWS agility to rapidly troubleshoot applications, ensure security and compliance, and monitor business-critical services in real-time. Splunk Cloud makes it easy to gain end-to-end visibility across your AWS and hybrid environment. Leverage Splunk Cloud with the free Splunk App for AWS to gain critical security, operational and cost optimization insight into your AWS deployment. Whether you're managing applications, infrastructure or a security operations center in the cloud, Splunk delivers Operational Intelligence for a real-time understanding of what's happening across your business and IT so you can make informed decisions. It's easy to get started - and remember - when choosing a product option, match your location and anticipated index volume per day. Splunk Cloud is now FedRAMP authorized: Moderate

    Highlights

    • Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Cloud at your data, and it immediately starts collecting and indexing so you can start searching and analyzing.
    • Splunk Cloud offers single-pane-of-glass visibility across on-premise Splunk Enterprise and Splunk Cloud deployments, enabling customers to deploy Splunk as software or SaaS according to their business requirements, while maintaining centralized visibility.
    • Splunk Cloud includes support for Splunk apps and other content. Splunk apps deliver a targeted user experience for different roles, use cases and enterprise technologies. These apps can help you visualize data in new ways or provide pre-defined views of leading technologies such as Linux, Windows, VMware and more.

    Details

    Sold by

    Delivery method

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Splunk Cloud

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (20)

     Info
    Dimension
    Description
    Cost/12 months
    US - 5GB/Day
    Index Volume
    $8,100.00/GB
    US - 10GB/Day
    Index Volume
    $13,800.00/GB
    US - 20GB/Day
    Index Volume
    $24,000.00/GB
    US - 50GB/Day
    Index Volume
    $50,000.00/GB
    US - 100GB/Day
    Index Volume
    $80,000.00/GB
    EMEA - 5GB/Day
    Index Volume
    $9,315.00/GB
    EMEA - 10GB/Day
    Index Volume
    $15,870.00/GB
    EMEA - 20GB/Day
    Index Volume
    $27,600.00/GB
    EMEA - 50GB/Day
    Index Volume
    $57,500.00/GB
    EMEA - 100GB/Day
    Index Volume
    $92,000.00/GB

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Splunk offers a variety of support options to help ensure your success.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Data Anonymization, Data Security and Governance

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Log Data Collection
    Collect and index machine-generated data from multiple sources in real-time with comprehensive data ingestion capabilities
    Multi-Environment Visibility
    Provides unified visibility across on-premise and cloud environments with centralized monitoring and analysis
    Security Compliance
    FedRAMP Moderate authorized platform with comprehensive security monitoring and compliance tracking
    Data Visualization
    Supports multiple Splunk apps for advanced data visualization and pre-defined views across enterprise technologies
    AWS Service Integration
    Native integration with AWS services including CloudTrail, Config, and VPC Flow Logs for comprehensive cloud monitoring
    Data Collection and Indexing
    Real-time collection and indexing of machine-generated data from diverse sources and locations
    Event Correlation
    Advanced correlation capabilities including time-based, transaction-based, sub-searches, lookups, and joins across multiple data sources
    Scalability
    Capability to collect and index tens of terabytes of data per day with distributed computing architecture
    High Availability
    Clustering technology ensuring continuous data availability and system reliability during scale-out operations
    Machine Data Analysis
    Comprehensive platform for searching, analyzing, and visualizing massive streams of machine data from physical, virtual, and cloud infrastructures
    Data Processing Engine
    "Vendor-neutral processing engine for centralized parsing and processing of event data from multiple sources"
    Data Routing Capabilities
    "Ability to route, optimize, reformat, enrich, and structure data for different destinations in real-time"
    Authentication Mechanism
    "Supports external authentication through LDAP, Splunk, and OpenID Connect identity providers"
    Worker Infrastructure
    "Configurable worker groups, worker processes, and edge nodes with scalable deployment options"
    Data Optimization
    "Advanced data stream reduction capability, capable of trimming up to 50% of unused log and metric data"

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.3
    17 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    24%
    71%
    6%
    0%
    0%
    17 AWS reviews
    |
    46 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    UzairKhan

    AI-driven analytics significantly enhance operational decision-making

    Reviewed on May 09, 2025
    Review provided by PeerSpot

    What is our primary use case?

    Currently, I am working with Splunk Cloud Platform  and other things for my clients.

    I have been working with Splunk Cloud Platform  for around 2 years now while integrating it.

    What is most valuable?

    What I appreciate about Splunk Cloud Platform is that it's an AI-driven SIEM  platform, and for data fusion stock, we require Splunk Cloud Platform because none other than Splunk Cloud Platform can have this data-driven stock implemented; it allows you to get into the data repository.

