IT Central Station is now PeerSpot: Here's why

Splunk Cloud OverviewUNIXBusinessApplication

Splunk Cloud is #11 ranked solution in Log Management Software. PeerSpot users give Splunk Cloud an average rating of 7.8 out of 10. Splunk Cloud is most commonly compared to Wazuh: Splunk Cloud vs Wazuh. Splunk Cloud is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
Splunk Cloud Buyer's Guide

Download the Splunk Cloud Buyer's Guide including reviews and more. Updated: July 2022

What is Splunk Cloud?

Splunk Cloud is the industry’s only enterprise-ready cloud service for machine data, offering a 100% uptime SLA and standard plans from 5GB/day to 5TB/day. Watch this video to find out how you can accelerate time-to-value and stay focused on your core business using Splunk Cloud.

Splunk Cloud Customers
Mindtouch
Splunk Cloud Video

Splunk Cloud Pricing Advice

What users are saying about Splunk Cloud pricing:
  • "The pricing model makes this an expensive solution."
  • "There are additional features that you would need to purchase depending on your use case."
  • Splunk Cloud Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    AlexandruAdamovici - PeerSpot reviewer
    Operations Manager at Langdon systems
    Real User
    Top 20
    Easy to set up with good monitoring and security functionality
    Pros and Cons
    • "It is very scalable."
    • "I'd like to see more integration with more antivirus systems."

    What is our primary use case?

    We primarily use the solution for monitoring, intrusion detection, and prevention. It is mostly a lot of security and network and server monitoring.

    How has it helped my organization?

    It automated the way we look at intrusion detection and prevention. It automatically picks up intrusion attempts within our environment.

    What is most valuable?

    The monitoring and the security functionality are the most valuable aspects of the solution.

    It is easy to set up.

    It is very scalable. 

    You can basically make it do whatever you want, from log management and monitoring security, intrusion detection, prevention, and linking to your antivirus to report to it. Having kind of a single point where everything feeds in and create dashboards however you like is useful and works with how many ever systems you want in that dashboard.

    What needs improvement?

    I've not come across any areas that need improvement.

    I'd like to see more integration with more antivirus systems.

    Buyer's Guide
    Splunk Cloud
    July 2022
    Learn what your peers think about Splunk Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    620,068 professionals have used our research since 2012.

    For how long have I used the solution?

    We've used the solution for roughly, one year and a half years.

    What do I think about the scalability of the solution?

    The solution is highly scalable.

    We have four people that use the solution and they were split between infrastructure and security.

    We don't have a plan to increase usage as we're almost at capacity with our servers, for our purposes. I don't think we're going to scale it as we're using everything we can from anything we need. However, it's intensely used for security purposes.

    How are customer service and support?

    Technical support is perfect.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup was straightforward. It was done by Splunk entirely. After that, the configuration took a bit of time, however, we bought professional service days from them to help us build the configuration.

    The full deployment took about five months due to the fact that we have quite a lot of servers.

    I'd rate the experience a five out of five in terms of ease of execution. 

    The amount of people you require for deployment and maintenance depends on the complexity of the environment. It can be run and managed by a single person if the environment is not highly complex. If you're talking about probably less than 200 servers, and a couple of network endpoints, one person can manage it easily after it's been configured. Otherwise, I wouldn't be able to say. In more complex environments where you've got several geographical locations, several data centers in geographical locations, and so on, you'd probably need more than one.

    What about the implementation team?

    Splunk handled the implementation. It was a joint effort between them bringing the knowledge and us doing the actual work.

    What was our ROI?

    It's a great investment, especially if you want to strengthen your security stance.

    What's my experience with pricing, setup cost, and licensing?

    It's yearly a yearly license on a three-year contract. On a three-year contract, you get a discount basically - rather than putting it on a rolling yearly contract.

    On pricing, if I base it on the functionality of the system out of the box, I would rate it five out of five.

