We use it for a lot of different things. I primarily use it for monitoring, alerting, and dashboarding.

It was a slow adoption at first, but as our development teams are learning the tool, we now have our teams making their own metrics for each of the different apps. I work in the web, mobile app, and email area. It provides insights into metrics that are happening and problems when they are happening. We also have alerting.

We monitor multiple cloud environments. It is pretty transparent because we have some on-prem stuff and we have off-prem in the cloud, so we are using both. We are transitioning from on-prem to off-prem. It is seamless because it does not matter from where data comes. When we switch to a new data source, I do not have to reinvent it. We are using AWS.

Splunk Cloud Platform has helped reduce our mean time to resolve (MTTR). I get alerts every day. Anytime things are out of kilter, it gives us an alert asking us to better go look and see if something is happening. A lot of times, something is happening. It could be serious. It could be not serious, but we use it a lot for monitoring. Identifying a problem is a lot quicker. Once you know what the problem is, it makes it a lot faster to resolve the problem. That is where different other tools come into play. I believe they now have the APM tool, and we are trying to ramp that up. For us, it is pretty critical that we quickly identify that we are having a problem. It probably makes the resolution 80% faster.

Splunk Cloud Platform has helped improve our organization’s business resilience. We manage multiple websites over nine different states. We have millions of users as our members. When we are having a problem, we do not want to impact them.

For my purposes, I like the ability to aggregate lots of data from different sources. I like being able to report for management and being able to get alerts on thresholds being out of sync.

It is sometimes slow. Some of that has to do with the queries themselves not being efficient, but sometimes it is slow. They changed their model a few years back. It seems to be working better for us as opposed to having some limits that they had.

I have been using Splunk since 2019.

I have not had any issues with it going down or not performing. It is sometimes slow, but that might not be because of Splunk Cloud. That could be because of our firewalls and other things that lead to Splunk Cloud.

Its scalability is fine. We have ITSI. We have Splunk Enterprise. We have some internal Splunk and external Splunk. Our company at first was weary about putting data on the cloud. We do not have those concerns now.

We have pretty good support. 

It is hard for me to rate them because I don't use their support much. We have a lot of expertise in-house.

I have used several old competitors. Computer Associates used to have a tool. New Relic was another tool. We are primarily using Splunk now.

We switched from New Relic. We have had Computer Associates's tool. A problem with these types of tools is they are costly to put in and then not that many people use them. You then have to justify it, so the adoption is the issue.

The setup is way easier for Splunk and the way the data is aggregated is easier. Overall, reporting and dashboarding are easier. A lot of the setup involved such as tagging and so forth is not as cumbersome in Splunk.

With Splunk, looking at our servers and all types of log files is excellent. I am kind of disappointed with our particular infrastructure. We invested all this money in Splunk. We are using it for monitoring, recording, and alerting, but our company has to embrace it for using it for security. We have already bought it. Our security team should be using and leveraging it, but they are not. They are using other tools. Our security team just does not want to use it, and they need a push and need to be shown that we are paying for it. They can still use the tools that they want, but maybe they need to be shown what all these tools can do. We could leverage what we are paying for better. Our management can push our security team and say that we are paying for this, and they should leverage this more or more now.

We had a consultant come in from Splunk and a third party. We did both.

I do not know what that is anymore. I have not been involved with that for a couple of years, but I know we are paying a lot.

Overall, I would rate Splunk Cloud Platform at least an eight out of ten. For the things that I do, such as dashboarding, reporting, and alerting, it is great. It does a good job.

We mainly use it for the purposes of analyzing application logs to get a bit of understanding of what is normal application performance and then use that to highlight errors and inconsistencies when they occur.

Resilience is incredibly important to us. We are in the medical field. It is insurance. When people are using our service, we should be able to provide that. Having that resilience is key for us because we are helping people. The resilience that Splunk offers has been valuable in that regard. There is peace of mind for us and our customers.

We have multiple cloud vendors that are being utilized in Splunk. It has been useful. Splunk is able to handle a lot of things out of the box. There is a good bit of value in being able to make sense of multiple types of logs in one environment and being able to cross-reference them. It has just taken a lot of effort out of that.