    The real-time search capability of this product enhances operational decision-making, and it's very convincing; this aspect is very convincing from Splunk Cloud Platform's side.

    What needs improvement?

    The disadvantage of Splunk Cloud Platform is that its integration process should be improved.

    The challenges I have encountered while integrating Splunk Cloud Platform include that integration is a bit difficult due to the coding required for the integrations.

    For how long have I used the solution?

    I have been working with Splunk Cloud Platform for around 2 years now while integrating it.

    What was my experience with deployment of the solution?

    I would say that it was a bit difficult to deploy Splunk Cloud Platform; the user interface is easy, but deployment is difficult because it needs coding to integrate things.

    What do I think about the scalability of the solution?

    I think it's a scalable solution; it's pretty much scalable.

    How are customer service and support?

    I can rate the technical support of Splunk Cloud Platform as eight; they are quite helpful.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We are system integrators, but the client chose another vendor instead of NNTT.

    How was the initial setup?

    The deployment took around 3 to 4 months.

    What about the implementation team?

    Three people took part in deployment from my side.

    It was indeed a huge deployment; it was one of the banks in Pakistan, so we required three resources to get it done.

    What was our ROI?

    Splunk Cloud Platform has impacted operational costs; it's a bit expensive, but it provides value for money.

    What's my experience with pricing, setup cost, and licensing?

    If I were to rate the price for the product from 1 to 10, I would rate it nine.

    What other advice do I have?

    I am currently working with the solution, but I need to know from which NNTT.

    The interface is okay; its interface is good, and user interface is good.

    I would recommend Splunk Cloud Platform to other users and organizations because it adds value to the organization; you can do different things with it because it's a pure analytical tool, not only a SIEM  tool.

    I am mostly focused on Splunk Cloud Platform because I chose this vendor due to the feature set that was offered by Splunk Cloud Platform; it was not being offered by any other vendor.

    Splunk Cloud Platform is the vendor I am referring to, not NNTT.

    Maintenance for Splunk Cloud Platform has been done manually, not automatically.

    Usually, one person takes part in maintenance.

    Regarding the number of users for Splunk Cloud Platform, it involves discussing the number of organizations or the number of people working in those organizations.

    In general, I would rate Splunk Cloud Platform a nine.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Job Asiimwe

    Needs better cybersecurity features but offers robust log ingestion

    Reviewed on Dec 10, 2024
    Review provided by PeerSpot

    What is our primary use case?

    I use the Splunk Cloud Platform  for security monitoring. My company is a technology company with over 40,000 employees.

    How has it helped my organization?

    The Splunk Cloud Platform offers easy data ingestion and a user-friendly interface for product teams, particularly for straightforward log shipping.

    Splunk Cloud Platform offers easy integration due to its robust and well-documented APIs. These allow seamless integration into existing pipelines and other products and the flexibility to create custom integrations as needed.

    Splunk Cloud Platform helps access data for compliance and privacy regulations. While some manual work remains, it assists with meeting compliance and regulatory requirements, especially regarding logging, reporting, and monitoring, solidifying its position as the industry standard.

    What is most valuable?

    The most valuable feature of Splunk Cloud Platform  is its robustness and ability to ingest logs.

    What needs improvement?

    Splunk Cloud Platform needs improvement in its security offerings, specifically in cybersecurity. It has not kept pace with competitors over recent years, and integration with the Cisco ecosystem after Cisco's acquisition of Splunk has also been slow. The product should incorporate more readily available features, especially in security monitoring.

    The federated search feature is costly.

    Extracting meaningful insights beyond essential log data proves challenging due to the product's reliance on manual processes. Users must manually configure detections, develop logic for insights, and manage dashboards. While the product boasts numerous out-of-the-box capabilities, these often require extensive modification to align with specific user needs, limiting their practical applicability.

    Splunk Cloud Platform doesn't inherently provide visibility as a standalone product. It's a platform for building custom visibility solutions. We need to feed it data and then write logic to define what insights we want to extract. While pre-built solutions might be available in the marketplace, Splunk doesn't offer out-of-the-box visibility. If we know our requirements, we can utilize code and research to create custom dashboards, but it requires effort and expertise.

    The pre-built reports in Splunk Cloud Platform are generic and require manual adjustments to extract specific, granular information, which requires the user to be knowledgeable.

    For how long have I used the solution?

    I have been using the Splunk Cloud Platform for over ten years.

    How are customer service and support?

