Splunk Cloud Platform Reviews

We mainly use it for the purposes of analyzing application logs to get a bit of understanding of what is normal application performance and then use that to highlight errors and inconsistencies when they occur.

Resilience is incredibly important to us. We are in the medical field. It is insurance. When people are using our service, we should be able to provide that. Having that resilience is key for us because we are helping people. The resilience that Splunk offers has been valuable in that regard. There is peace of mind for us and our customers.

We have multiple cloud vendors that are being utilized in Splunk. It has been useful. Splunk is able to handle a lot of things out of the box. There is a good bit of value in being able to make sense of multiple types of logs in one environment and being able to cross-reference them. It has just taken a lot of effort out of that.

We have integrated it with other tools. At the moment, it has been with Cribl as a pipeline tool so that we can be agnostic with Splunk in some regards. Cribl handles the logs being sent to Splunk, and then from there, if there is anywhere else where we want to send them, Cribl can handle that too. That has been our main integration. The ease of integration varies. Splunk offers out-of-the-box support for some tools and applications. Integration with them has been quite simple. Other things have been a bit more difficult. Integration can be more difficult if it does not have a Splunk base, but there is a good range of things that are available out of the box.

Its reporting has been excellent. We have integrated it with tools like ServiceNow, so we are able to create an instance for teams and integrate it with our NOC. The reporting has been incredibly valuable.

I come from a monitoring background. I knew from the get-go the value that we could get from Splunk, but we actually started to see its value once we started enforcing logging standards. It made it very easy for us to validate if something was or was not following our standards.

It has been great from the compliance perspective. It began to show value to some of our customers when they were able to search multiple applications because of the standards and compliance built into it.

It has had an impact on the decision-making processes in our organization. It has been mainly around compliance. Given it is a financial and medical sector, decisions have been made around what information we are storing in the logs and how we are managing the data that comes directly from Splunk.

It has been good for helping our organization access data for compliance and privacy regulations. It has been useful for pinpointing things. We are able to ensure that we are abiding by those standards. It has been incredibly useful in that space.

Dashboarding has been very powerful. I work with a lot of different customers, so being able to tailor the data for different customers has been valuable. I am able to make visuals and have reports where they can self-serve.

It would be nice to see more comparisons between Splunk and other log management tools. There are some legacy tools that people are often coming off. It will ease the transition if you are coming off a Windows LogViewer or any other logging tool. Splunk could offer more advice on how to transition into it or onboard it.

I have been using this solution for two years.

I have not had any issues related to stability.

This is outside of my department, but it seems like it would be easy to scale up. However, there is a cost concern. That always seems to be the linchpin when people discuss Splunk. It comes at a cost.

When it comes to extensibility, they make it relatively simple, but it is an expensive tool. There are always going to be conversations that need to be had.

The quality of the answer has been good. We have had to leverage the support only a small number of times. We found the actual portal to get support difficult. Some members of the team were not able to raise certain types of requests. However, when we got through to support, we had no issues.

Neutral

Prior to Splunk, we had a mixture of things. LogViewer and Graylog were used. Some folks had their logs locally. There was not one central system. 

I was not directly involved in decision-making, but some of the things that I called out as useful were the analytical tools that Splunk offers. We can very quickly get to the root cause by using its query language. It provides a lot of power with little effort. That is what initially drew me to it.

Moving to Splunk allowed standardization. That is the key. It does not matter which part of the company you are from. Splunk has given us a mechanism to say that we expect the logs to look like this, and we all are going to abide by that. It has made standardization a lot easier. Previously, you would not know what you were getting while dealing with a logging problem.

I was involved in its deployment only in a small cluster. I was mainly involved in setting up standards around logging. It was challenging. It was dense, but it was manageable. The feature set of Splunk allowed us to know what we could or could not do.

The main part of maintenance is the ingestion of new logs. New teams and applications get stood up every day, or a new cloud vendor comes in, so there is some maintenance involved there.

We had Splunk technical support. We had a mixture of people from other departments. We had some folks from security, and we had some folks from operations. There were 15 regular faces and 2 Splunk contractors. We involved other teams on an ad hoc basis, but the core team had 15 people.

Overall, we had 20 to 30 people who directly worked with Splunk in some way or for some period of time. We also had to involve all of the teams to get their feedback and educate them on how to use Splunk.

