I use Splunk primarily from a gateway operations perspective. I work on application support. As part of that support, we regularly monitor the application dashboards built in Splunk using the logs. I covered this earlier this month.

The real problem we were facing was that we were unable to get all of our logs into a single place. We have an on-premise application with multiple servers across different data centers, and we needed to be able to view all of the logs together in order to troubleshoot any problems. That's why we started using Splunk to forward all of our logs to a single location.

Moreover, Splunk APM gives us end-to-end visibility across our entire on-premise environment. 

Another biggest benefit I've seen is the ability to quickly identify problems using Splunk alerting. We set up alerts against our application metrics, and this has helped us to resolve major issues much sooner. We can now identify problems as soon as they occur, which gives us time to take corrective action before they impact our users.

Splunk has reduced the amount of time our operations team spends investigating problems. This has freed up our engineers to focus on other tasks, such as improving our application performance and adding new features.

I like the fact that Splunk APM makes it easy to connect to the application database and run queries against the data. I also like the fact that Splunk APM allows me to use log forwarders to forward logs to a central location, where I can then build dashboards to view the data. The dashboards are probably my favorite feature of Splunk APM.

I've been using the Splunk query language, and it can be a bit time-consuming to set up the queries I need. I've had to look at a lot of community forums to find the filters I need, and it can be difficult to get the details I need.

I have experience building dashboards and other things with Splunk APM.

I've been using Splunk APM for over a year now. As part of my job in application support, I regularly create and maintain dashboards for our applications using Splunk APM. I also use dashboards to create alerts based on certain metrics.

Moreover, I'm currently working on a project to create a new dashboard for our customer support application.

The stability of the solution is good because I have never had outages I have seen so far. In terms of usage, it's good in terms of availability.

I haven't had to contact the support yet. We have a separate team that maintains and builds our relationship with Splunk, so they would be the ones to contact if we had any issues.

The solution doesn't require any maintenance. 

We used New Relic and AppDynamics before Splunk. AppDynamics was our APM tool, and I'm still using New Relic for monitoring Splunk. New Relic is great for log monitoring, and it's our main tool for internal application monitoring.

With Splunk APM as an enterprise solution, various factors come into play. Right now, considerations include pricing and how they envision the solution to work for them. Some might want the solution to be cloud-based. It largely depends on the volumes they anticipate. Organizations must decide how much they're willing to invest, especially when comparing it to other investments they've made. With the current economic recession and organizations looking to cut costs, it's crucial to evaluate the volumes and aspects of Splunk that are most relevant to them.

Overall, I would rate the solution an eight out of ten. 

We use Splunk Infrastructure Monitoring because it is a durable solution for our environment.

Splunk Infrastructure Monitoring is easy to use.

The dashboards are good.

Splunk Infrastructure Monitoring has helped improve our operational performance and efficiency. 

Splunk Infrastructure Monitoring has helped reduce our MTTD by 90 percent.

Our MTTR is good thanks to Splunk Infrastructure Monitoring.

The most valuable feature is log reporting.

The price has room for improvement.

I have been using Splunk Infrastructure Monitoring for five years.

I would rate the stability of Splunk Infrastructure Monitoring ten out of ten.

Splunk Infrastructure Monitoring is scalable.

I have used the technical support a few times and they were good.

Positive

I would rate the price of Splunk Infrastructure Monitoring as an eight out of ten, with ten being the most expensive.

I rate Splunk Infrastructure Monitoring ten out of ten.

Splunk Infrastructure Monitoring is a good service that provides visibility into our environment.

I recommend Splunk Infrastructure Monitoring to organizations for the logs that will help identify errors in their devices and assist them in resolving the issues.

One person is required to maintain Splunk Infrastructure Monitoring.

In my company, we use Red Canary MDR to perform MITRE ATT&CK, after which I import the lot or whatever commands were run by Red Canary MDR to my Splunk system for further analysis. I use a type of real-time monitoring by Splunk.

