I use the solution in my company to capture the events to deal with threat detection, incident response, and compliance reporting. For IT operation management, it gets complex to track the health and performance of IT infrastructure, including our network devices and applications, so Splunk Enterprise Platform can be used for centralized log management.

The most valuable feature of the tool for DevOps and from a continuous delivery perspective is that the tool is useful in areas like deployment, monitoring, and incident management.

If I compare Splunk Enterprise Platform with the other tools, the dashboard and the user interface need to be built at a console level and in a user-friendly mode. Sometimes, the tool looks a bit complex, and we can't find out the exact area where we need to make the changes in the configuration and changes for the log events monitoring. The dashboard and the console-level areas need to be made friendly.

The product's initial setup phase needs to be made easy since it looks like it is very complex compared to the other tools in the market.

I have been using Splunk Enterprise Platform for three years.

From a stability perspective, the tool is good. If any breakdowns exist, remediation and support are provided, so it is not a problem.

The tool is used by around 5,000 employees and servers in my company.

I have interacted with the solution's technical support. I rate the technical support a seven and a half out of ten.

The solution is deployed in an on-premises version.

The tool is expensive.

To first-time users, I can say that proper analysis and bandwidth utilization, cloud resource monitoring, and cost optimization are the things I would ask one to check in the tool.

It is not easy for beginners to use, and for freshers, it will take time to understand the tool.

From a security perspective, I rate the tool a nine out of ten. From a user and the console perspective, I rate the tool a seven out of ten.

In general, I rate the tool an eight out of ten.

We use the solution to manage a large volume of data from our servers for the project I'm currently working on. Since we don't need all the data, we filter out and extract the specific information required for our applications. Depending on our needs, we use it to filter, investigate, and analyze log data for any errors or requirements.

The most valuable feature I've found in the Splunk Enterprise Platform is its log readability and filtering capabilities. The filters on the left side are particularly useful, allowing me to quickly narrow down the data to what's relevant for any application or server service. The interesting fields feature helps me get the values I need most of the time.

Additionally, the dashboard and report creation aspects are excellent, especially for automation. Integrating Splunk Enterprise Platform with Power Automate and other automation tools allows me to create precise reports that keep my team updated. The tool is not difficult for a beginner to learn.

Splunk Enterprise Platform could improve in the area of basic log readability. When performing basic searches without advanced filters, the logs often contain timestamps and various unknown codes or other elements that can be confusing. Removing or simplifying these parts would make it easier for users who are not developers or do not have a development background to understand and find relevant information easily.

If I could add a feature to the Splunk Enterprise Platform to make my life easier, I'd like to add an internal automation tool. We can use third-party automation tools like Power Automate, but it would be better if Splunk Enterprise Platform had its built-in tool.

This tool could automate reports and make sending emails with Excel attachments or other formats to specific people easier. We're currently using third-party tools for this, but having it as a first-party feature would be better.

I have been using the product for more than two years.

I haven't found any bugs while working with the application.

My company has more than 100 product users.

I haven't contacted the support team yet. I get information from my seniors and leads.

Before using the Splunk Enterprise Platform, basic knowledge of log analytics tools like Logstash is beneficial. While it does not require specific prerequisites, having some background knowledge will help. Remember that Splunk is a paid service, unlike other log analytics tools like ELK Stack, which may offer free versions.

I rate the overall solution a nine out of ten.

We use Splunk to create dashboards and do analysis.

Splunk can be used primarily to port log files, allowing for easy and quick management of large amounts of logs. However, this can also be a drawback due to the configuration, parsing, and dashboard creation limitations. Communication is stream-based, which means you need to do a lot of pre-emptive setup to get a nice export. Another issue with Splunk is its streamlined nature; it reruns the query whenever you refresh a dashboard. This becomes problematic if you have a large volume of log files, as it can be slow, resource-intensive, and require significant storage space.

It is designed to process and analyze log files. You feed log files into the platform, automatically extracting different fields. This allows you to filter and manipulate the data in a stream-based manner. Essentially, you pass a log file through various filters sequentially, enhancing or reducing its size by adding or removing information. However, this stream-based approach can make it challenging to create detailed dashboards easily. The platform primarily focuses on log files and is unsuitable for real-time data analysis.

I have been using Splunk Enterprise Platform for one or two years.

The product is stable.

I rate the solution’s stability a six out of ten.

It can be very slow if you have a lot of data, and scaling it up for better performance can be quite expensive.