I do not personally deal with that side, but from discussions, I know that it is one of the more expensive tools. I do not have anything to compare it with.

New users should focus on the Splunk free courses. They are an excellent resource. If you are a customer, you should take up the search and reporting classes. That is probably going to be what 99% of people are using it for day to day. If you are a sysadmin user or someone setting up the instance, there are free classes for managing licenses and ingesting data. I would highly recommend them. The free classes are a great start, and if you think it would be valuable, take some of the paid classes as well. They are incredibly detailed.

When it comes to security, we definitely have a stricter attitude when things are going to the cloud because they are not fully in our control. Going to the cloud is always a little bit scary, but we have put in a refined approach for the data going into Splunk.

I have not made much use of federated search. I have come across it, but it is not something I have leveraged.

I would rate this solution a seven out of ten. What it does, it does well, but I do have qualms with it here and there. There are obvious features that are missing from time to time, but I am happy with what is there.

My manager typically requests dashboards, alerts, and scheduled reports. Based on their specific requirements, I create reports and dashboards that visualize the data. We leverage the Splunk Cloud Platform to fulfill these needs.

Additionally, my teammates may approach me for insights. I analyze the data and provide them with these insights, which they then use for team meetings and further data analysis. This ultimately helps them make informed decisions.

Splunk Cloud Platform improves our incident response time by enabling the retrieval of large data volumes. The platform offers impressive search speeds, and we don't need additional SQL commands to optimize response times.

We saw immediate benefits from the Splunk Cloud Platform. Being able to access and analyze logs provided valuable insights.

Splunk's impact on decision-making is significant. I have access to all the data I need, and it is always reliable.

Splunk Cloud Platform's search modes are a powerful feature. There are 3 main modes: Fast, Verbose, and Smart. These modes allow us to customize our search based on our needs, which can significantly improve our response time.

Splunk Cloud Platform's dashboard could benefit from some improvements. While it functions adequately, it appears very minimalistic. It's built using a simple XML format, and while newer dashboard options have been released, it still lacks the visual capabilities of tools like Power BI and Tableau. While I understand these are different platforms, having a more powerful dashboard option for the Splunk Cloud Platform would be valuable.

There is a lack of comprehensive learning materials offered by Splunk to prepare for their certifications.

Splunk uses SQL as its search language. One challenge I've encountered is with subsearches used in joins. These subsearches can only handle a maximum of 50,000 entries. If our data set is larger, we won't be able to join it using a subsearch. This limitation has been a significant obstacle for me. I've searched the Splunk community forums, and even reached out to my colleagues and seniors for a solution, but haven't found a definitive answer yet.

I have been using Splunk Cloud Platform for 2 years.

It is reliable. In my experience working with virtual machines, any search lags are likely due to the VMs themselves, not Splunk.

I would rate the stability 8 out of 10.

Splunk Cloud Platform is horizontal scaling. So it is easy to scale based on the data we are using.

I would rate the scalability of Splunk Cloud Platform 9 out of 10. 

Deploying Splunk Cloud Platform requires knowledge of the Splunk architecture, the deployment server, and the components.

We have seen a return on investment.

The certifications are costly.

I would rate Splunk Cloud Platform 8 out of 10.

The maintenance required is minimal.

The resilience of Splunk is good.

I recommend the product.

Splunk Cloud Platform is a powerful tool for handling big data. To get the most out of it, understanding both the developer and administrator sides is beneficial. The platform offers broad compatibility with various technologies and allows for easy scaling to accommodate your needs.

I work on corporate investigations and incident response. I use Splunk Cloud Platform to investigate user frauds, cases related to malware investigations, and anomalies.

In terms of the benefits of the product, I would say it is my go-to tool. Regarding getting all the data from Windows event logs, and considering the other reporting tools we have in our company like Forcepoint, Proofpoint Email Protection, Office 365, or Microsoft Defender, we have to search and get all the data in one place and to do so, Splunk Cloud Platform is super valuable.

The solution's most valuable features are search, reporting, and dashboards.

Splunk Cloud Platform is useful in our organization's monitoring of multiple cloud environments involving cloud services like AWS. I cannot speak about the ease or difficulty of using the tool to monitor multiple cloud environments since I am not on the administration side.

Considering the product's ease of use, the tool offers me the ability to search all the data and get it in a format before giving it to an investigator so that they can get it in a format they can understand.