We have integrated it with other tools. At the moment, it has been with Cribl as a pipeline tool so that we can be agnostic with Splunk in some regards. Cribl handles the logs being sent to Splunk, and then from there, if there is anywhere else where we want to send them, Cribl can handle that too. That has been our main integration. The ease of integration varies. Splunk offers out-of-the-box support for some tools and applications. Integration with them has been quite simple. Other things have been a bit more difficult. Integration can be more difficult if it does not have a Splunk base, but there is a good range of things that are available out of the box.

Its reporting has been excellent. We have integrated it with tools like ServiceNow, so we are able to create an instance for teams and integrate it with our NOC. The reporting has been incredibly valuable.

I come from a monitoring background. I knew from the get-go the value that we could get from Splunk, but we actually started to see its value once we started enforcing logging standards. It made it very easy for us to validate if something was or was not following our standards.

It has been great from the compliance perspective. It began to show value to some of our customers when they were able to search multiple applications because of the standards and compliance built into it.

It has had an impact on the decision-making processes in our organization. It has been mainly around compliance. Given it is a financial and medical sector, decisions have been made around what information we are storing in the logs and how we are managing the data that comes directly from Splunk.

It has been good for helping our organization access data for compliance and privacy regulations. It has been useful for pinpointing things. We are able to ensure that we are abiding by those standards. It has been incredibly useful in that space.

Dashboarding has been very powerful. I work with a lot of different customers, so being able to tailor the data for different customers has been valuable. I am able to make visuals and have reports where they can self-serve.

It would be nice to see more comparisons between Splunk and other log management tools. There are some legacy tools that people are often coming off. It will ease the transition if you are coming off a Windows LogViewer or any other logging tool. Splunk could offer more advice on how to transition into it or onboard it.

I have been using this solution for two years.

I have not had any issues related to stability.

This is outside of my department, but it seems like it would be easy to scale up. However, there is a cost concern. That always seems to be the linchpin when people discuss Splunk. It comes at a cost.

When it comes to extensibility, they make it relatively simple, but it is an expensive tool. There are always going to be conversations that need to be had.

The quality of the answer has been good. We have had to leverage the support only a small number of times. We found the actual portal to get support difficult. Some members of the team were not able to raise certain types of requests. However, when we got through to support, we had no issues.

Neutral

Prior to Splunk, we had a mixture of things. LogViewer and Graylog were used. Some folks had their logs locally. There was not one central system. 

I was not directly involved in decision-making, but some of the things that I called out as useful were the analytical tools that Splunk offers. We can very quickly get to the root cause by using its query language. It provides a lot of power with little effort. That is what initially drew me to it.

Moving to Splunk allowed standardization. That is the key. It does not matter which part of the company you are from. Splunk has given us a mechanism to say that we expect the logs to look like this, and we all are going to abide by that. It has made standardization a lot easier. Previously, you would not know what you were getting while dealing with a logging problem.

I was involved in its deployment only in a small cluster. I was mainly involved in setting up standards around logging. It was challenging. It was dense, but it was manageable. The feature set of Splunk allowed us to know what we could or could not do.

The main part of maintenance is the ingestion of new logs. New teams and applications get stood up every day, or a new cloud vendor comes in, so there is some maintenance involved there.

We had Splunk technical support. We had a mixture of people from other departments. We had some folks from security, and we had some folks from operations. There were 15 regular faces and 2 Splunk contractors. We involved other teams on an ad hoc basis, but the core team had 15 people.

Overall, we had 20 to 30 people who directly worked with Splunk in some way or for some period of time. We also had to involve all of the teams to get their feedback and educate them on how to use Splunk.

I do not personally deal with that side, but from discussions, I know that it is one of the more expensive tools. I do not have anything to compare it with.

New users should focus on the Splunk free courses. They are an excellent resource. If you are a customer, you should take up the search and reporting classes. That is probably going to be what 99% of people are using it for day to day. If you are a sysadmin user or someone setting up the instance, there are free classes for managing licenses and ingesting data. I would highly recommend them. The free classes are a great start, and if you think it would be valuable, take some of the paid classes as well. They are incredibly detailed.

When it comes to security, we definitely have a stricter attitude when things are going to the cloud because they are not fully in our control. Going to the cloud is always a little bit scary, but we have put in a refined approach for the data going into Splunk.

I have not made much use of federated search. I have come across it, but it is not something I have leveraged.

I would rate this solution a seven out of ten. What it does, it does well, but I do have qualms with it here and there. There are obvious features that are missing from time to time, but I am happy with what is there.