The most valuable feature of the solution is the way it formats the raw data and helps make the understanding process much easier for the users. When you see the unformatted lots, it looks gibberish, especially for first-time users who may not understand a lot of things, but using Splunk Real User Monitoring (RUM) can make their job easier.

I had tried onboarding Splunk Real User Monitoring (RUM) on the cloud, but unfortunately, I couldn't onboard it on the cloud. It is an issue from my end that Splunk can try to improve.

I have used Splunk Real User Monitoring (RUM) for over half a year. I use the solution with an enterprise license for a trial period of six months. I am a customer of Splunk.

It is a stable solution.

Everyone in the SOC team, consisting of 50 to 100 people in my new company, uses Splunk Real User Monitoring (RUM).

The initial setup of Splunk Real User Monitoring (RUM) was easy.

The solution is deployed on-premises.

My company decided to go with Splunk Real User Monitoring (RUM) over other solutions since it has the ability to format raw data making the job of the organization easier.

I recommend the tool to those planning to use it since even though similar tools are available in the market, Splunk Real User Monitoring (RUM) is easier to use, especially for businesses.

I rate the overall solution a nine out of ten.

We use Splunk Infrastructure Monitoring to get an overview of what's happening in our customers' infrastructure. We're monitoring our servers, network, IoT devices, etc. We're a service provider, so the solution is installed in one place. 

Splunk Infrastructure Monitoring has enabled us to be more proactive. We can identify and respond to an issue before there is a failure. It has helped us significantly. For example, if somebody is attacking us we can detect that there is an increase in traffic and investigate to see if it's legitimate. We can block them or take other actions before it becomes a problem. 

Splunk Infrastructure Monitoring gives us complete visibility without the need for storage. We can visualize our infrastructure. Where is the traffic going? Are there any attacks? What are our vulnerabilities?

Splunk could be better integrated with configuration manager solutions so we can automatically resolve issues without human interference. 

We have used Splunk Infrastructure Monitoring since 2015.

Splunk Infrastructure Monitoring is stable. 

Splunk is scalable. It's easy to add more devices as needed. 

I rate Splunk support an eight out of ten. 

Positive

Before Splunk, we used multiple vendors, including Cisco, SolarWinds NPM, and WhatsUp Gold. 

The deployment process isn't complicated. We installed Splunk on a VM and started it. We have a team to deploy and monitor it.

Splunk is worth the investment. When an incident happens, you need reports immediately, and Splunk is the best monitoring solution for this. 

Splunk is expensive, but it's the best solution for the job. 

I rate Splunk Infrastructure Monitoring a nine out of ten. Splunk is a responsive piece of software. It's user-friendly and easy to get the data you need. I advise people to take the time to learn how to create reports and analytics.  

We have used Splunk to give us insight into the NetFlow of the traffic running through our network. We connect different networks but we only use on-prem. We are in the middle of a spider web, providing these services to different networks. We are trying to gain visibility into the traffic that traverses our network internally.

We are interested in the traffic volume because the services we are looking at are endpoint-encrypted, meaning encrypted traffic between a service provider and a client in another network. So we are not able to look into the media stream.

The networks we are connecting have their own security boundaries and their own security levels, and we don't mess with that. We are just trying to let them talk together. 

We have been using Splunk for monitoring who is logging in and how and when.

It has given us visibility into what is going on in the network, such as how much traffic is running to and from the services, but we are not using Splunk in a straightforward way. When we are looking into reports on how much data has been used, we need to look into another system and enrich it with data from Splunk.

Splunk has drawn our attention to how the network is running. If there are alarms on things that are not functioning, it gives us early warning on problems that could arise.

In terms of operational performance, the efficiency, Splunk has helped us improve. We could have found other tools that would have given us the same efficiency, but this was the tool that we chose. From that perspective, it has been of value to us.

It would have helped us reduce our mean time to detect but I can only guess at how much; perhaps by 25 percent. And we would see a similar reduction for mean time to resolve.