    The customer service and support for Splunk Cloud Platform are mediocre and often hit or miss. Premium support is costly and may not always provide a satisfactory experience, as even the support engineers can sometimes be stumped.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The initial setup of the Splunk Cloud Platform is straightforward. Professional services are available to assist in deployment, including setting up Splunk forwarders and building data models. With adequate support, full deployment can be efficiently achieved.

    Full deployment is a lengthy process, but achieving 50 percent deployment can be achieved within one to two quarters.

    What about the implementation team?

    Deploying Splunk Cloud may require different resources depending on the size of the data ingested daily. Two to three people may be sufficient for smaller terabyte ingestion, whereas a team of four to five might be needed for larger ingestion.

    What was our ROI?

    The return on investment with Splunk Cloud Platform has been poor. There is a significant possibility we will be replacing it in the next quarter or two.

    What's my experience with pricing, setup cost, and licensing?

    Splunk Cloud is considered too expensive, with its two product offerings both being costly. I would rate the cost an eight out of ten, with ten being the most costly.

    What other advice do I have?

    Splunk Cloud Platform is not impacting a lot of decisions. But if we write very good reports and dashboards, then we can derive insights from them for leadership to make concrete decisions on. So we have to do the legwork to get that output.

    While Splunk Cloud Platform may not be a significant factor in decision-making, generating high-quality reports and dashboards can provide valuable insights for leadership to take concrete action. However, we must dedicate ourselves to the necessary work to produce those impactful outputs.

    I would rate Splunk Cloud Platform a five out of ten due to its gradual decline over the last few years. While I would have rated it an eight out of ten four years ago, its performance and features have deteriorated, leading to my current lower rating.

    Which deployment model are you using for this solution?

    Public Cloud
    Darshan G Waghmare

    Offers alert scheduling, dashboard creation, and log monitoring

    Reviewed on Sep 23, 2024
    Review provided by PeerSpot

    What is our primary use case?

    My primary use case is for monitoring security logs and system logs. Apart from that, we create monitoring alerts and dashboards. 

    We also use it for Splunk application configuration, troubleshooting, and server patching. We have many other operations.

    How has it helped my organization?

    Integration with other systems and applications in the environment is easy. For example, we have Fortinet analyzer. We have to pull the logs from network devices into Splunk. We use Cribl pipeline. 

    For Cribl pipeline, we get that data to the Splunk syslog servers. From Splunk syslog servers, we're getting it into the indexes.

    According to the license, suppose we have to onboard thousands of servers. Suppose a scenario, for thousands of servers, the user or client requires only specific events. So for that, we use props and cons and regex for specific events. And only specific events will be calculated in the license. That will consume the license also.

    What is most valuable?

    The incident response time depends on the query and alert configuration, and also on the environment and how the logs are streamed. By analyzing these factors, it takes a maximum of one to two days for one incident.

    Alert scheduling, dashboard creation, and log monitoring are the most valuable features. 

    Federated search depends on the data we pull. We have three types of searches. We use federated search for long-running queries.

    We have, like, 20% of MacBook Cloud environment. It is easy to monitor multiple cloud environments, but there are some onboarding challenges. We are onboarding from the back end and also using Hacktoken. Apart from that, we get data to Splunk using Cripple pipelines from Syslog servers.

    Reporting is like this: if critical data is used by the client, we send it to the data user according to the schedule.

    For log monitoring, we can definitely suggest Splunk is a good tool. And it helps with decision making processes.

    For monitoring security logs, it's the best tool.

    For how long have I used the solution?

    I use Splunk Cloud. Previously, I used Splunk Enterprise, but after that, we migrated to Splunk Cloud.

    I have been using Splunk Cloud for more than three years. 

    What do I think about the stability of the solution?

    It is a stable product. Right now, we are migrating from Datadog to Splunk, so I guess that's why Splunk is better than other tools.

    How was the initial setup?

    It's deployed across multiple locations.

    It does require maintenance. It depends on what Splunk vendor is being used.

    What's my experience with pricing, setup cost, and licensing?

    The pricing depends on the logs and how many logs we monitor. On a daily basis, it depends on the events. Those licenses will be calculated in Splunk Cloud.

    What other advice do I have?

    Overall, I would rate the solution a seven out of ten, with ten being best. 

    All the features for log monitoring, security, alerting, indexing of the data, parsing of the data are good. That feature makes sense and is helpful to everyone.

    I would recommend it to others. 

    Which deployment model are you using for this solution?

    Public Cloud
    Ritesh Vishwakarma

    Gives us better buffering performance and lower latency if we use the right components

    Reviewed on Sep 06, 2024
    Review provided by PeerSpot

    What is our primary use case?