We use Splunk Cloud Platform to ingest data from on-prem environments. Most people have Splunk Enterprise Security running on a server, but Splunk developed the Splunk Cloud Platform to ingest the data into the cloud. It works like Splunk Enterprise, but you must download apps to get some features. Our clients are mostly large enterprises in the financial industry. 

Splunk Cloud Platform improves our visibility and decision-making. Splunk helps us meet compliance standards. It's certified for multiple standards, such as PCI, GDPR, and HIPAA.

The Cloud Platform interface is cleaner than Splunk Enterprise's monitoring console. You can easily understand what's happening with your indexes. It's more refined than Splunk Enterprise's console, but they have the same feel and function. 

It's easy to monitor multiple cloud environments because you can create custom dashboards for any use case you may have. It offers good visibility because it integrates with the ITSI app, providing a clear overview of your environment. 

Integrating Splunk with other components on the cloud and network resources is effortless because it can collect data from various sources, including stored data from long-term storage.

Splunk's reporting offers a good visualization of your data. You can visualize the statistics based on your searches. It produces some helpful graphs that enable you to easily compare what's happening in your search. It's very comprehensive. 

The only disadvantage of Splunk Cloud compared to Splunk Enterprise Security is that you only have two options for long-term storage: AWS S3 Buckets and GCP.

We started using Splunk Cloud Platform in January 2024, so it has only been a few months. 

I rate Splunk Cloud 10 out of 10 for stability. Okay. Splunk is trying to push more people to the cloud, so they've made it really stable. 

I rate Splunk 10 out of 10 for scalability. Scalability depends on whether your on-prem deployment is stable and deployed properly, as the Splunk Cloud Platform is an extension of Splunk Enterprise Security. It's easy to build another use case. or add servers, so I feel it's highly scalable. 

I rate Splunk support nine out of 10. We provide frontline support to our clients, but we periodically pass them on to the vendor. 

Positive

We previously used IBM and Fortinet. We prefer Splunk because of its integration. You can integrate multiple solutions and customize it for your environment depending on your use case. 

Deploying Splunk Cloud Platform is pretty straightforward once you have the enterprise environment set up on-prem. You download the cloud app and extension. The deployment time depends on the size of your environment. It takes about a day for a small environment. A large-scale deployment can take up to a week if you have multiple tiers and a disaster-recovery site. 

After deployment, the product requires continuous engagement with the Splunk team. You must continue to fine-tune it to ensure everything runs smoothly. However, there isn't much maintenance once it is tuned and deployed properly. 

Splunk is a bit more expensive than some solutions, but customers can derive more value from it due to the features it has.

I rate Splunk Cloud Platform nine out of 10. I recommend ingesting data into the cloud if possible. Even if you have an on-prem environment, it still helps to ingest data into the cloud. 

Splunk Cloud Platform is a product I use since my company has different platforms on Splunk, like Splunk ITSI and Splunk Enterprise Security. Splunk ITSI and Splunk Enterprise Security are the two packages known as paid packages under Splunk Cloud Platform, and my company also has an ad-hoc search head. Splunk ITSI is totally related to the infrastructure monitoring that my company does, and from it, we derive the service analyzers, episodes, and alerts and see if we want to integrate anything with ServiceNow, Jira, or any other monitoring tools we have. The product can be integrated with other tools, while my company can also use its alerting feature and its ability to notify the consumers with particular alerts, so the total infrastructure is covered under SIEM, making it possible to attach to security information. My company also created a couple of use cases, like in the case of continuous resetting of a password more than three or four times, then there will be a security incident that would be created so that if any end user is doing it as malpractice, like, phishing or something, my company can detect it and inform the user that you have crossed the four limits, and there is some attack happening owing to which we need to reset the password. Based on the aforementioned process, SIEM monitoring will be handled through its application. The aforementioned areas consist of the use cases related to the tool, along with a couple of more activities, like onboarding a user onto Splunk, creating apps for them, creating dashboards, creating alerts, and creating a couple of use cases for them as per their requirements.

In my organization, Splunk Cloud Platform has improved the issue revolving around transactions. If there are any issues with the transactions, then my company notifies the end users that their transactions failed, after which they can fix the issues so that there are no issues with the transaction part, especially regarding the application availability. The tool makes it possible to fix issues without any downtime.

