Splunk Cloud Platform Reviews

We have a lot of third-party contractors that come in on our network and do the work. We use it to pretty much check what they are doing and make sure they are not doing anything that they are not supposed to be doing.

We do a lot of user interaction. We have users logging in, and we mainly look into failures and what is causing them to get locked out. We do a lot of that.

We also have Duo. We use Splunk Cloud Platform to keep an eye on who is using Duo, where they have failures, and why. We have quite a few people who are not supposed to be using Duo, and then they end up, for whatever reason, on the Duo side of the house. We use it to keep an eye on them so that we can help them get back to where they are supposed to be.

The improvement is in terms of helping those users who get locked out because we have that happen quite often. Daily, we have users getting locked out, and using Splunk makes it so much easier to help them. Rather than trying to go to the server and find those logs, we can just go to Splunk and then the dashboard for that particular user and find out exactly which machine is causing the lockout.

It helps us to easily find out which machine is causing the lockout. A lot of people know that customers can exaggerate. We can bring that back into perspective. They might say that they get locked out every day, whereas it might be once a week. We can see that. We do have a dashboard that tells us who is locked out right now. We do use that, and it helps us a lot because even before the user realizes it, we can go back and help. That helps us because they almost do not even know that it is happening. We can see it in real time, and we can fix it and unlock it. If it is something that is reoccurring, we can say, "You have been getting locked out multiple times in the same place for the last couple of hours. Go check this." We can also see why they were locked out. If somebody is putting in the wrong password, we can ignore that and unlock it. We, of course, are going to see where it is coming from. If we see some weird IP address or some weird computer that looks like it belongs to us, we will address that, but it helps us to help the user quickly. We are told what is happening as opposed to having to ask what is happening. We have definitely seen time to value. Instead of having to research, we are told it is there.

The Splunk Cloud Platform has reduced our mean time to resolve. It has easily saved 20 to 30 minutes every time someone gets locked out. We get 10 or 15 instances per day where people get locked out. It definitely saves a few hours per day.

Splunk Cloud Platform definitely frees us up to handle true problems and do true troubleshooting as opposed to handling lock-out issues. It is, of course, big for the user, but it is minute for us because it is answering a question that does not really matter to us. It matters to the user, but for us, we can just unlock their account, and we can figure out why at another time, whereas now, we can unlock their account and figure out why immediately. For example, if it was a machine that they logged into but they do not remember, or they have a cell phone that they logged into but they have not changed their password on, we can figure that out a lot quicker. That helps them quicker. It keeps us from having to go back to that user, and we can knock that out right then and there.

We have not gone into its ability to predict, identify, and solve problems in real time because we use it more after the fact. We do have an MSP, and they handle more of the security side. Their software does real-time monitoring, and they get alerts. We use the Splunk Cloud Platform to see what has already happened.

All the features are very equal for me. I do not use any one feature more than the other. They all are pretty equal to me.

It works as needed, and it does everything that we want to do. I have not come across anything that I would consider missing as such. If anything, sometimes we have dashboards that would not go into the dark mode. It is a minor issue, but it is the only thing that I wish was there. The dark mode would definitely help.

We have been using the Splunk Cloud Platform for about three years.

It has always worked when we needed it.

We are a very small shop. We only have 150 gigs a day, and we are not anywhere near that 150. However, from what I see, if there is an easy transition from 150 gigs to 300 terabytes, that is easy scalability.

We did not use any similar solution.

I was not involved in its deployment. It was already implemented.

Splunk Cloud Platform has been able to provide business resilience by empowering our staff, but currently, only two of us use it. One thing about coming to the Splunk conference is that we learn a lot. It is a lot more than what we probably can do. We also learned that for most people here, Splunk is a big part of their job. That is their main focus, whereas we have so many different things. We use Splunk; we do a little bit of networking. We do troubleshooting from swapping computers to the almost top level of moving cables.

I would rate the Splunk Cloud Platform a ten out of ten.

Splunk is an event log manager. We have reservation and event logging dashboards integrated from the data dock to Splunk and we have all the specific dashboards that we work with in Splunk for log management.  

We became pretty complete with our reporting using Splunk for all the log and event capabilities. I would rate this product as somewhere around seven or eight-out-of-ten for the logging capabilities and how that has added to the oversight of our business.  

The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.  

The pricing models should be improved and optimized. Right now, the pricing is a bit too expensive.  

One other thing you need is more ability to customize the dashboard to the way you want to have it. If you had a template that you could create and label inside of Splunk that would be good.  

One good thing that could be added to the AWS side of the solution is that you should have an OPS (Operation Alert) alert built into the dashboard that comes with Splunk. That would be very useful. For example, if you have a pre-defined template creator to fill in the information to forms that are loaded. That would be really beneficial.  

I have been using Splunk Cloud for more than four years now, in total.  

We have not experienced or even heard much about bugs or other problems people are having with Splunk. It seems pretty stable.  

