Splunk Cloud Platform Valuable Features
JA
Job Asiimwe
Sr Manager at Continued
The most valuable feature of Splunk Cloud Platform is its robustness and ability to ingest logs.
Just the fact that it is cloud-based is valuable. We are still on the classic one. I am waiting for the VE to come to the GCP. That is where our stack is. It is in GCP. They say it is coming somewhat soon. We will see when that is.
There is the flexibility of not having to manage all the indexes and searches myself. I was doing that with on-prem before. That was quite a bit of work. When you have an issue with an upgrade, you have to upgrade all of that. They are handling that on the backend now. I still have to do my heavy forwarders and my deployment servers, but it is a much lighter load for me on my end as an admin.
View full review »The Cloud Platform interface is cleaner than Splunk Enterprise's monitoring console. You can easily understand what's happening with your indexes. It's more refined than Splunk Enterprise's console, but they have the same feel and function.
It's easy to monitor multiple cloud environments because you can create custom dashboards for any use case you may have. It offers good visibility because it integrates with the ITSI app, providing a clear overview of your environment.
Integrating Splunk with other components on the cloud and network resources is effortless because it can collect data from various sources, including stored data from long-term storage.
Splunk's reporting offers a good visualization of your data. You can visualize the statistics based on your searches. It produces some helpful graphs that enable you to easily compare what's happening in your search. It's very comprehensive.
View full review »Buyer's Guide
Splunk Cloud Platform
June 2025

Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,803 professionals have used our research since 2012.
What I appreciate about Splunk Cloud Platform is that it's an AI-driven SIEM platform, and for data fusion stock, we require Splunk Cloud Platform because none other than Splunk Cloud Platform can have this data-driven stock implemented; it allows you to get into the data repository.
The real-time search capability of this product enhances operational decision-making, and it's very convincing; this aspect is very convincing from Splunk Cloud Platform's side.
View full review »The most valuable feature is the SPL because without it we wouldn't be able to correlate and build our use cases and manage what we have for our data inside Splunk.
View full review »The most valuable feature of Splunk Cloud Platform is the ability to correlate events together and combine the data into one event.
The benefits we saw from using Splunk Cloud Platform are the time to detect and the ability to investigate faster.
Our organization monitors multiple cloud environments. Splunk Cloud Platform's direct cloud connection capabilities make data transfer easy.
Splunk Cloud Platform's end-to-end visibility into your cloud-native environment is key for security posture.
Splunk Cloud Platform has helped reduce our mean time to resolve by a significant portion.
Splunk Cloud Platform has helped improve our organization’s business resilience.
We have seen time to value using Splunk Cloud Platform. We immediately saw time to value after implementing the solution.
The consolidation of tools gives one place to look for logs and events. I wish there were more ways to consolidate the consoles.
Splunk Cloud Platform is easy to use, and users can quickly understand and do pretty much anything that their minds can create.
Before we started using Splunk Cloud, we were using Splunk Enterprise. My partner and I were spending quite a bit of our time keeping the servers patched, up to date, and running the way that we wanted them to. Now that's all gone with Splunk Cloud. That has freed up a lot of our time so that I can spend most of our time helping people, learning SPL, and helping them with their dashboards, alerts, and reports. Splunk Cloud has helped us to be able to focus on getting more information out of our data. Whereas before, we were doing mostly administrative stuff. Now we don't have to do that anymore.
View full review »We use Splunk Cloud primarily as a troubleshooting tool, so the most valuable features are the analysis and visualization.
View full review »Regarding the solution's most valuable features, I think that since many of our company's applications are Splunk-based, they can integrate with other tools within our tech stack, which allows us to expand our use cases.
In our organization, Splunk Cloud Platform provides end-to-end visibility into our cloud-native environment, and it is a very important area where we need visibility within our environment. It is one of the main tools I use for end-to-end visibility.
Splunk Cloud Platform has helped reduce the mean time to resolve. It helps find issues, which can lead to a better mean time to resolve overall. Depending on the detection type, it reduces the mean time to resolve by anywhere from 20 to 50 percent.
My company saw time to value using Splunk Cloud Platform pretty quickly, and we continue to see the value, specifically when we add in new sources and tune-up. In general, it has been pretty quick.
Splunk's unified platform helps consolidate networking, security, and IT observability tools since it gives our company a single platform where we can collect logs from all different sources.
View full review »Alerts are a huge benefit because we can customize them to each business unit's needs. Splunk automates the process and sends email notifications directly, which saves me time.