The expensive nature of the product is an area of concern that needs to be considered for improvement.

I have been using Splunk Cloud Platform for twelve to fourteen months.

The product has been pretty stable for me. I have never seen any outages in the tool, and it has been a pretty solid solution.

I have no experience with the solution's technical support team.

I was not using any other solution in the past.

I don't know anything about the product's deployment phase.

I know that Splunk Cloud Platform is an expensive product.

I rate the tool a ten out of ten.

It's a better pricing model. The main aspect is that we don't have to manage our infrastructure. Since we migrated, we've found we don't have as many outages. 

This allows our admins to focus more on the day-to-day onboarding instead of wasting time dealing with outages.

Our organization monitors multiple cloud environments. We monitor AWS. We have other logging platforms that monitor our infrastructure as well.

It's very important for our organization that Splunk Cloud Platform has end-to-end visibility into our cloud-native provider environments. With the increasing changes in technology, being able to consistently get insights into those new data sources in a quick amount of time is everything.

Moreover, we have seen a reduction in our mean lead time to resolve (MTTR). Our enterprise has some of those dashboards for incidents. Splunk is mainly used to resolve those incidents and identify what's wrong. Over year over year, these times are lower. And Splunk has helped with that. There's other operational things that are probably helping too, Splunk plays a big part, so it is helpful.

I like the Splunk Monitor console. I like how Splunk continually updates it with new features. We don't have to do anything on our end, we just get access to that. 

Splunk has some good dashboards that show us search or user search activity. There are some things that could cause the environment to go awry, like skip searches or searches that are more intensive. 

By being able to identify those, we could reach out to those customers and work with them on improving their standard practice. Since moving to SaaS, we're able to focus more on that.

There's one specific use case I work with. I work with some Splunk experts, and it lacks workload management rules.

It can identify specific dashboards e.g., or all-time searches. When I try to track back to the user, I don't have additional information within those logs to help me know, "This is the dashboard this guy accessed."

Instead of relying on those particular workload management logs, I have to do an investigation that takes time. It takes too much time when it shouldn't.

It's only been a full year so far. We migrated recently.

Stability has been so far, so good. Data is growing, not just for us but for everyone. From what we've seen, it looks like it's handling it accordingly.

We frequently engage with support now since we have a lot of incidents. They consistently ask for feedback on our support cases. We recently had something that was very urgent. Splunk was able to escalate it accordingly and get back to us with a solution. It means a lot to my management.

We've been with Splunk for several years now.

For the cloud, the deployment is easy. 

We just have the standard. We download our packages, upload them via the cloud, upload our apps, and use the App Inspect. 

Before on-prem, we had some CI/CD pipelines to deploy on-prem. Those change calls lasted up to an hour and a half just to verify the change was successful and that everything was coming in as expected. 

Cloud is just uploaded and deployed in a matter of minutes. That's a big plus. It saves us time and a lot of hassle. 

We use our valuable time and do not waste effort. We just work on more important things like onboarding new data sources as log data continues to grow.

By being able to have more time to onboard data sources with customers, we provide our company more visibility and value into our entire environment.

I have no major gripes other than some detailed grievances, so I would rate it an eight out of ten. 

We use the solution for application status alerting, user activities, and active directories. We use the solution for visualization, alerting, and analyzing events or incidents.

The most valuable feature of Splunk Cloud Platform is the alerting feature.

Currently, Splunk Cloud Platform is very easy to use and read. The solution's visualization for the end users is also good. However, setting up the solution or an alert is not straightforward. There's a lot of incompatibility and areas that you have to consider while setting up the solution.

All those things make setting up the solution very complex for regular people who know the business operation. So, they have to hire a third party or a technical person who doesn't understand the business to set it up for them, which usually creates a gap.

When someone who cares about the business and understands its operation sets up the solution, they would set it right. There's always a gap when a technical person or third party sets it up. It may lead to many workarounds to fix issues like alert fatigue or false security. Splunk Cloud Platform needs to be made more user-friendly because it's not user-friendly.

I have been using Splunk Cloud Platform for four to five years.

Splunk Cloud Platform is pretty stable, and I don't have any issues.

Splunk Cloud Platform is a scalable solution.

I usually go to forums and discussions to get answers to my issues. You might need a Splunk account username to talk to technical support. When most users I have talked to face a problem, they Google it. I don't know if the technical support would provide you with support if you were stuck.

