I use the platform to collect data and report to the clients that need reporting from Splunk. I work on gathering big data from all over my company and exporting it into proper reports.
Splunk Enterprise
SplunkExternal reviews
446 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Versatile, adaptable, and applies to many use cases
What is our primary use case?
What is most valuable?
What I find the most valuable about the platform is its DB Connect and its versatility in general. I also like its adaptability to any use case when it comes to collecting and analyzing data.
What needs improvement?
It is hard to say in what areas the platform could be improved since it's very versatile and applies to many use cases. It already has the functioning vetted into the core architecture of the product. In my opinion, there is no need for additional features because it already has many, and I haven't used them all.
For how long have I used the solution?
I've been using Splunk Enterprise Platform for two and a half years. I am a Splunk software architect and Splunk is the only platform I use.
What do I think about the stability of the solution?
It's a very stable platform. A ten out of ten.
What do I think about the scalability of the solution?
The scalability of Splunk is ten out of ten. It's one of the best platforms on the market. Approximately 1,000-2,000 people use the platform at our company, but only two people are needed to maintain it and I'm one of them. Everything is automated and it is very easy to manage 2,000 users on my own.
Which solution did I use previously and why did I switch?
I would compare Splunk Phantom with RSA NetWitness and Elasticsearch. All three solutions give the same output but in a different way. They analyze data in different ways. Each product has its scalability, versatility, and appliances in the current business needs of the company that uses it.
How was the initial setup?
The initial setup is very easy. At our company, we deployed Splunk ourselves because we are a team of Splunk architects and we have done it before.
What's my experience with pricing, setup cost, and licensing?
The platform is too expensive for small businesses. If you choose the free plan, it only has 15 GB of data per day, and it may not be enough to run a small business. You need to pay a subscription based on data ingestion, and that's very expensive. Splunk should focus more on delivering something for small businesses and entrepreneurs. I give the pricing a three or four out of ten. Although the product is pricey, it's truly magnificent.
Which other solutions did I evaluate?
What other advice do I have?
Overall, I give Splunk a nine out of ten and not a solid ten just because there are new updates every day and we don't know exactly what we need to search for since it's not that viewable.
A complete solution to collect logs with faster response
What is most valuable?
The product comes with a faster installation and response time. When I search something on the log, they give the result in a few seconds. Even if I didn’t have EDR, I can investigate rules in Splunk.
What needs improvement?
The solution is only meant for big companies.
For how long have I used the solution?
I have been using the Splunk Enterprise Platform for three years.
What do I think about the stability of the solution?
I rate the solution’s stability a ten out of ten.
What do I think about the scalability of the solution?
We have around ten people working with the solution.
I rate the solution’s scalability a ten out of ten.
How are customer service and support?
I didn’t contacted the customer support. Spunk has a website and community which has everything you need.
How was the initial setup?
The initial setup is easy. For deployment, I created a Splunk demo on my computer and on a POC environment. I ran the demo for 10 clients on 10 machines, and it took about 20 minutes.
What's my experience with pricing, setup cost, and licensing?
Spunk is used by big companies like with 2000 clients.
I rate the solution’s pricing one out of ten.
What other advice do I have?
There are around ten engineer required for troubleshooting of the solution.
I recommend the solution to other organisation since it is very responsive.
Overall, I rate the solution a ten out of ten.
Great platform to create dashboard,monitor, analyze big data
What do you like best about the product?
It makes it easy to analyze and search large amount of data especially logs from different applications and the best thing about this tool is that we can create graphs and charts based on the number of errors and number of messages to show it to dev team or higher management
What do you dislike about the product?
I accept it has many best features but in the real time applications generates huge log data hence splunk charges more as more data comes in. And it is challenging for some people to understand all the features and usage of them. It takes more time process as there is huge data in its containers
What problems is the product solving and how is that benefiting you?