Dashboarding has been very powerful. I work with a lot of different customers, so being able to tailor the data for different customers has been valuable. I am able to make visuals and have reports where they can self-serve.
View full review »TW
Tim Whitlock
Senior analyst in investigations at GlaxoSmithKline
The solution's most valuable features are search, reporting, and dashboards.
Splunk Cloud Platform is useful in our organization's monitoring of multiple cloud environments involving cloud services like AWS. I cannot speak about the ease or difficulty of using the tool to monitor multiple cloud environments since I am not on the administration side.
Considering the product's ease of use, the tool offers me the ability to search all the data and get it in a format before giving it to an investigator so that they can get it in a format they can understand.
I mainly work with Splunk SIEM and Splunk ITSI, and these are the two major products recommended for all consumers. If it is related to security, I recommend Splunk SIEM, and if it is related to infrastructure monitoring, I recommend Splunk ITSI to others. I used to take care of the observability part as well with the aforementioned tools. For observability purposes, I use Splunk-related applications. I also do the onboarding of the data into Splunk with the help of observability functionality.
The most valuable feature is we don't have to deal with any back-end server maintenance because the solution is cloud-based.
View full review »In an enterprise, you need a universal or heavy forwarder. If you don't have that, you need an HSE token or API request call and all the different components. In Splunk Cloud, you just have one instance to search all the data in your index. You don't need to manage it because Splunk handles that.
If you are using Splunk Enterprise, you need to understand, from A to Z, how the indexes and searches work and where the data is coming from. Splunk Cloud has a beautiful, user-friendly UI that lets you navigate all the settings.
It doesn't matter where the data comes from for integration. The dashboard gives you a brief overview.
When we're onboarding all that data using heavy forwarders, Splunk gives us better buffering performance and lower latency if we use the right components. If I use a light or universal forwarder, it often doesn't parse on the other end. Our projects use heavy forwarders and put those data into the index services while defining which indexes they should index. We are also micromanaging where that data should be.
The reporting is good so far. Sometimes, I help my clients improve their user experience. As an engineer, I would suggest that if a solution has back-end compatibility, clients should get out of their comfort zone and customize another app to create a dashboard or something else.
View full review »The most valuable feature of the solution stems from the fact that I just like having one single point where all of our logs are aggregated and then having one interface that I can query and find the information that I want out of it.
My organization monitors multiple cloud environments and even the on-premises part. I would say that so far, it has been fine and easy to use to monitor multiple cloud environments using Splunk Cloud Platform. The tool works effectively, and it gets stuff from our on-premises servers into the cloud. It gets stuff from AWS into the cloud. I am able to, you know, use the single interface to access all the information I need.
It is very important for our organization that Splunk Cloud Platform has end-to-end visibility into your cloud-native environment. It is important since it helps to be able to see all the aspects of what our services are doing and how they are operating.
It helps with the mean time to resolve since it makes it easier to find the errors as they have occurred, so it has been a helpful tool.
I don't know how much the product has helped my organization improve business resilience.
I wouldn't know if my company has experienced any cost-efficiency by splitting to Splunk Cloud Platform.
I know that Splunk's unified platform helps consolidate networking, security, and IT observability tools for our company. Our company has an InfoSec team using it for their SCIM stuff, and then we have IT using it for some of the things they need to gather. Multiple teams in my company have benefited from using the tool. The consolidation of tools does impact our organization since I think it is probably easier for everyone to get access to stuff because everything is in one place, and it is one of the biggest impacts of the product I can think of right now. Instead of having things spread out across multiple vendors and multiple tools, it is all kind of in one thing that we can get at, and so it is probably easier for us to train people, and we know, like, how to access the solution since it is just one thing we have to learn.
The data management and instant search features are the most valuable ones for us, as they allow us to instantly retrieve information needed for reports and security compliance.
View full review »The incident response time depends on the query and alert configuration, and also on the environment and how the logs are streamed. By analyzing these factors, it takes a maximum of one to two days for one incident.
Alert scheduling, dashboard creation, and log monitoring are the most valuable features.
Federated search depends on the data we pull. We have three types of searches. We use federated search for long-running queries.
We have, like, 20% of MacBook Cloud environment. It is easy to monitor multiple cloud environments, but there are some onboarding challenges. We are onboarding from the back end and also using Hacktoken. Apart from that, we get data to Splunk using Cripple pipelines from Syslog servers.