I mainly work with Splunk SIEM and Splunk ITSI, and these are the two major products recommended for all consumers. If it is related to security, I recommend Splunk SIEM, and if it is related to infrastructure monitoring, I recommend Splunk ITSI to others. I used to take care of the observability part as well with the aforementioned tools. For observability purposes, I use Splunk-related applications. I also do the onboarding of the data into Splunk with the help of observability functionality.

If I focus on the observability part of the product, I see that it is an area that doesn't offer more integrations compared to what Splunk Cloud Platform or Splunk Enterprise offers. When it comes to the integrations with the other platforms, there is a little bit of a lag in the observability part, making it an area where improvements are required.

I have been using Splunk Cloud Platform for 5 years. My company has a partnership with Splunk.

It is a stable solution. Cisco has acquired Splunk recently, so I think it will be a more stable product in the coming days.

It takes a lot of time for the support team to resolve issues. In short, it takes a lot of time for Splunk's support team to troubleshoot an issue, meaning they are unable to resolve issues within a certain time frame. I rate the technical support a 6-7 out of 10.

The product's deployment phase was straightforward, especially compared to the ones I have dealt with in the past.

The solution is deployed on a hybrid cloud model.

For deployments starting from scratch, I deal with the documentation part. I prefer to look through Splunk's recommendations on the limits of how much the server configuration should be while trying to meet the configuration requirements of the consumer. In general, I deal with whatever configuration files are needed and how the consumers want to approach it, like if it should be a heavy forwarder or universal forwarder or if they don't want to directly ingest data to the indexer bypassing the heavy forwarder. Basically, I try to understand the consumer requirements before taking care of the deployment part.

For a limited deployment involving four to five servers, only a single person is required. If the deployment involves twenty to thirty servers, the number of people required to deploy the product will have to be increased depending on the requirements, and my company will also have to manage everything. The number of people required for deployment is based on the capacity at which my company plans to do the deployment.

My company has the entire Splunk Enterprise package, and we have many universal forwarders set up at fifty different locations. In around twenty locations, universal forwarders have been set up. My company also has fifteen indexes that directly send data to indexers. My company also has four heavy forwarders that collect information from applications like Azure. My company uses add-ons with the heavy forwarders in Splunk.

I was involved in the product's deployment phase.

My company has a license for Splunk Cloud Platform. My company also has a license for Splunk Enterprise. There are two packages that my company has access to when it comes to Splunk, and I am also aware of the configurations and setup phases related to the tool, from scratch to production.

Splunk Cloud Platform has improved our company's incident response time. For example, if any event is ingested into Splunk, within less than a minute, we trigger an incident to the end user based on the assignment group in ServiceNow.

There are many benefits attached to the tool in the areas of machine learning and predictive analysis. In Splunk ITSI, there is predictive analysis, which can be used for protection with the alert capabilities, especially if there is an alert storm coming up. My company can directly detect particular alerts from the trail to the attack and notify the end user about it. With the machine learning toolkit, my company does anomaly detection with the help of Splunk SIEM platform. With Splunk ITSI, my company does predictive analysis. The aforementioned area covers the two different platforms my company uses, along with two different approaches and the tool's machine learning capabilities.

My company interacts with our consumers. For example, if I am a consumer of Azure products, I would want to onboard all the data from Azure, even if it consists of user data. I recommend that more space be set on a particular index so that Azure data can be used. My company has all data related to Azure about its users and the changes if you have a license or if you have Azure Event Hubs, including any other things that it may have. I recommend more space in Azure, but if it is a network-related application like Aruba, I recommend that it has a little bit less space compared to Azure. The scalability of Splunk Cloud Platform can impact our company's data management, though I recommend the space required for a tool based on the use cases.

I am aware of the federated search features in the product. If a search is not running up, then my company needs to check whether any permission related to the search has any issue or if anything is going wrong, after which my company needs to check and fix those searches. I have not used much of the tool's federated search features.

My organization monitors multiple cloud environments with the tool's help. It is easy to monitor multiple cloud environments using the product. For example, if my company takes into account Splunk ITSI with service analyzers, then we define how one service is related to GCP. One service will be under the cloud services offered by Azure, while another service will be related to AWS. My company can divide the services based on locations and KPIs. My company monitors the total locations of the cloud so that we can get more insights from the service breakdown, which is why I recommend the use of Splunk ITSI. I used to work more with Splunk ITSI, a reason why I recommend it to others, as it is easy to understand and handle, even if you have 1,000 or 20,000 applications. With Splunk ITSI service breakdown, it is very easy to handle applications.

