We will have clients that generate events through our platform and wish to export those events as data points to Splunk.
The solution improves our customers' integrations. They really want insights into what their users are doing. They want to be alerted to anomalies, general pain points, or popular areas in the integration to understand what's working and what's not.
The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing.
Splunk Enterprise Security should provide a better and richer integration. It has a regimented integration, where we had to build a Python library. It was a very tough way to integrate officially and get into the marketplace. We'd like to see more options so that we can better send data over to the Splunk platform.
The requirements of building the integration had to be a very specific and certain way to get onto your marketplace. Once it's there, it's fine, but it took a little effort to get it exactly that way. That's not as maintainable as we like, so we'd rather that be a more robust integration.
We've had an integration available for the better part of three or four years.
The solution provides good stability.
We haven’t seen any issues with the solution’s scalability.
We mostly interacted with the marketplace community. Although our support experience was not great, the issue was straightforward.
Our customers have seen a return on investment with the solution. We have seen customer satisfaction as it was a highly sought-after integration, and they're happy now that it exists.
The end-to-end visibility that the solution provides into our environment is incredibly important to our organization. We like to see it as the total answer. Any data point can be picked up, and you can really build anything you need from the integration. It's incredibly valuable with the data that it's generating. What the tool provides once integrated is highly valuable and sufficient for us.
Finding any security event across multi-cloud, on-premises, or hybrid environments with Splunk Enterprise Security has been incredibly easy. Using the rest of the Splunk platform, you can trigger whatever you need off the data coming in through the integration.
The solution has helped improve our organization's ability to ingest and normalize data. It also generates more customer activities so that there's a stickier relationship.
The Splunk integration triggers the necessary events so that downstream alerting isn't necessary.
Splunk Enterprise Security has helped speed up our security investigations. It's a great direct integration so that our customers can react quickly when necessary.
In principle, the solution has helped reduce our mean time to resolve, but not necessarily data points that we see as the integrator.
Overall, I rate the solution an eight out of ten.