    One client wanted their data in a readable format. He was in the UK, but his data center was in the US, so he tried to forward his data to the indexer. Because of the time zones, he faced some time stamping issues. They reached out to us to open a case that got assigned to me.

    I learned which US time zone the data center was in and set the time stamps in the future. We changed the preferences to convert it into GMT so that whenever the data is onboarded to the indexes via universal or heavy forwarder, we can fetch the data in real-time.

    We primarily use virtualization and deploy in Docker containers. We seldom use any physical servers. It's mostly deployed in a cloud environment or a virtual machine. It's typically Docker but sometimes Azure.

    How has it helped my organization?

    Splunk Cloud saved us a lot of money because we're working with databases like MongoDB and Oracle and using Splunk as a sync tool. It has its own indexes that cut costs by 15 to 20 percent. 

    It also improves our decision-making process. In one scenario, we compared the client's data from last year to this April and saw the year-on-year profit and loss. We could see which projects were successful. Compared to another SIEM or monitoring tool, it saved us time because the data is presented in a clean, customizable dashboard. 

    What is most valuable?

    In an enterprise, you need a universal or heavy forwarder. If you don't have that, you need an HSE token or API request call and all the different components. In Splunk Cloud, you just have one instance to search all the data in your index. You don't need to manage it because Splunk handles that. 

    If you are using Splunk Enterprise, you need to understand, from A to Z, how the indexes and searches work and where the data is coming from. Splunk Cloud has a beautiful, user-friendly UI that lets you navigate all the settings.

    It doesn't matter where the data comes from for integration. The dashboard gives you a brief overview. 

    When we're onboarding all that data using heavy forwarders, Splunk gives us better buffering performance and lower latency if we use the right components. If I use a light or universal forwarder, it often doesn't parse on the other end. Our projects use heavy forwarders and put those data into the index services while defining which indexes they should index. We are also micromanaging where that data should be. 

    The reporting is good so far. Sometimes, I help my clients improve their user experience. As an engineer, I would suggest that if a solution has back-end compatibility, clients should get out of their comfort zone and customize another app to create a dashboard or something else.

    What needs improvement?

    First-time users may struggle with the user interface. When I first used Splunk, I entered my username and password. After that, we get a dashboard on the left side with apps. At the top, you can click the gear icon to view the settings. Within those settings, there's a distributed console option with several settings. It's a bit overwhelming for a beginner. The user knows what they want and can search for it in the search bar. If I see several apps, my first instinct is to scroll down to find the app, or perhaps you will find that search and report. That bugged me when I was learning.

    Application support is another problem. We created a custom Palo Alto app that isn't fully supported by the latest version of Splunk. We had to downgrade to older versions to use the custom app properly. That was one problem we faced daily with one client. 

    For how long have I used the solution?

    I have been using the Splunk Cloud Platform for two years.

    What do I think about the stability of the solution?

    I rate Splunk Cloud seven out of 10 for stability. 

    What do I think about the scalability of the solution?

    I rate Splunk Cloud eight out of 10 for scalability.

    How are customer service and support?

    I rate Splunk support six out of 10. They're knowledgeable, but their response times are sometimes slow. 

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    We have Prometheus, but that only monitors Grafana and shows you a dashboard. Splunk is not just monitoring or grabbing data you search for. I've worked with cloud and enterprise. When we started using Splunk Cloud, we used it more like a dashboard to search data. Based on my understanding, I could create applications. 

    After moving into the enterprise side, I understood Splunk even more, including its components, bucket lifecycles, and how the indexes and configurations work. It's not simply transferring data from one to another. I can grab data from any system that consists of raw data. Splunk can also identify those data in the timestamp index form. We don't have any other vendors to compare it to. 

    How was the initial setup?

    Deploying Splunk Cloud Platform is straightforward unless you use an automation tool like Ansible, Puppet, or Chef. It takes four to five hours. Installation can take a day in some cases, but it typically can be completed in less than five hours unless you're dealing with more complex data.

    What's my experience with pricing, setup cost, and licensing?

    Splunk Cloud is affordable, depending on your license. I don't know how much it costs exactly, but my colleague said it depends on your licensing and which features you use. 

    What other advice do I have?

    I rate Splunk Cloud Platform eight out of 10. I would recommend this product. 

    Which deployment model are you using for this solution?

    Public Cloud
    Lokesh V.

    Troubleshooter of Technology

    Reviewed on Aug 31, 2024
    Review provided by G2
    What do you like best about the product?
    Ease of Use and supporting features integration.
    What do you dislike about the product?
    Charge on queries quantity on commercial versions.
    What problems is the product solving and how is that benefiting you?
    end to end testing troubleshooter
    View all reviews