Scalability is good, but the cost factor in scaling is really high. That is the reason why we are interested in working with products and solutions that will help us optimize our costs and may be looking into other solutions.  

We probably have something around a hundred users who work with Splunk. Mainly they are architects, enterprise architects, and data-link architects. We also have business analyst systems. We have not had a problem in changing or growing these roles.  

I have not had direct experience with the Splunk technical support because I leave it to the other teams in our organization because I am not really in a position to use Splunk support.  

I have only been working with Splunk for these past three years. I am not too much of an expert. I left my role as an officer in an organization in 2014, so from 2014 to 2017 I was not in touch with the advancements of products in the industry. But I was using other solutions prior to Splunk.  

The setup and installation of the product are straightforward.  

The pricing model makes this an expensive solution.  

Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product.  

Interface-wise, I think the product is good.  

Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective.  

Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them.  

Whatever the use cases we had for Splunk, we were able to make it work.  

Cost optimization is the only thing that needs to be reconsidered.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.  

I was working as a DevOps engineer in India. I was working for the payments domain of a client. We were mostly using Splunk for monitoring the production, deployment of API, and traffic. 

We had two cloud platforms. When I joined the team, we were deploying all our APIs in Pivotal Cloud Foundry (PCF). We then migrated to AWS Kubernetes. We were able to monitor both platforms in Splunk. When we migrated to Kubernetes, Splunk helped us. When we were having the transaction loss, we were able to find out which node was throwing the error. We were able to fetch the details according to the nodes in Splunk. We were using different keywords on these platforms for fetching the data. 

We could create our own query, and we could create our own alerts for a particular API. We could also configure these alert notifications to be mailed to particular managers and owners. We could just go through the alert to check if the API was running well or needed to be fixed.

As compared to other tools, it is very easy. It is very easy to learn. It also integrates well. 

The reporting features are very good. The dashboards are very nice. We could create our own dashboards to monitor any volume dips or transaction loss. 

The search for bulk data needs to be improved. When we were looking for the flow, we had to search really hard. I wanted to request the Splunk team to add some features for better search because getting the flow of the bulk data was sometimes hard.

I have worked with this solution for almost three years.

It is stable, but we did experience two or three downtimes.

We had three or four monitoring tools other than Splunk. We had AppDynamics, Grafana, and others, but we were mostly concentrating on Splunk because we were able to fetch all the details from a particular transaction using Splunk. We were able to create our own dashboard so that we get alerts regarding errors or transaction loss for the customer. The most useful thing was that when we were fetching details from a payment ID or a grid, we were able to track the complete workflow for that API. We were also able to fetch the details about whether the issue was in our team or the external team. We were able to track that very accurately using Splunk.

It is not that complex. We just need the knowledge. We just need to know how to query the alert and set up dashboards. As compared to AppDynamics and Grafana, it is a lot easier.

Our dev team could set up a dashboard and deploy everything in two weeks.

It is not that expensive.

If the company is working on API-based deployment and API-based developments, then I would recommend Splunk. It is useful for tracking the flow and fetching the data.

Overall, I would rate it a seven out of ten.

The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds.

The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult. 

I've been using Splunk Cloud for about four years. 

Splunk Cloud is reliable. 

Splunk Cloud's scalability is pretty good. 

Splunk support isn't so great. It takes a lot of time for them to respond. 

The initial setup is straightforward. 

We deployed Splunk in-house.

The license costs around 100,000-150,000 rupees. Splunk Cloud is the basic version. It costs extra if you need Splunk interface or Splunk ICSA. Those are premium additions. There are additional costs if you want to use the other premium aspects of Splunk.

I rate Splunk Cloud eight out of 10. It's a good solution that can index data in a short time. That's one advantage of Splunk over other solutions. However, the support isn't good, and you can't customize the Splunk interface. 

Splunk Cloud helps us to combine all our environments. For example, multiple business units can be combined into one even if they are in different geographic locations. 

It helps us with hosting from different geographical locations. 

The speed of the cloud environment is great. 

We only buy the services we need. We don't have to pay for other things we don't. It makes the pricing very economical. 

We use the solution's federated search feature. It's easy for us to use. It helps us search logs, analyze, and manage data.

We are able to monitor multiple cloud environments using our Splunk Cloud dashboards. It makes the process very simple. We just have to maintain different teams for different environments.

The solution is great within hybrid environments. It gives us good visibility across everything. 

It works well for sizable environments. 

The product integrates well with other systems and applications in our environment. We haven't had any issues with integration at all. However, if we ran into issues, we could call Splunk support. Having an issue would be a very rare event. 

Reporting is very good. It's the same for all Splunk solutions. Having multi-cloud instances in one place is great.

We have multiple business units and easily integrate them into the cloud, as well as different infrastructures from different areas. We can deploy a Splunk agent on any cloud - AWS, Google, etc.