    They have several prepackaged modules you can purchase. For example, for the security type, they have Security Enterprise, with the default products getting security essentials. With Infrastructure, the same. We've got an ITOps enterprise, which again, is payable on top of the standard license. 

    It's pretty much how much you can actually build in-house. The difference between AT&T, LogRhythm, and Splunk, while AT&T and LogRhythm are pretty out of the box (it's click and configure), Splunk is highly configurable. 

    You can make it do whatever you want to, as long as you know how to edit the configuration files. What ITOps and Security Enterprise do, instead of you having to build all that from the ground up, so the dashboards, the logic behind it, the configuration files, and so on, become prepackaged and pre-installed.

    Which other solutions did I evaluate?

    We did test AT&T and LogRhythm as well. We chose this solution as a balance between cost and functionality.

    AT&T was a great security tool, however, it lacked a lot of the infrastructure things that Splunk does, in terms of server monitoring and network monitoring. LogRhythm did have a dose, however, at a very prohibitive price. It was almost twice the cost of Splunk.

    What other advice do I have?

    We've got a version of Splunk Cloud. I'm not sure of which version.

    I'd advise users to get more professional service days. You get five professional service days with the product, when you buy the license, usually. Definitely get at least ten more.

    You need to have some strategy before. You definitely need a strategy. Before you do your PS days, definitely have a look at your strategy and make sure you've arranged your questions rather diligently. Based on how you think you're going to use the system, where you are where you want to be, just box them into separate parts - security, infrastructure, and monitoring. It's going to make life a lot easier when you talk to consultants as the consultants are very, very knowledgeable. However, you need to ask the right questions.

    I'd rate the solution ten out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Sr BigData Infrastructure Architect at a hospitality company with 10,001+ employees
    Real User
    Top 10
    Add oversight to your business with complete log reporting although it may strain your budget
    Pros and Cons
    • "This is a complete log reporting tool."
    • "The log search capabilities are very good."
    • "The pricing model makes the product costly."
    • "The dashboards should be easier to customize."

    What is our primary use case?

    Splunk is an event log manager. We have reservation and event logging dashboards integrated from the data dock to Splunk and we have all the specific dashboards that we work with in Splunk for log management.  

    How has it helped my organization?

    We became pretty complete with our reporting using Splunk for all the log and event capabilities. I would rate this product as somewhere around seven or eight-out-of-ten for the logging capabilities and how that has added to the oversight of our business.  

    What is most valuable?

    The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.  

    What needs improvement?

    The pricing models should be improved and optimized. Right now, the pricing is a bit too expensive.  

    One other thing you need is more ability to customize the dashboard to the way you want to have it. If you had a template that you could create and label inside of Splunk that would be good.  

    One good thing that could be added to the AWS side of the solution is that you should have an OPS (Operation Alert) alert built into the dashboard that comes with Splunk. That would be very useful. For example, if you have a pre-defined template creator to fill in the information to forms that are loaded. That would be really beneficial.  

    For how long have I used the solution?

    I have been using Splunk Cloud for more than four years now, in total.  

    What do I think about the stability of the solution?

    We have not experienced or even heard much about bugs or other problems people are having with Splunk. It seems pretty stable.  

    What do I think about the scalability of the solution?

    Scalability is good, but the cost factor in scaling is really high. That is the reason why we are interested in working with products and solutions that will help us optimize our costs and may be looking into other solutions.  

    We probably have something around a hundred users who work with Splunk. Mainly they are architects, enterprise architects, and data-link architects. We also have business analyst systems. We have not had a problem in changing or growing these roles.  

    How are customer service and technical support?

    I have not had direct experience with the Splunk technical support because I leave it to the other teams in our organization because I am not really in a position to use Splunk support.  

    Which solution did I use previously and why did I switch?

    I have only been working with Splunk for these past three years. I am not too much of an expert. I left my role as an officer in an organization in 2014, so from 2014 to 2017 I was not in touch with the advancements of products in the industry. But I was using other solutions prior to Splunk.  