It's a bit difficult to use. It takes some time to get into it and to get it to do what you would like it to do. It is not straightforward to use it. Once you have the dashboards for collecting and analyzing transactions configured, they are okay, but it takes some time to do it. Configuration could be easier.

We have been using Splunk for about eight years.

We have not looked at Splunk as a means of being able to scale, but we have not been hindered by using Splunk. Our goal has not been growth, but maintaining stable and secure networking, and this is what we have achieved. But with or without Splunk, we would have achieved that anyway.

We really haven't had any technical issues where we involved Splunk's support.

We did not have a previous solution like Splunk, other than in-house-developed tools. We got acquainted with Splunk as part of the tender for our network infrastructure, and from that perspective, it has been okay.

Splunk has been fairly expensive, but it has been predictable. You are not punished if you are looking into much more data if you are, for example, under attack. Other tools could be more expensive to use if they charge per incident or the amount of data you are looking into. With other solutions, you could be punished if you need to index more data because of an attack, such as a DDoS attack, and you need to do some forensics on the data.

Why shift to something you don't know when you are, perhaps, happy enough with the tool that you already have? Think about whether you could develop that tool into something that would give you the visibility you would like to have, instead of using Splunk. Are you looking into incidents, traffic flows, indexing per day, or is the issue that you're looking for an alternative with a better price? Think about why you are considering shifting from a tool that you already know.

Right now it improves the gap between our on-prem data centers and our cloud environment. We've been using Splunk on-prem for eight or nine years now and it's been useful seeing existing tools that we've used like Splunk integrate into cloud environments and bridge that gap. We use the integration the most.

It has reduced our mean time to resolve. It's been easy to aggregate logs and infrastructure data in one place, making it easier to find a single point as opposed to jumping around tools. It's ten to fifteen percent better. It makes aggregating data and logs faster for our cloud purposes.

There's a feature that allows you to connect to AWS infrastructure that we've been using. Its integration with the cloud is what we're looking forward to the most.

It is very easy to monitor multiple cloud environments. It's like a single pane of glass for us. We can use it to monitor our on-prem and both of our cloud environments as opposed to having different tools for each environment. It makes it all come together in one tool.

It's fairly important that it has end-to-end visibility into our native environment. We host a lot of other programs in our program. We host an infrastructure platform. It's good to have the integration that we can pass on to our customers to show them that there are tools they can use to better their program while we're using them to better ours. So it's been pretty beneficial.

Splunk's ability to predict, identify, and solve problems in real-time is good. I was very happy with the keynote. A lot of the use of machine learning is cool. We're excited to get our hands on that once it makes its way to Enterprise.

We still use Splunk Enterprise licensing. A lot of the newer features go into Splunk Cloud before Enterprise. We're not looking to switch our licensing over, so we're falling behind on the newer features. I know Splunk has plans to move their cloud features into Enterprise at some point. The only improvement we would like is to have more features put into Enterprise that focus on the cloud. Some people come from an on-prem environment and slowly move to cloud and would have to make a full jump into the Splunk Cloud licensing to get any of the cool Cloud features.

The program that I'm on has been using Splunk Infrastructure Monitoring for around three years now. We started off mainly on-prem for data centers and we've slowly migrated into AWS and Azure for cloud footprint.

The company has been using Splunk since we were a lot smaller. We were using Splunk for data logs, aggregation, and things like that.

It's very stable. We've never had issues with that. Anytime we do have stability issues, it's something that we can work on to fix. It's not an inherent flaw with the product.

Scalability is excellent. That's what Splunk is designed for, big data aggregation. It's been very easy and seamless to scale up over the years.

I've only had a couple of Splunk support cases, and they've been very, very prompt in responding, especially compared to some of the other big enterprise tools we use.

Positive

We have seen ROI. It's made onboarding better and it's easier for engineers in our project because there's a single pane to view all of these different environments.