The company can access data easily for compliance and privacy regulations. The privacy aspect has been very good.

Having resilience has been very helpful in our organization. 

Training should be free of cost. They need to provide more training options. 

There are no missing features at this time. 

I've been using the solution for two and a half years. 

The solution is stable.

We have 30 people using the solution in our organization. The product is scalable.

Technical support has been good. 

Positive

We did also use LogRhythm. It has a very good UI in comparison to Splunk, yet it doesn't have as many capabilities and does have a few more restrictions. That said, it's a good product for creating use cases and automation, which is easier than Splunk. We moved to Splunk as LogRhythm did have some restrictions. 

I have previously done deployments of Splunk. The setup is pretty straightforward. 

Were a system integrator of Splunk. We help clients set up the solution. 

We've had six or seven people setting up the solution. 

The maintenance is pretty manageable. I'd rate maintenance needs seven out of ten. 

I'm not sure if we have noted any ROI while using Splunk.

The pricing is reasonable. They provide good options for licensing. 

I did not evaluate any other options. 

We are integrators and also users of Splunk. 

We have multiple solutions we use for security, of which Splunk is one of them. So far, it's been very good from a security perspective, although we don't solely rely on it.

I'd recommend users work with Splunk in the cloud environment. I'd recommend the product in general to others. 

I would rate the solution nine out of ten. 

We use it for Log Management and also for another bit of management. It feeds data into Splunk and Splunk writes the rules and based on that, it will pick up incidents. 

It is good from a cost perspective, in terms of the cost of the data you're looking at. There is no cost barrier. 

For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective.

The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market. 

I did evaluate other products and installations. I can't compare it to Splunk. 

I have been using Splunk Cloud for a year. 

There are two people who are part of admin that use Splunk in my company. 

We have a policy where we have to keep the domain controllers on lock with sensitive servers for about 90 days. We look at the controls around once a week to check if they need to be attended to. 

We initially contacted their support during the implementation. It was not for a very complex issue. It was more for a consultation. 

Their support is good. 

I was new to Splunk and had a problem with understanding the forwarders and worker safety management.

My team was able to install it themselves. 

In terms of how long it took to deploy, between coding, testing, and other things, it took about four weeks to complete the project to complete the initial installation. Altogether it was four to five weeks. They should improve the customization. 

Splunk is a leader in its marker. 

Splunk offers more features than its competitors. Other solutions are not on the same level to be able to compare them. 

I would rate Splunk a nine out of ten. 

The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.

We are a Splunk reseller and Splunk Cloud is one of the main products that we work with.

Our customers implement this product for log management, application management, application testing, and process management. They also have it for customer service use cases.

The most valuable feature of Splunk Cloud is the quick setup.

The only thing that is missing compared with Splunk Enterprise is the ability to manually edit all config files. This task is easily handled with support tickets but sometimes is would be nice to experiment directly.

I have been selling Splunk products for ten years.

We have not heard any complaints about stability. 

Scalability with Splunk is the best because it scales to anything. Their promise to users is scalability and availability. Our customers range in size from very small companies to large ones.

Over the past ten years that we have been selling Splunk products, they have been in constant contact for support. I would say that it is invaluable. They have great response time and great skills, and I couldn't compare it with any other software company.

Installing Splunk Cloud, itself, is nothing. The length of time for the total deployment depends on how many log sources that you have. It can be completed in a matter of hours.

Being a cloud-based product, Splunk does all of the maintenance. We don't have to do anything to maintain it.

The licensing costs depend on the data ingest volume. If you weigh the costs and the benefits, the benefits are great and it is money well spent. 

I feel that Splunk Cloud is good as it is. It is the best tool on the market.

My advice to anybody who is considering this solution is to start now and don't wait. Every day that you wait, you can be wasting time and money.

I would rate this solution a nine out of ten.

We have a public URL that allows anyone to authenticate for ADFS. This allows them to connect using Active Directory. 

The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.

This is a feature-rich product.

Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for. For example, when something goes wrong, I can spend hours trying to figure out the problem and have nothing to refer to. I find that it confuses me somewhat, so it is something that can be improved.

I feel that technical support can be improved because it is always done through the use of a support ticket, which is not very convenient.

Setting up and configuring integrations are not easy to do. 

We implement this solution within the past year.

Splunk Cloud is quite stable. I do not remember having any issues with bugs or glitches.

I would expect that the scalability is quite good, albeit expensive.

Technical support is okay, although they are not as quick to respond as I believe they should be. I feel that some of the support processes are not very convenient.

The initial setup is straightforward, although we still revisit it. We started several months ago and are still trying to set it up in a more structured way. Really, we are still in the deployment stage in some regards because we are struggling with exactly how it should be set up.

We had some assistance from a consultant after the initial setup was completed. It worked well for simple uses, but now, we have some help in trying to configure it to meet our needs.

The price is something that people complain about.

My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features.

I would rate this solution a seven out of ten.