I have previously used different solutions like DataStage, Datadog, Grafana, and ClickView.

We evaluated other options before choosing the Splunk Cloud Platform. But when a company buys Splunk services, the end users have to use what they have as a resource.

Splunk Cloud Platform is a really good tool for getting alerts and better information about incident management and maintenance. Because of the solution's complex setup, most alerts are set by developers or people who create multiple unnecessary alerts, creating alert fatigue. Compared to other systems, like Dynatrace, Splunk Cloud Platform is not a smart system for analyzing alerts.

As a project manager, I oversee the process of contacting the concerned parties, knowing what needs to be monitored and why they need the alerting mechanism. I was not directly involved in the scripting and adding Splunk Cloud Platform in the back end.

As business requirements change, Splunk Cloud Platform needs maintenance in terms of setting up different parameters, which is not an easy task.

Everybody uses the Splunk Cloud Platform in a different way. I would advise users to share their experiences about technical difficulties in the forums and community. Sometimes, others might go through the same problem without much documentation, and sharing your technical problems might help others.

Overall, I rate Splunk Cloud Platform a seven out of ten.

We use Splunk Cloud Platform to monitor our environment.

Monitoring multiple cloud environments is made easy with the Splunk Cloud Platform due to its fast ingestion and data recovery times.

Splunk's visibility into multiple environments is excellent. I have found that a hybrid environment works the best, as the login portion remains on-premises while the rest is in the cloud. This reduces the maintenance required on-premises.

There are two types of integration. The first involves bringing something into Splunk, while the second entails moving something out of Splunk. Bringing data into Splunk is relatively straightforward, with multiple options such as RAS, SysLog, and Splunk's built-in functions. However, exporting data from Splunk is more challenging and not as straightforward as the process of bringing data into Splunk.

Splunk Cloud Platform has influenced our decision-making processes. Splunk is primarily employed for security purposes; thus, it excels particularly in SIM. It encompasses an asset and identity framework that effectively gathers information about an organization's assets and individual identities, encompassing all users. Therefore, when considering Unified Business and SIM, Splunk proves to be highly proficient. 

The cloud performance is good.

Not having to perform any maintenance because it is handled by Splunk saves our administrators time which is valuable.

Splunk should offer various options for real-time monitoring. If we could enhance the speed of data ingestion or data retrieval, that would be an added advantage. Additionally, there is room for improvement in SaaS-to-SaaS integration. I believe that reintroducing HTML dashboards would be beneficial, as they provide dedicated web features. This, in turn, gives users the flexibility and freedom to create custom dashboards more easily.

I have been using Splunk Cloud Platform for five years.

I would rate the stability of the Splunk Cloud Platform as an eight out of ten. We still encounter some lagging and errors, but not as much as with the on-premises deployment.

I occasionally get in touch with Splunk technical support, usually regarding data onboarding. These include routine activities like installing or uninstalling applications, as well as making changes to existing ones. On average, we submit at least one ticket per week to them.

Positive

I have used many tools including Elastic, Grafana, Tableau, and Sumo Logic.

Splunk is indeed superior in many cases, but other tools are also making progress to catch up, with Elastic being one of them. They have begun developing their own SIM offering, complete with its own SIM features. Similar to Splunk Cloud, Elastic also has its Elastic Cloud Stack. Some of the features provided by Elastic seem to outperform Splunk. Therefore, there is room for Splunk to enhance these aspects. As for pricing, it could be more competitive, considering that other tools also provide the freedom to choose the Cloud Stack. Although Splunk offers this flexibility, the process often involves extensive discussions, making it less adaptable compared to other tools.

The initial setup is somewhat complex regarding the CI/CD pipeline, and Splunk manages the deployment. Splunk provides a feature called ACS, which enables us to manage the deployment ourselves if desired, but it's simpler to have Splunk handle the deployment on our behalf.

The deployment took around one month and required ten people from Splunk's DevOps team.

The implementation was completed by Splunk.

The pricing is high for small organizations. The cost makes more sense for organizations that have a large amount of data ranges.

I would rate Splunk Cloud Platform an eight out of ten.

There are numerous tools that offer real-time reporting and alerting capabilities. Splunk is indeed effective, but due to the prerequisite of registering logs beforehand, a delay is inevitably introduced. Therefore, while Splunk is suitable for real-time reporting alerts, it may not be as optimal as some alternative solutions.