We have seen time to value. It makes it a lot easier to train new people and get them spun up. We had our cloud environment for a couple of years before we started integrating with Splunk. It was a pretty quick improvement within a couple of months, noticing how beneficial it was to have a single pane of glass in all of our different environments.

I understand Splunk wants people to move towards Cloud licensing for a lot of the newer features, especially for multi-cloud. It would be nice to see those in Enterprise. I understand why they do it but that is my main concern. 

I would rate Splunk Infrastructure Monitoring a seven out of ten. There's more we can do with it. We just haven't explored it. 

We mainly use it for different divisions and departments within our company to keep track of our systems' health. We also ingest log files to get data and alerts for different groups.

We used to use a number of different tools before we were introduced to Splunk. We used to have a very hard time getting this data in and being able to effectively use it because we had such a massive amount of data. We also could not find a way to organize it effectively. Splunk helped us to effectively use all the data that we collect in a valuable way for different customers and groups that we have in our company.

It has definitely helped reduce our meantime to resolve (MTTR). A lot of our customers have difficulty getting to root cause analysis of different problems and situations. They also do not have the data to perform analytical responses for different problems that there could be within our industry. They are now able to use this data effectively, not just for alerting, but also for preventative maintenance.

It has definitely improved our organization’s business resiliency by a lot. I do not have the actual data to share at this time, but there has been a marked improvement in the organization. We are now able to keep track of all the raw data that we pull in and then use it effectively. This helps our organization run more efficiently.

It has improved our organization's ability to predict, identify, and solve problems in real time. We are able to use data and search for it effectively. We have different analytical forms and data that we can use to improve in different ways. 

The most valuable thing that we have seen within our group is the ability to ingest all this raw data and have it organized in a certain way so that different groups can get effective alerting from this massive amount of raw data that is out there.

A lot of customers had a hard time effectively searching within the data in Splunk. There is a learning curve from searches to indexes and using all the macros that we have created. It is a little difficult for somebody who has not used it quite a bit and does not have a lot of practice with it, but the AI features that we have been hearing about through Splunk will make it a lot easier for us to use human language to search this data. That is big. That is pretty powerful, and that will help a lot with our customers. At the Splunk conference, some of the talks have been about the AI platform and more effective and easier ways to search within Splunk through indexes and other things. These features will help correct some of the things with which we are having a hard time with some of our customers.

We have been using this solution for about four years.

We are not on the cloud. We are all on-prem. We have had certain issues with space on the servers and things like that, and while moving things up to what we need, we have not had any issues on the Splunk side.

It is great. We have not had any major issues with getting support from Splunk. With our monthly license, there are a certain amount of hours that we have with Splunk support. We are able to use it when we are getting close to the end of the month. In our meetings, we make a list of different topics that we would like to explore and discuss with Splunk. We create meetings for that, and they are always very helpful. We never had any issues in getting support from Splunk. I would rate their support a ten out of ten.

Positive

We used to use Tivoli. We also use AppDynamics in addition to Splunk for different parts, but we are starting to learn that Splunk does have a lot of similar toolsets. Splunk does the same as what AppDynamics does, and in some cases, there are more powerful tool sets that would help us. We are thinking of petering down our different tools to get into one tool, possibly Splunk. We already got rid of Tivoli, and we are using Splunk fully in place of Tivoli. We have seen a positive response to it.

We have seen cost efficiencies by switching to this solution. Because of the wider range of tools that Splunk offers, we were able to get rid of Tivoli and get rid of that licensing obligation on an annual basis. We are able to save a good amount of money on that and move that budget over to our Splunk budget to keep everything under one umbrella.

I was not involved in its deployment. I came on the year after.

We are currently on-prem, but we are working on developing and moving everything over to a Google Cloud platform. The announcement that Splunk is partnering with Google Cloud, in addition to AWS, is pretty good for us because we are working on moving over to the cloud in the next couple of years.