Reporting is like this: if critical data is used by the client, we send it to the data user according to the schedule.
For log monitoring, we can definitely suggest Splunk is a good tool. And it helps with decision making processes.
For monitoring security logs, it's the best tool.
View full review »We can onboard multiple data types for monitoring from various ports and use Splunk to monitor laptops or other devices directly. If everything is stored in our database, we can also monitor that and see who is logging in and when. You can monitor which files are being used most and which ones aren't. We can also check for any fraudulent activity in the system. The reporting is highly detailed.
Splunk is best when used for real-time monitoring. We can use AI and machine learning, too. Splunk plans to launch new observability features soon. The federated search feature has helped us eliminate redundancy in data servers and discontinue servers that aren't being used much. We can remove those servers from the environment to cut costs.
We can use Splunk to monitor multiple environments. The ease of monitoring depends on the source, application, or cloud environment size.
View full review »The most valuable feature of Splunk Cloud Platform is its flexibility and readiness because it's already prebuilt, and everything is click-to-go. Splunk has multiple features, but the cloud feature comes with that. It is built for a smaller organization, but that's how organizations grow. The solution is good for a new budding organizational group.
View full review »We have Splunk Enterprise Security and our regular Splunk Enterprise. We use Splunk Enterprise Security for monitoring all our security use cases and our regular Splunk Enterprise for application monitoring. We have our own custom digital apps that we monitor on the enterprise cloud, and all our enterprise security monitoring happens on the Splunk Enterprise Security app. There are so many custom applications that we currently support.
We do digital transaction monitoring, so when a customer sends some money to a different customer, we monitor the end-to-end transaction of that customer when it happens on the digital platform. It is pretty important for our L1 and L2 teams to monitor that end-to-end transaction.
With Splunk in place, we can identify the bottlenecks where transactions are getting held and immediately take necessary actions to release the transaction and reach the customer. That improves the transaction time frame. There is improvement in terms of how many analysts are monitoring how many transactions and how fast transactions are happening from end to end. It improves our performance and customer experience. It is also easy to monitor end to end transactions.
View full review »I like that it's an independent cloud platform. It can work with AWS or Azure.
Its monitoring is completely automated. We do not have to put in other engineers just to maintain Splunk. It maintains itself, and it's very user-friendly. For the dashboards to be created or any sort of code that we want to do with Splunk, we can do it by ourselves. We do not need to have separate resources so it is very cost efficient. We do not require many people; it's resource-efficient as well.
We do use the federated search feature and find it helpful. Earlier, it was hard to withdraw data. We'd have to maintain it. Now, Splunk does it for us. It's a very time-efficient service. It's made a huge impact on automation. We can grab data in real-time any time we need to.
The solution integrates well with other applications and systems in our environment.
View full review »In their case, they had global data domicile requirements. We didn't have the same global deployment for our other larger environment that they did. So it made sense for us to migrate them to a bunch of small cloud stacks that were globally positioned rather than deploy a bunch of tiny enterprise environments to do the same thing.
It's pretty important to us that Splunk has end-to-end visibility to our native cloud environment. We need to be able to figure out where the points of failure are. Knowing whether it's a forward, on our end, an index, the cloud environment, a firewall, or something else entirely is important to troubleshooting that kind of process.
Splunk has helped to reduce our mean time to resolve. For the specific use case, the ability to bring in more Splunk data and market makes work consistently accessible.
I think that Splunk's ability to predict, identify and solve problems in real time is better than what we use it for. Our observability journey is still pretty early so we haven't done a lot of predictive detection that is possible to do with Splunk. It looks like it can do the things that we needed to do in a pretty effective way. We just haven't done that yet.
SK
Siva Chaitanya Kakarla
Support Engineer at American Express
Everything is maintained by the Splunk support team. Users do not have to maintain any physical servers. They do not have to maintain indexes and searches. It reduces a lot of work on the user side.
We integrated it with other applications in our environment. It integrates well. We did not face any issues on the integration side.
The reporting offered by Splunk Cloud Platform is also good.
View full review »I do not really like it, but being able to correlate events across platforms in a single place is valuable. I can trace an event back to its root cause. I can find the root cause instead of just looking at the symptoms across different things.
View full review »The most valuable features are reliability and logging. It's in the cloud so it has more stability and easy maintenance.
I like the idea of being able to list the IPs that we want without having to open up a ticket to get it done so that way if anything changes we can add a new IP. The platform itself is the most valuable because if we're using the product, we're paying a lot for it. So we're searching our data and doing the triage we need to with the events. In reality, our biggest benefit of the Splunk Cloud Platform is not having the hassle on-prem.