The visibility of the tool in multiple environments can be explained with the help of an example, where, if my company considers Splunk Cloud Platform, the visibility will be less compared to what we get from Splunk Enterprise. Splunk Cloud Platform is totally managed by Splunk's support team, so if anyone needs to do anything, my company needs to raise a request for a change in the tool, though we can modify a couple of services, like a couple of applications using ACS, which was introduced by Splunk. With ACS, if you want to update, create a token, or modify anything from the HEC token information, you can do it with the particular services offered by the solution. Considering the aforementioned area, I recommend that 30 percent of the work be done with ACS, and 70 percent of the work needs to seek assistance from Splunk's support team. Our company handles Splunk Enterprise, and we have 100 percent visibility on it compared to Splunk Cloud Platform.

The integration of the product with other services is possible. I have integrated it with ServiceNow, Jira, Slack, and Microsoft Teams, and I can say that it has been okay till now. It is good to integrate Splunk Cloud Platform with other tools. If we take a cloud service like GCP into consideration as an example and say that it is not working properly, then there will be an incident directly assigned to the support team based on the integration with ServiceNow. If you want to notify all the consumers in a scenario where GCP is not working properly through particular notifications with Slack channel particular notifications, then one can inform all the thousand consumers in a particular company about it, and it is possible with a single integration.

My company uses the tool for alert reporting. For example, if the top management of an organization is looking for the availability of websites, especially a couple of websites that are critical to their applications, then my company monitors such applications with the data in the report from the last thirty days or seven days, to ensure that availability of a particular website is 100 percent. If anything goes wrong as per the reports from the previous seven days, then the availability is reduced to 80 or 95 percent, which is based on how much time it was down, and it will be then notified to the consumer or top management, stating that the availability got reduced, and how there is need to fix a couple of applications in the back-end so that the availability can be increased. The top management will be made aware of the things that have been going on for the last seven or forty days. In general, a report is good for notifying the top management or consumers so that they can make decisions or check if their licenses or server capacity needs to be increased. With the alerting report feature, my company can be confident that the top management or consumers know about a particular issue in the tool that we can fix as soon as possible, but there will be a cost involved in doing so every time. If the consumer or top management is aware of the issues in the tool with the help of the alerting report feature, then they can make a decision.

I am currently not aware of how the product has an impact on decision-making.

The product has helped my organization with data compliance and privacy regulations since we were able to set up the terms and conditions with Splunk. In general, it is good when it comes to the terms and conditions revolving around the security part.

Maintenance is required to upgrade the applications, so we need a downtime of no more than fifteen minutes.

The product offers value in terms of resilience. Whenever my company faces difficulties, it is the solution we use for all our monitoring purposes.

In terms of the extensibility of the product, I feel it is a good solution.

Everything is supported by Splunk support, though it may take some time to find and resolve certain issues. If Splunk's support team resolves issues within a certain time frame, I can provide a nine out of ten rating for Splunk's technical team. Splunk Enterprise is totally handled by our company, so I can give it a nine out of ten.

I recommend Splunk Enterprise to others, especially when compared to Splunk Cloud Platform. If any notifications are needed, it can be done with no downtime, and it can even be completed within a week. If we want Splunk's support team to do the same aforementioned procedure for our company, then it may take a little bit more time.

I rate the overall tool a 7-8 out of 10.

To gain deep visibility into our entire cloud infrastructure, we deployed the Splunk Cloud Platform. This tool allows us to monitor, analyze, and investigate all aspects of our cloud environment.

Splunk Cloud Platform integrates seamlessly with other systems, including Slack. This allows us to receive real-time alerts triggered within the tool. We can then analyze the output and take timely action to resolve the issue, ensuring continued security.

Splunk Cloud Platform improved our security posture. We could easily and efficiently obtain detailed analyses of any log, including UPC flow logs and others, promptly. The benefits of Splunk Cloud Platform were visible within two days.

Splunk Cloud Platform does a good job helping to maintain the complaints and privacy regulations within our infrastructure.