We have definitely seen an ROI. Our team is able to spend more time learning one tool as opposed to having to learn multiple different toolsets. Therefore, we are able to get more work done in a more efficient manner.

We have seen time to value using this solution. Our company has a very heavy push toward work-life management. Since we have been able to, especially in our group, switch to this tool, we could cut down on our on-call time and have our groups run on different patterns where people who are off are actually off. They do not have to be called in because essentially, everybody is able to access the tool and use it effectively because it is the one tool that we use as opposed to having different tool sets. Everybody knows how to use it, so it definitely has helped us in that way.

I know there was a panel and a team that was going through different tools. I was not a part of that process, but I know there were quite a bit of tools that they were looking at. Splunk must have worked out better than everything else.

I would rate Splunk Infrastructure Monitoring a ten out of ten.

We have our application development and we monitor our websites. I create alerts and dashboards to help us notify if we have any infrastructure issues.

We get our data in and then I create some SQL queries to find out where our averages are and do some predictive analysis. When we deviate from the normal, that is where I like to set up alerts and dashboards. I have alerts that trigger and link to dashboards to see the trend over time or what happened last hour. There is also alerting to the phones.

I believe Splunk Infrastructure Monitoring has improved our organization because, over time, it has always been pinpointing the source of the problem. We have pretty quick responses knowing that we have a problem, and we can drill in pretty quickly to find out where the problem might be occurring. Is it a specific server or is it happening to multiple systems across the board? It is easy to visualize that.

Monitoring multiple cloud environments is pretty easy because it just aggregates from different places, and when we have an outage, we can say, "Oh! Amazon West is having a problem."

Splunk Infrastructure Monitoring provides end-to-end visibility into our cloud-native environment. I am not directly involved with the cloud portion of it, but for our developers, end-to-end observability is important because we have multiple platforms and systems.

Splunk Infrastructure Monitoring has reduced our mean time to resolve. I cannot put a number on that, but compared to years ago, we now do a pretty good job of infrastructure monitoring. We can better monitor a bunch of different aspects of our business.

Splunk Infrastructure Monitoring has improved our organization's business resilience. We do not want to be down, and we do not want people to be not able to pay their bills online.

It is a great resource for us because we have so many different data sources and to be able to aggregate that and put it through a concise dashboard or an alert really helps.

We have both on-prem and cloud, and the challenge is getting all our log data aggregated or streams aggregated so that it is real-time. We do a pretty good job of that, but our organization is not using it as a security platform when it can do a great job of that. We have other tools that we use, but we should leverage this more in our organization because we have already got the tools and the software.

I have been using Splunk Infrastructure Monitoring since 2019.

It is very stable. Especially since we went to the cloud, it just makes it easier for us.

We have not had any issues there.

Their technical support has been very good. I have not had to use it a whole lot because we have pretty good and experienced staff. We use consultants, and in general, we have been lucky. We work with our representative, and we have hired a couple of contractors. 

We have used different solutions in the past. I used CA Wily. New Relic was another tool we had used for a time. 

We had several different tools that we were using for APM monitoring and website monitoring. Over time, we migrated more to the Splunk platform because it helps to aggregate the data. Having to configure all the agents was painful, and Splunk made that a lot easier.

It was pretty easy. We had to set up all of our collectors. Getting our feeds was critical. 

We have an on-prem setup, so we have a lot of forwarders. We are also on the cloud. We have a data center locally, and we have one in Texas. We also have a third one that I like to call the cloud, so we have three different environments that we move between, and it is nice that when we have a problem, we can tell exactly where it is.

John Ansett's company helped us with our initial deployment. They did an excellent job.

We have seen an ROI. It is hard to put a price on downtime, but our primary business is travel, insurance, as well as automotive. We are a diverse organization, but our bread and butter is insurance. If there is downtime, people cannot pay their insurance bills online, or they cannot look up the policy and that type of information. Being down is not good for our customers.