Usually searching for some part of data in the huge big data is not easy but we can do that in the splunk containers. Also monitoring the data is easy. Splunk can be integrated with ETL and ESB tools very easily. And it takes care of the report generation based on the log data
Splunk drain for logging and alert
What do you like best about the product?
We can use splunk to store the log and refer in later time and also we can trigger alert when something goes wrong in our application.
What do you dislike about the product?
Need more flexibility in alert trigger and the trigger should not be a timed it should be trigger the alert on the instance of getting the keyword
What problems is the product solving and how is that benefiting you?
Usually logs on pcf will be deleted in 2 hours so we can't see after some time so we used splunk drain to collect and trigger alert if something goes off line which increases the predictability and manageability ad the application
A highly versatile data collection and monitoring tool
What is our primary use case?
We use the monitoring solution. People might ask me to create a new request, maybe for a specific Windows event log, which is how we create a ticket for an incident. Most of the time, this creates a new alert for people. It can be a little complex. We can also create dashboards with some information for other teams. Dashboard alerting is a big part of the work.
Though we use Splunk for monitoring, for me, it is more software that collects lots of data and can then be used for alerting.
We use a custom environment.
What is most valuable?
The best thing about Splunk is you can collect all the data you want, and you can play with the data and do what you want. You can modify the data and collect all the information into one dashboard. It's very cool. In other monitoring software like Zabbix, you can't easily do something like this. With Splunk, it's very easy. You need to understand Splunk's language, but you can do what you want after that. You can correlate your data with CSV files. Splunk can monitor, extract, transform, and load software.
What needs improvement?
Splunk is not an out-of-the-box solution like Micro Focus or Zabbix. You have to create your request to collect the data and add crucial components to the software. You have add-ons created by Splunk or the community but don't have out-of-the-box monitoring items in the software. For example, FETCH CUP with Micro Focus is agentless monitoring, has a lot of out-of-box items, and is easy to use. You will find it difficult to use Splunk initially, which could use improvement. However, I know there is another module from Splunk that focuses on fast and secure monitoring with more out-of-box add-ons, but I haven't used it since when I started using it, it lacked out-of-box items. All the same, Splunk could be more user-friendly for new users.
For how long have I used the solution?
I've worked with the solution for about two years.
What do I think about the stability of the solution?
I rate Splunk's stability a nine out of ten because it's very stable. I don't face issues with projects.
What do I think about the scalability of the solution?
You can scale Splunk. It works with an indexer which indexes search data. If you want more power, you can add more indexers, so I rank Splunk's scalability an eight out of ten.
How was the initial setup?
With all the documentation available, the initial setup is not difficult. If all you want is a stand-alone app in Splunk to handle all the processes, you just need to create a project in the data server, which is easy.
What's my experience with pricing, setup cost, and licensing?
You must buy a license with the on-prem version, usually through an intermediary. In France, it's Accenture. There are cloud solutions where Splunk handles the servers and patching directly, and you just use the solution.
The solution is expensive, so I rate its pricing a four out of ten. Though the solution is expensive, it depends on which company purchases the product.
Which other solutions did I evaluate?
Though I haven't used it, Grafana is also a CM that can collect data.
What other advice do I have?
I didn't create the custom environment we use at my organization. Still, it doesn't seem too difficult to build things because there is a lot of online documentation and videos. You can also get training with Splunk. You have a lot of data to help you when you want to create a new environment.
I rate Splunk Enterprise Platform an eight out of ten. The solution is very powerful, and I like to play with data to do what I want.
Good infrastructure and easy to maintain
What is our primary use case?
We use Splunk Enterprise for data visualization.
We use Splunk administration rather than Splunk development.
We provide support to users so they can access our Splunk application and use it however they want. For example, if they are not able to view some of the logs that are coming from their servers in our Splunk, then we usually check all the logs here that have been missed and forward the ones that were not forwarded.
Also, sometimes they use their access to install some apps. We have Splunk apps and they want us to create an app for their usage. We also need to create these apps in the Splunk application. Sometimes they aren't able to download or upload files into Splunk or other websites. They aren't able to download these reports as PDF files. We usually work on this and try to resolve it as quickly as possible.