    How was the initial setup?

    The setup and installation of the product are straightforward.  

    What's my experience with pricing, setup cost, and licensing?

    The pricing model makes this an expensive solution.  

    What other advice do I have?

    Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product.  

    Interface-wise, I think the product is good.  

    Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective.  

    Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them.  

    Whatever the use cases we had for Splunk, we were able to make it work.  

    Cost optimization is the only thing that needs to be reconsidered.  

    On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.  

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Splunk Cloud
    July 2022
    Learn what your peers think about Splunk Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    620,068 professionals have used our research since 2012.
    SuchismitaPriyadarsini - PeerSpot reviewer
    CHRO at a computer software company with 5,001-10,000 employees
    MSP
    Top 20
    Can be easily scaled and integrated with other solutions, but underscores in comparison with QRadar
    Pros and Cons
    • "The solution is stable and reliable."
    • "The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."

    What is our primary use case?

    As there is no SIEM solution here at present, we are building it up through the assistance of a vendor. In the past I worked in the Splunk Cloud, which was seven-point something. With QRadar I worked on version 7.3. 

    We use Splunk Cloud as a SIEM solution and to monitor traffic and the network for detection purposes. We can create use cases so that if the solution picks up on anything entering our organization, the malicious IP can be blocked. 

    In respect of ones which are suspicious, based on the logs we pull from the data source, we can build the use cases accordingly and have our analysts work on these. 

    What needs improvement?

    In the several years I have worked with the solution, I have felt there to be a need for practice of queries and understanding. As with other areas needing practice, the more one learns and practices, the easier things become. 

    While this is not terribly difficult, it is so when compared with QRadar. This holds true when we don't know the queries at all. Other than this, it is a great tool. 

    The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson. The product should have add-ons. 

    What do I think about the stability of the solution?

    The solution is stable and reliable. 

    What do I think about the scalability of the solution?

    The solution is easy to scale, to add on and to integrate with other solutions. I am familiar with app integrations. Many solutions can be integrated with Splunk Cloud, such as CrowdStrike or Symantec. 

    How are customer service and technical support?

    The solution's response time is not that fast. The experience of some of my peers is that the vendors have actively offered help. By contrast, when I tried Splunk Cloud's technical support I did not receive a response. 

    How was the initial setup?

    We have not yet undertaken deployment. For the moment, we are on the EPS and discussing the proposed structure with the vendors. Our team is conducting talks with the vendors of QRadar. 

    We are exploring multiple avenues in search of a one-SIEM solution. 

    What's my experience with pricing, setup cost, and licensing?

    I am not in a position to comment on the pricing. 

    Which other solutions did I evaluate?

    By comparison, I feel QRadar to be better than Splunk Cloud, since it comes with Watson. 

    Another advantage is that QRadar works like a threat intelligence tool. It, also, does not require queries, which Splunk Cloud does. It is important that we have an understanding of the queries for the purpose of pulling the logs which we seek. I feel QRadar to be better than Splunk Cloud, as it does not require us to work on the queries. 

    I have worked on Splunk Cloud in the past, as well as on QRadar. As there is no SIEM solution in my current organization, we have plans to build it up. This is an ongoing process. I have suggested QRadar to my team and others are considering Sentinel. 

    What other advice do I have?

    The solution is deployed on-cloud. 

    I would recommend the solution to others since there are a couple of companies with many clients that are looking for Splunk Cloud, with which they are familiar. We must consider client demands when it comes to attracting projects. 

    Even in India, most of the companies employ Splunk Cloud as the most prevalently used SIEM solution. Then comes QRadar, which is easier. So too, Splunk is less cost-effective than QRadar, although it is more in demand. There are a couple of companies with call centers that request Splunk Cloud. 

    I rate Splunk Cloud as a seven out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    ShilpeeSinha - PeerSpot reviewer
    Senior Security Engineer at Citrix
    Real User
    Great security and reporting functionality with good integration capabilities
    Pros and Cons
    • "I really like the user interface and how it works."
    • "Writing queries is a bit complicated sometimes."