We have seen a time to value. I use a lot of dashboards for monitoring, and I have trained other teams in our organization on how to use the tool. It is starting to have a lot of legs now, and we got a lot of different diverse departments using the tool. We are getting a lot of experienced staff to use the tool and make their own desktops.

It is difficult to put a price on how fast you can find a problem and resolve the problem. We have got web services and servers, and sometimes, pinpointing where the problem is took the longest time. Having ITSI observability and Splunk dashboarding together has helped a lot with that.

I am not in that circle, but we are currently licensing based on our queries. That is working out for us. Previously, it was by volume of data, and now, we can store as much data as we want. 

I would rate Splunk Infrastructure Monitoring a ten out of ten because that is primarily what I use every day. I love the product. 

I am a technology analyst. I have been working on a financial project in the US. For this project, I used Splunk APM for troubleshooting and reviewing the logs, and finding errors. Most of our APIs ran on Splunk APM, and we used it to find errors in our production environment.

We are no longer using Splunk APM. We have switched to Dynatrace.

Splunk APM is very good for monitoring purposes. You can watch application-to-application flows. If you just click on a flow, you can go step by step and debug an issue. The places with errors are marked in red. The API or the application in which you are getting an error is red. From there, you can go to the log or the error, and then the person responsible for that particular API or application has to fix it.

Splunk APM gives tools for user monitoring, logs observability, infrastructure monitoring, synthetic monitoring, and automated on-call. 

Splunk APM provides real-time data. In the logs, if you want to see errors related to status 404, you can just write one keyword, and you will get the results.

Splunk APM offers end-to-end visibility across the environment, but it also depends on how your business is set up on Splunk APM.

Splunk APM helped to reduce our mean time to resolve (MTTR). Previously, I had to log into my VPN, run commands, and see the logs. After having Splunk APM, I could click on one link and go through the logs. 

We could set up Splunk APM based on our environment. I worked on one project with Splunk APM. In that project, we faced a lot of issues, and I resolved the issues with the help of Splunk APM. I found the accurate logs and the easiest way to resolve the errors.

Splunk APM is the most advanced application for performance monitoring and troubleshooting for cloud-native applications and microservices.

The ability to troubleshoot is valuable. While running any product or API, we need to troubleshoot issues. We need to find the error in the logs. In Splunk APM, we have the section logs. In that section, we can search with any particular keywords. Before Splunk APM, I also worked with Splunk Enterprise where we have various dashboards to monitor. 

It is an application performance monitoring and observability tool. It is a very good tool. You need to use the documentation on Splunk's website. From there, you can learn many things. I have Splunk certification. You can dive deep into it. For me, it gives end-to-end visibility into our production environment.

They can improve the flow system and the keyword language. It has predefined keywords, but they can be improved. I also use LogMeIn where I can use predefined keywords to see the logs. 

They should give us the option to use our own language to search. For example, I should be able to search for an ID name along with an error or status code. 

I worked with Splunk APM for one and a half years.

I have not faced any downtime. I have worked with Splunk APM for one and a half years, and I did not face any downtime during this duration of time.

I have never faced any issues with scalability.

I did not have any need to contact support because I did not face any issues. 

We used another solution previously. In Splunk Enterprise, it is easier to create dashboards. You can easily set up application alerts and infra alerts. You can search with metrics and you can set alerts based on a specific error. Whenever that error occurs, you will receive an alert.

I am not involved in its deployment. In terms of maintenance, it is owned and managed by Splunk. Everything is maintained by Splunk. I have not faced any downtime with Splunk APM. I have also used Splunk Enterprise previously. With both of these products, I did not face any downtime. 

The pricing is reasonable.

It is a good tool. It allows you to set alerts for application and infrastructure monitoring, and it allows you to create dashboards. You can set alerts based on the threshold or traffic.

For logging purposes, Splunk APM is very good, but we should be able to use our own search query language. Currently, we can only search based on the predefined tags.

Overall, I would rate Splunk APM a nine out of ten.