Splunk Cloud Platform excels at correlating data from a wide range of sources, including applications, websites, and servers. It efficiently handles the challenge of managing large volumes of data. This has secured our data and demonstrably improved our security posture.

The ability to correlate data and then present it in a meaningful and valuable way is crucial. Splunk offered this functionality, providing us with insights into threats, vulnerabilities, and all the identity information we fed into it. We sought a SIEM tool because we lacked a solution that could effectively analyze recent data. We needed a tool that could not only ingest our data but also correlate it and present it in an easily understandable format.

The cost of Splunk Cloud Platform is high and has room for improvement.

The current visuals on the dashboard could be more impactful.

We conducted a POC of Splunk Cloud Platform 6 months back.

During our POC, I did not encounter any stability issues with the Splunk Cloud Platform.

I would rate the resilience offered by Splunk Cloud Platform 8 out of 10.

I would rate the scalability of Splunk Cloud Platform 9 out of 10.

The technical support is good.

Positive

The initial deployment was straightforward. Two people were required for the deployment.

The Splunk Cloud Platform is expensive.

Splunk Cloud Platform performed well in the POC but the cost was higher than other tools.

We chose Palo Alto Networks over Splunk due to its combined advantage of cost-effectiveness and superior threat analysis capabilities.

I would rate Splunk Cloud Platform eight out of ten.

We leverage the Splunk Cloud Platform for log ingestion. This allows us to create dashboards, alerts, and reports from security and application log data.

Splunk Cloud Platform offers real-time monitoring capabilities. It continuously ingests data from various sources, allowing us to track its flow. We can set up alerts to be notified of any anomalies, such as spikes in CPU or memory usage. These alerts can be configured to trigger email notifications, keeping us informed of potential issues. Additionally, Splunk Cloud Platform provides real-time dashboards that visualize the data as it's collected.

The federated search feature is useful for our cybersecurity team to complete their log analysis.

Splunk Cloud Platform offers seamless integration with other systems and applications. This is achieved through apps and add-ons developed by Splunk.

Splunk is a good reporting tool. It allows us to generate reports and attach them to emails in CSV or PDF format.

Splunk Cloud Platform has been instrumental in helping our cybersecurity team continuously monitor our data for anomalies and attacks. Its usefulness extends beyond security, though. Teams that ingest their logs into Splunk can monitor various services. If a service goes down, Splunk will trigger an alert. Splunk offers a robust monitoring suite, including dashboards, alerts, and reports. We can monitor system resources like memory and CPU consumption, application logs, Azure logs, and even Office 365 logs. For example, Splunk can reveal who sent emails, who participated in group email threads, and who added or removed members from Active Directory groups. This audit log capability allows us to investigate activity even months or years later. Splunk provides a wide range of use cases for our organization. We noticed these benefits as soon as Splunk started ingesting data.

Splunk has improved our decision-making process thanks to its clear dashboards that help us analyze information and make informed choices.

Splunk has been valuable as a compliance tool because it centralizes log ingestion. Any tool generating logs should be configured to send them to Splunk. This allows us to easily identify compliant applications – those whose logs are collected. Conversely, uncollected logs raise security concerns, as they represent a potential attack surface.

Splunk has significantly improved our organization's security posture. As a primary security tool, Splunk allows us to collect application logs, monitor activity for potential attacks, and conduct searches to identify suspicious behavior.

I like that Splunk Cloud Platform is managed by the vendor.

I like the Cloud monitoring console feature.

I like the support for all the apps and add-ons.

Splunk currently manages the components, which restricts our ability to access them directly. I would like to be granted read access to be able to review the components.

I have been using Splunk Cloud Platform for one and a half years.

The Splunk Cloud Platform is stable as long as we perform proper maintenance to prevent bugs.

This system is very scalable. That means it can be easily adapted to accommodate our needs. We can increase the number of licenses we use, or add more resources like CPU and memory. We can also request additional components, such as adding more user accounts if our team grows from four to eight members. Overall, the scalability of this system is a major advantage.

I would rate the scalability of Splunk Cloud Platform nine out of ten.

Splunk Cloud Platform offers excellent technical support that is both knowledgeable and responsive.

Positive

The initial setup is straightforward but it takes a month or two to complete because of the applications that need to be onboarded.