    What is most valuable?

    Enterprise security is the solution’s most valuable feature.

    Its reporting functionality is excellent.

    I really like the user interface and how it works.

    It’s scalable.

    The solution is stable.

    You can integrate any other tool or any other solution, including existing solutions, with Splunk. They have a good setup.

    The log analysis is something that is good. In general, data analysis is something you can do in Splunk in various ways. You can leverage it as per your requirements or as per your investigations. You can write your own queries and complicated queries, and you can have your own alerts. You can correlate events. It’s very flexible.

    What needs improvement?

    It is one of the best tools that I'm using. I don't have any feedback as such right now regarding improvements. I'm not also an expert, so maybe I'm missing something.

    Writing queries is a bit complicated sometimes. If they could provide some building queries, that would be great.

    For how long have I used the solution?

    It's been a while. For maybe four years, I've used Splunk, however, I'm not an expert on it.

    What do I think about the stability of the solution?

    It's a stable solution. We are not going to get rid of it anytime soon. It’s reliable. There are no bugs or glitches and it doesn’t crash or freeze. The performance is good.

    What do I think about the scalability of the solution?

    The solution scales very well.

    How are customer service and support?

    I wasn't part of the engineering side, so I never got a chance to contact the support team directly.

    Which solution did I use previously and why did I switch?

    We have a SIEM solution, however, now the company is also trying to move to an Excel solution since the automation is better on their side. We aren't going to get rid of it or did not have any other SIEM solution in their mind when they were acquiring it. However, if any XOR solution works perfectly for us, the company might consider moving out of Splunk.

    How was the initial setup?

    A different organization would have a different setup of Splunk. If you ask me, mostly, it is a simple setup. However, here in my current organization, it is mostly on the cloud, and a lot of things are integrated in a bit of a complex manner. I also understand that this changes from organization to organization in terms of how they will leverage it.

    What was our ROI?

    I’ve never looked into ROI and have not been a part of conversations concerning ROI.

    What's my experience with pricing, setup cost, and licensing?

    I don’t have any idea what the cost of the solution is. I don’t handle the licensing.

    What other advice do I have?

    A company that wants to leverage Splunk should understand its environment first - including the organization, the network infrastructure, and the overall infrastructure. Then, based on requirements, they should go ahead with any SIEM solution. Splunk is kind of an expensive tool to have. Therefore, the company should be clear about what requirements they have, what they need, and whether they want to use Splunk. It is very crucial to understand your requirements and your network or your environment first before going ahead.

    I’d rate the solution eight out of ten.

    Overall, it's a good tool. It's a very intelligent tool. It definitely depends on how you are going to use it. However, I love the product. I love Splunk. I want to learn more about it as much as I can.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Mohammed Ibrahim Khan - PeerSpot reviewer
    Dev/DevOps(Build/Deployment/TE Support) & Governance(Audit, Intake and Currency) at a financial services firm with 10,001+ employees
    Real User
    Centralized security, useful data usage, but lacking templates
    Pros and Cons
    • "Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving"
    • "Splunk Cloud could improve by having pre-defined templates. It has very good design views, but there is no predefined template. You have to define your own. If they could add predefined templates for different use cases."

    What is our primary use case?

    We are using Splunk Cloud as a log aggregator. All our application logs come to one place, and we do the aggregation, troubleshooting, and investigation. It has many different kinds of production troubleshooting.

    How has it helped my organization?

    We went from a manually reviewing logs to an automated time-series base with Splunk Cloud. It has helped our organization a lot.

    What is most valuable?

    Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving

    What needs improvement?

    Splunk Cloud could improve by having pre-defined templates. It has very good design views, but there is no predefined template. You have to define your own. If they could add predefined templates for different use cases.

    For how long have I used the solution?

    I have been using Splunk Cloud for approximately three years.

    What do I think about the stability of the solution?

