We use Splunk to create dashboards and do analysis.
External reviews
445 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Great product poor customer service
What do you like best about the product?
Simple and easy to use for a product that offers a lot
What do you dislike about the product?
Cost and customer support if an issue arises
What problems is the product solving and how is that benefiting you?
It provides a framework for enterprise security
Enables us to create dashboards and do analysis but has limitations
What is our primary use case?
What is most valuable?
What needs improvement?
Splunk can be used primarily to port log files, allowing for easy and quick management of large amounts of logs. However, this can also be a drawback due to the configuration, parsing, and dashboard creation limitations. Communication is stream-based, which means you need to do a lot of pre-emptive setup to get a nice export. Another issue with Splunk is its streamlined nature; it reruns the query whenever you refresh a dashboard. This becomes problematic if you have a large volume of log files, as it can be slow, resource-intensive, and require significant storage space.
It is designed to process and analyze log files. You feed log files into the platform, automatically extracting different fields. This allows you to filter and manipulate the data in a stream-based manner. Essentially, you pass a log file through various filters sequentially, enhancing or reducing its size by adding or removing information. However, this stream-based approach can make it challenging to create detailed dashboards easily. The platform primarily focuses on log files and is unsuitable for real-time data analysis.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for one or two years.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a six out of ten.
What do I think about the scalability of the solution?
It can be very slow if you have a lot of data, and scaling it up for better performance can be quite expensive.
A thousand users use this solution. We have many systems and a lot of data.
It is centrally deployed and used extensively across various systems. I use it daily, but sometimes I only use it once a month. It depends on the data I need or the issue I'm investigating.
I rate the solution’s scalability a four out of ten.
How was the initial setup?
The initial setup is straightforward.
What other advice do I have?
I wouldn't recommend Splunk Enterprise Platform because it's slow and has significant limitations.
Overall, I rate the solution a six out of ten.
Which deployment model are you using for this solution?
On-premises
Useful for cloud-based monitoring but improvement is needed for providing a shareable format
What is our primary use case?
We used the product for cloud-based monitoring or systems monitoring.
What is most valuable?
The key difference I noticed for my use case, which involved understanding user behaviors and responses to digital elements, was that I could obtain more detailed reporting than what was possible with Amplitude. I could download a file with very specific information, which was helpful.
I did not use it for real-time monitoring. My focus was on investigating incident reports to understand the extent of user impact. Primarily, I utilized the Splunk Enterprise Platform to analyze user behavior.
I found the incident notification to be very helpful. While Splunk Enterprise Platform provided detailed data, it didn't seem to check as many boxes for user behavior as Amplitude did. At the same time, I'm not sure if Amplitude offers features for monitoring or incident coverage.
Its ability to access granular details in Excel was beneficial. It's always helpful to transition from visualizations to detailed user reports.
What needs improvement?
The tool lacked in providing a shareable format. I had to use pivot tables and manually parse and edit the data to create a visualization-friendly format. It was helpful when we had an issue. What would make it stronger is if it were more proactive. For example, if it highlighted major incidents and their impact on users without digging through notifications, that would be better. Typically, the first question we get is, "Oh, we had an incident. How bad was it? How many customers were impacted?" So having that information pop up from the notification would be helpful.
What do I think about the stability of the solution?
Splunk Enterprise Platform is stable.
What do I think about the scalability of the solution?
I saw no issues or reasons to think that the product wouldn't scale over time. Our data is growing.
How are customer service and support?
I haven't contacted the tool's support.
What other advice do I have?
I rate the overall product a seven out of ten.
I would recommend it for incident management reporting. I would not advise it for understanding user behavior or usage. If I had to choose between Splunk Enterprise Platform and Amplitude, I would probably go with Amplitude, but I also have no familiarity with what their incident reporting is like.
SPLUNK Enterprise
What do you like best about the product?
SPLUNK was a nice data analytic tool till the advanced SOAR function tools emerged in the market.
What do you dislike about the product?
Lacks advanced SOAR function. Not pocket friendly as other SAS products are eg Sentinel.
What problems is the product solving and how is that benefiting you?
I was using Splunk for Threat Hunting and Incident investigation. Now I have switched to Microsoft Sentinel as it offers SOAR function and better data analytics at a competitive price.
Good place to start log analytics
What do you like best about the product?
The easy-to-use interface and the community support. The product documentation is good, and therefore the learning curve is not too steep
What do you dislike about the product?
For a simple log query, the solution needs you to write a few lines of query. Smart query suggestions would be welcome
What problems is the product solving and how is that benefiting you?
Security and IT log analytics.
Recommendations to others considering the product:
Splunk is a great place to start your log exploration journey.
Data analytics is good but no product for IPv6 support
What do you like best about the product?
The cloud splunk is easy to use and data storage is amazing.This is the biggest advantage of the product.
What do you dislike about the product?
Inspite of being an amazing giant for data capturing and analysis, I dislike its capability to support IPv6 only infrastructure. Also they have no roadmap yet to go towards supporting it. SO this is the biggest limitation of the product as far as I am converned.
What problems is the product solving and how is that benefiting you?
The problem that I am trying to solve is data analysis. We are using it for monitoring our enterprise environment, hardware and doing data analysis. The biggest advantage is ease of use with various kinds of infrastructure. So that is the reason I love this product.
Recommendations to others considering the product:
If you are planning to go too IPv6 for your internal infrastructure or have roadmap towards moving in that direction, then please avoid implementing this product unless they come up with the roadmap for the same. However if that is not the case, then definitely go towards this one.
good
What do you like best about the product?
ease of use. and flexibility ............................
What do you dislike about the product?
complexity at times and technical skill needed
What problems is the product solving and how is that benefiting you?
monitoring applications, still in process of evaluation
Splunk for Data Analysis
What do you like best about the product?
Ease of doing data analysis and the features associated
What do you dislike about the product?
There is nothing in the product which I dislike
What problems is the product solving and how is that benefiting you?
data analysis, log analysis
Another monitoring and search tool
What do you like best about the product?
I've used several monitoring told and Splunk is just like every other. It works as well as it is configured.
What do you dislike about the product?
Misconfiguration can lead to complete network bandwidth saturation very quickly.
What problems is the product solving and how is that benefiting you?
Monitoring and event search
Splunk Review
What do you like best about the product?
A simple, flat process to index the data in their native format. This allows allows the platform to be highly scale-able; It can grow with the amount of data it is needed to process. The system can run in dynamic parallel to your environment.
What do you dislike about the product?
Still have to read through many documentation to find the answers and at many times I can't find it. Not highly customized, would be helpful if they can provide more customization tools.
What problems is the product solving and how is that benefiting you?
Realtime logging and alerts makes Splunk our primary notification system.
Recommendations to others considering the product:
A powerful tool, built lightly (doesn't require a DB) which will help in log collection, reporting and retention.
showing 1 - 10