We first need to calculate the amount of data we need to ingest. Then, based on that amount, we can plan how much data we need to onboard and what components we'll need.

Two experienced people were involved in the deployment.

The implementation was completed in-house.

Splunk Cloud Platform is more expensive than some of its competitors, but it offers a wider range of features.

I would rate the Splunk Cloud Platform eight out of ten.

Splunk Cloud Platform is deployed in multiple locations.

Splunk Cloud Platform requires maintenance.

I recommend the Splunk Cloud Platform to others.

If you're using cloud services, Splunk Cloud Platform is a good option. It minimizes management overhead for you since Splunk handles the underlying infrastructure. Splunk Enterprise however requires more resources to manage.

My manager typically requests dashboards, alerts, and scheduled reports. Based on their specific requirements, I create reports and dashboards that visualize the data. We leverage the Splunk Cloud Platform to fulfill these needs.

Additionally, my teammates may approach me for insights. I analyze the data and provide them with these insights, which they then use for team meetings and further data analysis. This ultimately helps them make informed decisions.

Splunk Cloud Platform improves our incident response time by enabling the retrieval of large data volumes. The platform offers impressive search speeds, and we don't need additional SQL commands to optimize response times.

We saw immediate benefits from the Splunk Cloud Platform. Being able to access and analyze logs provided valuable insights.

Splunk's impact on decision-making is significant. I have access to all the data I need, and it is always reliable.

Splunk Cloud Platform's search modes are a powerful feature. There are 3 main modes: Fast, Verbose, and Smart. These modes allow us to customize our search based on our needs, which can significantly improve our response time.

Splunk Cloud Platform's dashboard could benefit from some improvements. While it functions adequately, it appears very minimalistic. It's built using a simple XML format, and while newer dashboard options have been released, it still lacks the visual capabilities of tools like Power BI and Tableau. While I understand these are different platforms, having a more powerful dashboard option for the Splunk Cloud Platform would be valuable.

There is a lack of comprehensive learning materials offered by Splunk to prepare for their certifications.

Splunk uses SQL as its search language. One challenge I've encountered is with subsearches used in joins. These subsearches can only handle a maximum of 50,000 entries. If our data set is larger, we won't be able to join it using a subsearch. This limitation has been a significant obstacle for me. I've searched the Splunk community forums, and even reached out to my colleagues and seniors for a solution, but haven't found a definitive answer yet.

I have been using Splunk Cloud Platform for 2 years.

It is reliable. In my experience working with virtual machines, any search lags are likely due to the VMs themselves, not Splunk.

I would rate the stability 8 out of 10.

Splunk Cloud Platform is horizontal scaling. So it is easy to scale based on the data we are using.

I would rate the scalability of Splunk Cloud Platform 9 out of 10. 

Deploying Splunk Cloud Platform requires knowledge of the Splunk architecture, the deployment server, and the components.

We have seen a return on investment.

The certifications are costly.

I would rate Splunk Cloud Platform 8 out of 10.

The maintenance required is minimal.

The resilience of Splunk is good.

I recommend the product.

Splunk Cloud Platform is a powerful tool for handling big data. To get the most out of it, understanding both the developer and administrator sides is beneficial. The platform offers broad compatibility with various technologies and allows for easy scaling to accommodate your needs.

We use Splunk Cloud for monitoring various ticketing tools, servers, applications, URLs, and client transactions. We're monitoring the transactions and data flow. 

Splunk has sped up our response and reduced the time we spend manually monitoring any logs for ticketing tools or servers. It saves us around 2 hours daily. 

We can onboard multiple data types for monitoring from various ports and use Splunk to monitor laptops or other devices directly. If everything is stored in our database, we can also monitor that and see who is logging in and when. You can monitor which files are being used most and which ones aren't. We can also check for any fraudulent activity in the system. The reporting is highly detailed.

Splunk is best when used for real-time monitoring. We can use AI and machine learning, too. Splunk plans to launch new observability features soon. The federated search feature has helped us eliminate redundancy in data servers and discontinue servers that aren't being used much. We can remove those servers from the environment to cut costs. 

We can use Splunk to monitor multiple environments. The ease of monitoring depends on the source, application, or cloud environment size. 

Sometimes, integrating with other systems is difficult, and it isn't feasible to connect with other applications, but it's easy most of the time. I rate Splunk 7 out of 10 for its ability to integrate with other systems. 