A thousand users use this solution. We have many systems and a lot of data.
It is centrally deployed and used extensively across various systems. I use it daily, but sometimes I only use it once a month. It depends on the data I need or the issue I'm investigating.

I rate the solution’s scalability a four out of ten.

The initial setup is straightforward.

I wouldn't recommend Splunk Enterprise Platform because it's slow and has significant limitations.

Overall, I rate the solution a six out of ten.

We use the solution for patching.

It's not just one feature I like the most. Every person wants to collect and rate logs, and I value how the Splunk Enterprise Platform handles this.The most valuable part for us is setting up the alerts and reports to manage the logs and log metrics. We use it to support every tool across the entire bank.We are the ones who manage all the data, and if there's any issue, everything depends on the Splunk Enterprise Platform.

The tool uses upgraded rules restricting access to specific people, ensuring that only certain individuals can edit. Everyone else has read-only access. Splunk Enterprise Platform's dashboard and visualization features are good. These features are some of the best parts of the software because you can customize the dashboard however you need. The user interface is perfect and keeps getting better with new updates. It's very user-friendly, allowing everyone to create their dashboards easily.

The Splunk Enterprise Platform has room for improvement, particularly in automating the permissions process during app promotions. Currently, permissions are manually set when different teams request an application move to production, which is time-consuming. Automating this process would streamline operations by automatically assigning the appropriate permissions and roles to specific services or teams, reducing the need to review each request ticket manually.

I have been using the tool for one year and five months.

I would rate the tool's stability as ten out of ten. It provides outstanding security and is also very user-friendly.

We have encountered issues with scaling up and handling increasing data volumes, but we address them according to customer requirements. As for scalability, I would rate it a nine out of ten.

The solution's support uses a ticketing system to address dashboards, alerts, reports, etc. If server issues or alerts are triggered, they respond by raising a ticket. They investigate the problem by checking logs and assessing any impact on disk storage.

I handle smaller support tasks myself but escalate them to my head for high-priority issues.

My company's senior SMEs help with the deployment process.

The solution's pricing increases with the amount of data used. This pricing model is acceptable because it aligns with the security features provided. It ensures that the price reflects the level of security and the amount of data we're managing.

Currently, we are on-prem. However, we have started cloud migration in the last few months. I rate the overall solution a ten out of ten. In daily life, every IT company should use it to monitor its logs. It is an emerging tool.

We use the solution to monitor, alert, report, and analyze.

In identity and asset management, Splunk will detect any vulnerabilities , or if any upgrade patching is improperly done, it will send an alert to the specific admin team, indicating the need to patch their servers.

The feature of Splunk Enterprise Platform is its comprehensive capabilities, consolidating various functionalities into a single tool. It excels in searching, reporting, and learning. Additionally, it offers automation and integration features for generating reports at specified business times. One prominent feature widely utilized by companies is enterprise security, crucial for cybersecurity purposes.

The solution could enhance automation capabilities. Currently, the process involves daily manual checks for potential issues, maintenance tasks, and planning for automation. Rather than relying solely on daily activities, there's a need to implement automation solutions for streamlined operations.

The main issue with the Splunk Enterprise Platform is its licensing cost, which can be high for small companies. Many businesses are migrating from Splunk to alternative tools. If Splunk were to lower its licensing fees or offer discounts, it would likely retain more customers.

I have been using Splunk Enterprise Platform for seven years. We are using 9.0.1.2 of the solution.

The solution is stable. There is no impact. I can rate it a nine out of ten.

When increasing your volume of data, high availability is crucial. With Splunk's robust clustering and enrollment features, data availability remains constant. If one site experiences downtime, the other will seamlessly take over, ensuring continuous data availability without any loss or impact.

10,000 users are using this solution.

As part of our operations focus, we often encounter numerous ticketed issues. Our team is dedicated to addressing these concerns and ensuring the best possible service for our customers.

Deployment typically takes just a fraction of an hour or two hours. Implementation can be completed within a single day, often within 24 hours.

Splunk Enterprise Platform allows customized data processing, making it highly versatile and easy to maintain. It seamlessly handles tasks like data masking and filtering, ensuring efficient data management.

When it comes to the visualization on the dashboard within the Splunk Enterprise Platform, we do have the chart available, and all its features are included. Additionally, if you require customization for a new customer's preferences, we can implement it using HTML or XML code. The primary approach for developing dashboards is based on XML. Therefore, if you need specific features like radio buttons or checkboxes, they are readily available for inclusion in the dashboards.

I recommend the solution.

Overall, I rate the solution a nine out of ten.