SK
Stanley Kmiec
Principal, Cybersecty and Infra at PNM Resources Inc
There is definitely the ease of the infrastructure administration. It frees up a lot of time.
View full review »DE
Dinesh Elumalai
Software Engineer at Tigma Technologies
Splunk Cloud Platform's search modes are a powerful feature. There are 3 main modes: Fast, Verbose, and Smart. These modes allow us to customize our search based on our needs, which can significantly improve our response time.
View full review »I like the Splunk Monitor console. I like how Splunk continually updates it with new features. We don't have to do anything on our end, we just get access to that.
Splunk has some good dashboards that show us search or user search activity. There are some things that could cause the environment to go awry, like skip searches or searches that are more intensive.
By being able to identify those, we could reach out to those customers and work with them on improving their standard practice. Since moving to SaaS, we're able to focus more on that.
View full review »The most valuable feature of Splunk Cloud Platform is the alerting feature.
View full review »AK
Abhishek Kalokhe
SIEM Engineer at a manufacturing company with 11-50 employees
The cloud performance is good.
Not having to perform any maintenance because it is handled by Splunk saves our administrators time which is valuable.
View full review »The most valuable feature is the search options. Our infrastructure is huge so if an issue happens, it's hard to find where it is. That's where Splunk comes in handy. You just go to their user interface and do a Google-type search. Just put in a keyword, search it, and you'll figure out where it is. If you have thousands of servers, it's very hard to see where the issue is and where the transaction is logged. Splunk makes it very easy. That's the best part of Splunk.
I would rate Splunk's ability to provide business resilience by empowering oneself a seven out of ten. Whenever we have an issue, Splunk is handy. We have a lot of monitoring in place so if an issue happens, our monitoring helps proactively figure out the issue, and in that way, we can make sure that our environment and infrastructure are up and running, and our customers don't have any issues.
View full review »SS
ShubhamSharma6
Software Engineer at Wipro Limited
I like that Splunk Cloud Platform is managed by the vendor.
I like the Cloud monitoring console feature.
I like the support for all the apps and add-ons.
View full review »All the features are very equal for me. I do not use any one feature more than the other. They all are pretty equal to me.
View full review »The cloud is very fast. We have a lot of data in our Splunk instance and it isn't slow in any way.
The maintenance is good. We have good support if we have queries or issues. With on-premises Splunk, if we ran into issues, we'd have to figure things out ourselves. With the cloud version, it's easier to get support.
We can monitor multiple cloud environments, including Azure and AWS.
It can be difficult to monitor cloud platforms. We are integrating more cloud servers and patching data sources from those servers. It's very easy to use Splunk and have everything go to the dashboards.
We get good visibility into multiple environments. We can easily search from Splunk Cloud to our on-prem or AWS directly. We also do not ingest the data in order to see it.
We can easily integrate with other systems. It's very helpful. We can leverage Splunk to gather any specific reports we want with this integration capability.
The reporting is very good. Every month we have a call with Splunk personnel and they'll show us reports to show high usage for search, for example. From our side, we can change or update in order to optimize our systems.
The cloud has helped us with decision-making. It helps make maintenance decisions very easy.
It's very resilient.
View full review »I like the fact that we do not have to maintain all the cloud infrastructure. That is probably the main thing about the Splunk Cloud Platform. We do not have to worry about maintaining the infrastructure that is out there. We just push things up and maintain our infrastructure on-premises. This is important for us because we just do not have the manpower and resources to manage all the infrastructure.
We used to use another SIEM with which we constantly had to replace hardware and things like that, so it is a good benefit to have that cloud infrastructure there whether it is coming from a SaaS environment or we just build it in the cloud.
DT
Damon Tunnell
Automation Developer at TNS
Not having to manage Splunk Cloud's infrastructure is valuable. Being able to deploy within the cloud and not having to manually manage our configs on the infrastructure side and set up our own architectures has been the biggest help.
Other than that, the new Dashboard Studio has been a pretty big win, but I do not know whether that is more cloud-specific or not. Dashboard Studio has a cleaner look for customers that want to see their data but not necessarily search. For the customers that want to see their data, having an easy and effective way to drag and drop to see where things are going to be if they want to change them has been pretty beneficial.