Every time they launch new versions, we experience a few bugs. The most recent version had a couple of bugs in the databases. We contacted the vendor and got assistance solving these bugs, so the environment is more stable. 

I have used Splunk Cloud for 4 years. 

I rate Splunk 8 out of 10 for stability. It has some bugs, but that is common in any product. At least, Splunk resolves bugs quickly. 

Splunk's scalability is nice. 

I rate Splunk's technical support 9 out of 10. 

Positive

Splunk is easy to deploy. We have it deployed across data centers at multiple locations. Splunk requires some maintenance after deployment. 

Splunk is a bit pricey, but it's reasonable for the features offered. 

I rate Splunk Cloud Platform 8 out of 10. I would definitely recommend Splunk to others. 

I used it in my last organization for monitoring, intrusion detection, and intrusion prevention.

We wanted to take preventative actions so we implemented it.

The monthly security reports were detailed, and we got to know about a lot of vulnerabilities that we did not know about before.

It integrated well with other systems and applications in our environment. I would rate it a ten out of ten in terms of integration.

Splunk Cloud Platform had a good impact on decision-making processes in our organization.

It was helpful for data access for compliance and privacy regulations. I would rate it a nine out of ten in this aspect.

Splunk Cloud Platform had a very good impact on our organization’s security posture. The resilience that it offered was very important because we were dealing with client data.

For reporting, a lot of manual intervention was required to create the reports, but after that, it worked well.

Its interconnectivity with the cloud platforms, such as Azure and AWS, was valuable. 

We had multiple cloud environments. It was easy to monitor multiple cloud environments using the Splunk Cloud Platform’s dashboard.

Considering its price point, it does not need any improvement. However, it does require manual implementation.

There can be more modules and more integration with other areas in the cloud and on-prem. I am not sure whether it includes network devices and things like that.

I worked with this solution for one year and a half.

It is stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability and extensibility.

I got great support from them every time. I would rate them a ten out of ten.

Positive

We were not using any similar solution previously.

It was deployed on a public cloud. Its setup was quite complicated. A lot of steps were involved in implementing it.

We had some engineers from Splunk to advise on a couple of things.

We had three people involved in the deployment. They were all cloud engineers.

It did require maintenance. We had one person involved in the maintenance.

It was a good model.

We evaluated other solutions, but I do not remember the names. I know there was one from AT&T.

I would rate Splunk Cloud Platform a nine out of ten.

We leverage the Splunk Cloud Platform to effectively manage the vast amounts of machine-generated data, thereby ensuring application management security compliance.

We implemented the Splunk Cloud Platform to enhance our customer experience and optimize the data storage costs. We can convert the log data into numerical data points when requested.

The Federated search helps retrieve data in a better way.

Splunk Cloud Platform simplifies monitoring across multiple cloud environments, providing real-time insights into operational flow. It also streamlines data conversion, reducing the data-driven process for the company.

Splunk Cloud Platform's machine learning and AI capabilities simplify data management and provide clear visibility into multiple environments.

The AI makes it easy to integrate with other systems and applications in our environment.

The Splunk Cloud Platform reporting provides good insight.

Splunk Cloud Platform significantly boosted our performance and cost-effectively optimized data sets, delivering immediate benefits.

Thanks to the Splunk Cloud Platform we can make decisions within the organization much faster.

Splunk Cloud Platform empowers our organization to access data efficiently, ensuring compliance with privacy and regulations through actionable insights.

Splunk Cloud Platform strengthens our security, particularly in handling complex processes.

The data management and instant search features are the most valuable ones for us, as they allow us to instantly retrieve information needed for reports and security compliance.

Splunk should increase the frequency of new feature releases, particularly those related to real-time operational flow monitoring and analytics reporting. It has been over a year since any significant updates were added to the Splunk Cloud Platform.

I have been using the Splunk Cloud Platform for one year.

Splunk Cloud Platform is stable.

Splunk Cloud Platform is scalable.

Splunk Cloud Platform's resilience is good.

The initial deployment was straightforward. The deployment took around four hours and required two people.

We evaluated Victoria Experience but it was not suitable for our environment.

I would rate Splunk Cloud Platform an eight out of ten.

We have around 150 users.

No maintenance is required from our end.

I recommend Splunk Cloud Platform. It helps monitor all the respective functions.