    Splunk Cloud is highly stable. However, we had minor issues but we were about to fix them. We needed more capacity. The search capacity had to be increased as we looked at it because our logs move a minute of latency, it is almost in real-time

    What do I think about the scalability of the solution?

    Splunk Cloud is scalable. If we want to expand we only need to add new hardware. it is much easier having the solution be cloud.

    We use the solution every day. All the production support analysts are using the solution. There are approximately 50 people using it in my area.

    How are customer service and support?

    I have not needed to use the support.

    Which solution did I use previously and why did I switch?

    We have not used another solution previously.

    How was the initial setup?

    The initial setup of Splunk Cloud was complex because we have a lot of logs. We had a lot of architectural setup discussions but we were able to do it. The level of difficulty for the implementation is in the medium range. It took us approximately 25 minutes.

    It's an agent-based system, and you only have to enable it. There is an access control setup to control what to send, and what not to send. The deployment was quick. The adaptation or the implementation takes time  because you've got to go through all the infrastructure setup

    I rate the initial setup of Splunk Cloud a four out of five.

    What about the implementation team?

    We did the implementation of Splunk Cloud in-house and using two contractors. After the solution is implemented we do not need someone to manage it very often.

    What's my experience with pricing, setup cost, and licensing?

    There are additional features that you would need to purchase depending on your use case.

    What other advice do I have?

    I rate Splunk Cloud a seven out of ten.

    Which deployment model are you using for this solution?

    Private Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Tech Analyst at a tech vendor with 11-50 employees
    Real User
    Top 10
    It's a good solution that can index a large amount of data in a short time.
    Pros and Cons
    • "The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds."
    • "The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult."

    What is most valuable?

    The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds.

    What needs improvement?

    The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult. 

    For how long have I used the solution?

    I've been using Splunk Cloud for about four years. 

    What do I think about the stability of the solution?

    Splunk Cloud is reliable. 

    What do I think about the scalability of the solution?

    Splunk Cloud's scalability is pretty good. 

    How are customer service and support?

    Splunk support isn't so great. It takes a lot of time for them to respond. 

    How was the initial setup?

    The initial setup is straightforward. 

    What about the implementation team?

    We deployed Splunk in-house.

    What's my experience with pricing, setup cost, and licensing?

    The license costs around 100,000-150,000 rupees. Splunk Cloud is the basic version. It costs extra if you need Splunk interface or Splunk ICSA. Those are premium additions. There are additional costs if you want to use the other premium aspects of Splunk.

    What other advice do I have?

    I rate Splunk Cloud eight out of 10. It's a good solution that can index data in a short time. That's one advantage of Splunk over other solutions. However, the support isn't good, and you can't customize the Splunk interface. 

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Founder at a marketing services firm with 11-50 employees
    Real User
    Top 5
    User friendly and very extensive compared to similar tools

    What is our primary use case?

    My primary use case was trying to build a centralized log database and making some logs on my servers. I also use it to install tools in Splunk Forwarder. I'm a company founder.

    What is most valuable?

    Splunk is a very user-friendly tool and it's very extensive compared to other tools.

    What needs improvement?

    From my perspective, customization needs to be simplified and I'd like to see a reduction in the cost of the solution.

    For how long have I used the solution?


    What do I think about the stability of the solution?

    It's stable, but if you try to customize it, it will take some time because there's a specific language behind Splunk. Thankfully they have a good community which is a big help.

    What do I think about the scalability of the solution?

    The solution is scalable.

    How was the initial setup?

    The initial setup is very straightforward. 

    What's my experience with pricing, setup cost, and licensing?


    Licensing costs are paid annually and are quite expensive.

    What other advice do I have?

    I recommend this solution for any company that has the money to buy it and rate it eight out of 10. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Splunk Cloud Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Product Categories
    Log Management
    Buyer's Guide
    Download our free Splunk Cloud Report and get advice and tips from experienced pros sharing their opinions.