How has it helped my organization?
We use Splunk for cyber security. We have a lot of teams who use Splunk for different purposes. The security team uses it to authorize log-ins, so in case something happens, Splunk monitors it. Also, the development team uses it to monitor data while they're creating a new application.
What is most valuable?
In the enterprise platform, all of the clusters and indexes are under our maintenance. If required, we can make changes and see the logs manually by getting into the servers.
What needs improvement?
Things have to be managed manually in Splunk Enterprise, which is not the case in Splunk Cloud, where the client could manage it on their own.
It would be useful if Splunk Enterprise Platform could monitor the application URL, to check whether it's responsive or not.
For how long have I used the solution?
I've been using it for a year and a half.
What do I think about the stability of the solution?
It is completely stable and the infrastructure is good. We have no issues with our Splunk Enterprise Platform.
How are customer service and support?
We contact technical support whenever there's an issue with logs and they work through it with us.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We use both Splunk Cloud and Splunk Enterprise. We might opt for Splunk Cloud in the future since it's less expensive, but we are currently using both.
How was the initial setup?
The deployment takes about a day. I would say that the initial setup is quite a complex thing to do because there are a lot of things that have to be done for clustering all the features and indexing and then forwarding data to the indexes. When it comes to applications, we have to replicate the data. The process takes time. Once everything is done, we still need to monitor the infrastructure constantly.
It is easy to maintain if you are familiar with the deployment model.
Which other solutions did I evaluate?
I have hands-on experience with AWS, Linux, Ansible, and Terraform and with programs like Python, Java, and SQL as well. I also use tools like Catchpoint, Nagios, and Grafana.
What other advice do I have?
I would suggest using Splunk Cloud first, and then Splunk Enterprise because the maintenance and the infrastructure management are easy. I would rate it an eight out of ten.
Best solution for log management
What do you like best about the product?
Splunk seems to hit the perfect balance of out-of-the-box usability and customization. Tools like enterprise security make it easy to adapt for quick use by SecOps, but it also works well for custom inputs and parsing.
What do you dislike about the product?
Seems like a lot of work could be done to clean the data before storing it. Frequently, the raw event isn't needed, and converting the data to json format to remove excess characters could really improve ingestion and searching.
What problems is the product solving and how is that benefiting you?
Splunk is the common source of all logs in the company. It can be used by any team and ensures centralized location of all data that might be needed across departments.
Splunk Enterprise AMI doesn't exists in AWS China Market Place
Dear AWS/Splunk Team,
We have noticed that this Splunk Enterprise AMI doesn't exists in China AWS Market Place, is there any possibility of adding the AMI to CN?
China AWS Market Place: https://awsmarketplace.amazonaws.cn/marketplace
Looking forward for your reply.
splunk
What do you like best about the product?
It help us to get the alert from application which reduce manualy work.Through this alert we were able to understand that something is wrong in application before it is getting worse
What do you dislike about the product?
Nothing to dislike about splunk enterprise.
What problems is the product solving and how is that benefiting you?
It is reducing the manual by giving alerts at the earliest, we were able to resolve things earlier before it got worse so because this performance has improved it will be helpful for organization
An excellent log aggregation and searching tool
What do you like best about the product?
Having all of your logs in one place where you can easily run stats or analysis on them is invaluable. It also allows users access to logs they need without needing access to potentially sensitive systems.
What do you dislike about the product?
It is expensive as well as requiring quite powerful hardware to run (depending on the amount of log data you are ingesting). The trick is it becomes more and more useful the more data you put into it, but also more expensive.
What problems is the product solving and how is that benefiting you?
Splunk solves a number of problems, including distributed access to logging, retiring legacy alerting systems (eg. Swatch), retiring legacy log aggregation systems (eg. syslog-ng), etc.
showing 71 - 80