Resilience has added value and contributed to the improvement of our organization. This is highly significant. In most cases, the SOC team relies on the tool for issue mitigation and ticket resolution. Therefore, it is crucial for Splunk to remain consistently up-to-date and respond as quickly as possible. This holds immense importance.

The extensibility is good, but there is room for improvement, especially in integrating certain logs. Enhancing the process of incorporating raised logs is possible. In most cases now there are limitations on log creation. Previously, a direct option existed to import logs. However, this process has been altered, requiring users to develop an add-on for log integration, leading to increased complexity. Furthermore, users are expected to have knowledge of Python. This can be problematic in cases where users lack such expertise. Therefore, this aspect could certainly be enhanced.

For those who want to evaluate Splunk, it comes down to the volume of data. If they are dealing with a substantial amount of data flowing into their SIM, Splunk would be the superior option. Splunk effectively manages extensive datasets in comparison to other technologies. It also offers numerous additional functionalities, such as an enterprise security suite, assets, and identity framework. Moreover, it has undergone industry testing and has been employed in the field for a considerable duration. In contrast to other organizations, they provide a wealth of features.

We leverage the Splunk Cloud Platform for log ingestion. This allows us to create dashboards, alerts, and reports from security and application log data.

Splunk Cloud Platform offers real-time monitoring capabilities. It continuously ingests data from various sources, allowing us to track its flow. We can set up alerts to be notified of any anomalies, such as spikes in CPU or memory usage. These alerts can be configured to trigger email notifications, keeping us informed of potential issues. Additionally, Splunk Cloud Platform provides real-time dashboards that visualize the data as it's collected.

The federated search feature is useful for our cybersecurity team to complete their log analysis.

Splunk Cloud Platform offers seamless integration with other systems and applications. This is achieved through apps and add-ons developed by Splunk.

Splunk is a good reporting tool. It allows us to generate reports and attach them to emails in CSV or PDF format.

Splunk Cloud Platform has been instrumental in helping our cybersecurity team continuously monitor our data for anomalies and attacks. Its usefulness extends beyond security, though. Teams that ingest their logs into Splunk can monitor various services. If a service goes down, Splunk will trigger an alert. Splunk offers a robust monitoring suite, including dashboards, alerts, and reports. We can monitor system resources like memory and CPU consumption, application logs, Azure logs, and even Office 365 logs. For example, Splunk can reveal who sent emails, who participated in group email threads, and who added or removed members from Active Directory groups. This audit log capability allows us to investigate activity even months or years later. Splunk provides a wide range of use cases for our organization. We noticed these benefits as soon as Splunk started ingesting data.

Splunk has improved our decision-making process thanks to its clear dashboards that help us analyze information and make informed choices.

Splunk has been valuable as a compliance tool because it centralizes log ingestion. Any tool generating logs should be configured to send them to Splunk. This allows us to easily identify compliant applications – those whose logs are collected. Conversely, uncollected logs raise security concerns, as they represent a potential attack surface.

Splunk has significantly improved our organization's security posture. As a primary security tool, Splunk allows us to collect application logs, monitor activity for potential attacks, and conduct searches to identify suspicious behavior.

I like that Splunk Cloud Platform is managed by the vendor.

I like the Cloud monitoring console feature.

I like the support for all the apps and add-ons.

Splunk currently manages the components, which restricts our ability to access them directly. I would like to be granted read access to be able to review the components.

I have been using Splunk Cloud Platform for one and a half years.

The Splunk Cloud Platform is stable as long as we perform proper maintenance to prevent bugs.

This system is very scalable. That means it can be easily adapted to accommodate our needs. We can increase the number of licenses we use, or add more resources like CPU and memory. We can also request additional components, such as adding more user accounts if our team grows from four to eight members. Overall, the scalability of this system is a major advantage.

I would rate the scalability of Splunk Cloud Platform nine out of ten.

Splunk Cloud Platform offers excellent technical support that is both knowledgeable and responsive.

Positive

The initial setup is straightforward but it takes a month or two to complete because of the applications that need to be onboarded.

We first need to calculate the amount of data we need to ingest. Then, based on that amount, we can plan how much data we need to onboard and what components we'll need.

Two experienced people were involved in the deployment.

The implementation was completed in-house.