View full review »The ability to correlate data and then present it in a meaningful and valuable way is crucial. Splunk offered this functionality, providing us with insights into threats, vulnerabilities, and all the identity information we fed into it. We sought a SIEM tool because we lacked a solution that could effectively analyze recent data. We needed a tool that could not only ingest our data but also correlate it and present it in an easily understandable format.
View full review »It's very important for us that Cloud Platform offers end-to-end visibility into our cloud-native environment. More and more functions are moving to the cloud, so it's not only for observability to see the system, but it's also for management and senior management to see that all of their applications are running as intended. If we try to spread out applications through multiple vendors, multiple regions, access groups, and whatnot, it becomes pretty important. It may become a challenge because of that spread. It brings resilience, but it also makes it more difficult to look after everything.
We want to achieve having everything in a single view. Senior management wants to make sure that everything is running well. The application team's developers want to have a granular review.
Splunk reduced our mean time to resolve by 30%. If an application starts misbehaving, we send logs to Splunk and check to see what's going on and see what's happening.
The dashboards are the most valuable feature. It's all of the information in one place. We can build it ourselves, so we can make it the way we like.
View full review »For my purposes, I like the ability to aggregate lots of data from different sources. I like being able to report for management and being able to get alerts on thresholds being out of sync.
View full review »AA
Alexandru Adamovici.
Head of Cloud at a consultancy with 11-50 employees
Its interconnectivity with the cloud platforms, such as Azure and AWS, was valuable.
We had multiple cloud environments. It was easy to monitor multiple cloud environments using the Splunk Cloud Platform’s dashboard.
View full review »Index Manager is most valuable because we do not have to bother about internal storage. It is all managed by the Splunk team.
View full review »It's important to use that Splunk has end-to-end visibility in our native environments. We have to have that visibility because we manage multiple app applications that rely on it.
Splunk helped to improve our organization's business resilience. That's very important to us. Our users rely on Splunk heavily for the health of their applications. It helps them to get ahead of issues, and if there is an outage, it enables them to resolve them faster.
Splunk gives the different application owners the ability to configure alerting specific to their needs so they can customize it however they want. If they know their applications better than you know, admins, I'll give them that flexibility.
View full review »Dashboards and alerting are the most valuable features. The dashboards let us see how the system looks in terms of anomalies, and the alerts trigger us to go and look at what possible problems are happening.
View full review »Splunk Cloud Platform's most valuable features are enterprise security and ticketing integration.
View full review »As compared to other tools, it is very easy. It is very easy to learn. It also integrates well.
The reporting features are very good. The dashboards are very nice. We could create our own dashboards to monitor any volume dips or transaction loss.
View full review »It helps us with hosting from different geographical locations.
The speed of the cloud environment is great.
We only buy the services we need. We don't have to pay for other things we don't. It makes the pricing very economical.
We use the solution's federated search feature. It's easy for us to use. It helps us search logs, analyze, and manage data.
We are able to monitor multiple cloud environments using our Splunk Cloud dashboards. It makes the process very simple. We just have to maintain different teams for different environments.
The solution is great within hybrid environments. It gives us good visibility across everything.
It works well for sizable environments.
The product integrates well with other systems and applications in our environment. We haven't had any issues with integration at all. However, if we ran into issues, we could call Splunk support. Having an issue would be a very rare event.
Reporting is very good. It's the same for all Splunk solutions. Having multi-cloud instances in one place is great.
We have multiple business units and easily integrate them into the cloud, as well as different infrastructures from different areas. We can deploy a Splunk agent on any cloud - AWS, Google, etc.
The company can access data easily for compliance and privacy regulations. The privacy aspect has been very good.
Having resilience has been very helpful in our organization.
View full review »Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving
View full review »The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.
View full review »The reporting and dashboards are very good.
In terms of reporting, everything is customizable. You can write a query to have the reports and dashboards created for you, and it will be based on that data.
The documentation is pretty good.
Integration with products and devices works well. We haven't had any limitations or problems connecting to our network devices.
View full review »Not having to maintain any infrastructure is valuable. That frees up a lot of time as well.
View full review »The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds.
View full review »For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective.
View full review »JS
Juha Strandman
Owner at a reseller with 1-10 employees
The most valuable feature of Splunk Cloud is the quick setup.
View full review »The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.
This is a feature-rich product.
View full review »Splunk is a very user-friendly tool and it's very extensive compared to other tools.
Buyer's Guide
Splunk Cloud Platform
June 2025

Learn what your peers think about Splunk Cloud Platform. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,803 professionals have used our research since 2012.