Splunk Cloud Platform is more expensive than some of its competitors, but it offers a wider range of features.

I would rate the Splunk Cloud Platform eight out of ten.

Splunk Cloud Platform is deployed in multiple locations.

Splunk Cloud Platform requires maintenance.

I recommend the Splunk Cloud Platform to others.

If you're using cloud services, Splunk Cloud Platform is a good option. It minimizes management overhead for you since Splunk handles the underlying infrastructure. Splunk Enterprise however requires more resources to manage.

We have a lot of third-party contractors that come in on our network and do the work. We use it to pretty much check what they are doing and make sure they are not doing anything that they are not supposed to be doing.

We do a lot of user interaction. We have users logging in, and we mainly look into failures and what is causing them to get locked out. We do a lot of that.

We also have Duo. We use Splunk Cloud Platform to keep an eye on who is using Duo, where they have failures, and why. We have quite a few people who are not supposed to be using Duo, and then they end up, for whatever reason, on the Duo side of the house. We use it to keep an eye on them so that we can help them get back to where they are supposed to be.

The improvement is in terms of helping those users who get locked out because we have that happen quite often. Daily, we have users getting locked out, and using Splunk makes it so much easier to help them. Rather than trying to go to the server and find those logs, we can just go to Splunk and then the dashboard for that particular user and find out exactly which machine is causing the lockout.

It helps us to easily find out which machine is causing the lockout. A lot of people know that customers can exaggerate. We can bring that back into perspective. They might say that they get locked out every day, whereas it might be once a week. We can see that. We do have a dashboard that tells us who is locked out right now. We do use that, and it helps us a lot because even before the user realizes it, we can go back and help. That helps us because they almost do not even know that it is happening. We can see it in real time, and we can fix it and unlock it. If it is something that is reoccurring, we can say, "You have been getting locked out multiple times in the same place for the last couple of hours. Go check this." We can also see why they were locked out. If somebody is putting in the wrong password, we can ignore that and unlock it. We, of course, are going to see where it is coming from. If we see some weird IP address or some weird computer that looks like it belongs to us, we will address that, but it helps us to help the user quickly. We are told what is happening as opposed to having to ask what is happening. We have definitely seen time to value. Instead of having to research, we are told it is there.

The Splunk Cloud Platform has reduced our mean time to resolve. It has easily saved 20 to 30 minutes every time someone gets locked out. We get 10 or 15 instances per day where people get locked out. It definitely saves a few hours per day.

Splunk Cloud Platform definitely frees us up to handle true problems and do true troubleshooting as opposed to handling lock-out issues. It is, of course, big for the user, but it is minute for us because it is answering a question that does not really matter to us. It matters to the user, but for us, we can just unlock their account, and we can figure out why at another time, whereas now, we can unlock their account and figure out why immediately. For example, if it was a machine that they logged into but they do not remember, or they have a cell phone that they logged into but they have not changed their password on, we can figure that out a lot quicker. That helps them quicker. It keeps us from having to go back to that user, and we can knock that out right then and there.

We have not gone into its ability to predict, identify, and solve problems in real time because we use it more after the fact. We do have an MSP, and they handle more of the security side. Their software does real-time monitoring, and they get alerts. We use the Splunk Cloud Platform to see what has already happened.

All the features are very equal for me. I do not use any one feature more than the other. They all are pretty equal to me.

It works as needed, and it does everything that we want to do. I have not come across anything that I would consider missing as such. If anything, sometimes we have dashboards that would not go into the dark mode. It is a minor issue, but it is the only thing that I wish was there. The dark mode would definitely help.

We have been using the Splunk Cloud Platform for about three years.

It has always worked when we needed it.

We are a very small shop. We only have 150 gigs a day, and we are not anywhere near that 150. However, from what I see, if there is an easy transition from 150 gigs to 300 terabytes, that is easy scalability.

We did not use any similar solution.

I was not involved in its deployment. It was already implemented.

Splunk Cloud Platform has been able to provide business resilience by empowering our staff, but currently, only two of us use it. One thing about coming to the Splunk conference is that we learn a lot. It is a lot more than what we probably can do. We also learned that for most people here, Splunk is a big part of their job. That is their main focus, whereas we have so many different things. We use Splunk; we do a little bit of networking. We do troubleshooting from swapping computers to the almost top level of moving cables.

I would rate the Splunk Cloud Platform a ten out of ten.