Splunk ITSI (IT Service Intelligence) Reviews

We use Splunk ITSI to monitor the different stages, spaces, and processes of payment operation.

Splunk helps us improve our incident response time. We have a dedicated observability monitoring team that continuously monitors our systems for failures or delays in payments, 24/7. This monitoring generates alerts that we use to identify potential issues. We have established SLAs for all of these issues. Splunk allows us to alert the appropriate people well in advance of a potential breach, so they can resolve the issue faster and minimize downtime.

I would rate Splunk's predictive analytics for preventing incidents an 8 out of 10.

Splunk ITSI has helped reduce our mean time to resolve.

The most valuable features are the service analyzer and Glass Tables.

Since ITSI is primarily used for monitoring-related services, it would be beneficial if Splunk offered pre-built dashboards or a drag-and-drop interface for creating custom dashboards. This would simplify the process for users, especially for monitoring basic services like Windows and Linux servers. Currently, Splunk doesn't provide this functionality, requiring users to write queries and build dashboards manually. Including pre-built panels would significantly enhance the value of Splunk for ITSI users.

The end-to-end visibility in Splunk ITSI is limited and has room for improvement.

I have been using Splunk ITSI for over 1 year.

Splunk is generally considered stable when deployed on-premises. However, its performance on cloud platforms like AWS or others may vary.

I would rate the stability 7 out of 10.

The resilience of Splunk is based on how well it performs on high loads so I would rate it 7 out of 10.

I would rate the scalability 9 out of 10.

I am dissatisfied with the customer support team's response times. When we submit a ticket for a high-priority incident, it takes Splunk support approximately 2 hours to respond and connect with us. We have consistently experienced these delays on multiple occasions.

Additionally, when encountering issues with core configuration or out-of-the-box features, tickets are frequently reassigned to different representatives. This handoff process necessitates us to explain the problem repeatedly, which is frustrating and time-consuming.

Neutral

In my previous project, I successfully led the end-to-end deployment of a Splunk migration. The process went smoothly thanks in part to Splunk's professional services team. They conducted a thorough assessment, identified all our potential pain points, and developed a tailored solution and migration plan. This comprehensive approach ensured a seamless transition.

Our core deployment team consisted of 5 internal members and two specialists from Splunk. Additionally, the project included a project manager and a product owner. We also benefited from the expertise of two professional service consultants and two representatives from the customer's side. An on-site admin architect further provided valuable technical support.

Throughout the deployment process, we leveraged support from various resources whenever necessary. This included assistance with configuration changes, deployments, and other related tasks. We also collaborated effectively with our teammates to ensure a smooth and successful implementation.

For the implementation, we had a consultant from Splunk in-house.

Splunk ITSI is expensive. While tools like Grafana offer a significantly lower cost around 30 percent of Splunk's price, their capabilities are more limited. Splunk can ingest and store a much larger volume of raw data up to 50 percent compared to Grafana's 15 percent. This translates to greater observability but at a higher price point.

Splunk ITSI is worth the cost.

I compared Grafana, New Relic, and Dynatrace to understand their competitive landscape. Splunk was the most impressive option, except for its pricing.

I would rate Splunk ITSI 7 out of 10.

For organizations already using a different APM solution, Splunk ITSI offers a compelling alternative. While other tools might focus on onboarding metrics, Splunk ITSI prioritizes log data analysis for deeper insights. In addition to ITSI's capabilities, a Splunk Enterprise license unlocks log monitoring functionalities. This provides a comprehensive solution, and if you plan to migrate to Splunk Enterprise Security in the future, you'll be well-positioned. By purchasing a single Splunk Enterprise license and the ITSI and Enterprise Security premium apps, you'll gain a one-stop shop for all your event management, internal monitoring, and APM observability needs.

Splunk ITSI is deployed in multiple site clusters and located in multiple data centers. We have around 500 users.

Platform maintenance is handled by the Linux team. We take care of everything else.

I recommend Splunk ITSI to those looking to implement ITSI.

We are using the solution for correlation searches. We've integrated Splunk with ServiceNow. We're creating aggregation policies to trigger actions in ServiceNow. We use it with the ServiceNow add-on. When something happens in ServiceNow, it's correlated to ITSI as well. 

We can check to see if dependent services are aligned. The service analyzer allows us to see the health of the services. 

It's been very good for noise reduction. We have alerts that trigger visually and it helps us prioritize. We can create performance-related dashboards so teams will have a clear overview according to their unique requirements. 

The infrastructure monitoring is very useful. In our scenario, we can see the performance of logs across parameters like memory or security. We can analyze the data. We can create our own logic and alerts to send to the correlated teams to take care of incidents. 

The end-to-end visibility is very good. With the service analyzer, we're able to see if something goes down. It's inspecting the health of services. It's color-coded, so we can check to see if there are any serious issues. We can do deep dives if something is red. 

We use the predictive analytics on offer. We have some use cases in which we create forecasts around CPU and memory-related alerts. We can use it to predict costs based on the past 30 or 40 days. We're also trying to use this for anomaly detection. We can make good predictions on the basis of data and trends. As long as we have past data, we can use it to build some predictions for the future. We can use this to create and send predictive reports to our teams to help them take pre-emptive action.

It's helped us to right-size resources to match demand. 

The solution has helped us streamline our incident management. We've been able to increase efficiencies through automation.

We've been able to reduce incident volume. If a host is generating frequent tickets, for example, we're able to see it and work on it directly to help us reduce incident counts. 

We've been able to effectively reduce alert noise. We can create logic to create tickets. It will create one ticket per episode so that multiple tickets are not created for one single episode - and this helps us reduce noise. 

We can automate routine tasks. We're able to create alerts, reports, scheduled searches, et cetera. It's helping us to save time.

When we check the service analyzer, and we have custom inputs, there are issues. Sometimes our inputs are not taken or recognized. Alerts are not being automatically generated. Also, if someone comes and creates a maintenance window, we can't properly identify who created it. We have to create our own queries before we can identify anything. 

I've been using the solution for three years. 

The solution is very stable. 

The solution is scalable. Depending on your infrastructure, it can be a bit tricky. 

I haven't had to escalate any issues to technical support. 

We're using SolarWinds and Splunk in our current environment. 

I helped with the initial deployment. We have multiple servers sending data to Splunk. The process is straightforward. For the setup, we had three people involved in the process. 

It's not a difficult solution to maintain. 

The licensing is based on data ingestion. However, they do have multiple licensing options.

The pricing is reasonable. 

Splunk is good. It gives good customized options. Any logic or Python script we need to add, we have the freedom to do so. Most solutions aren't as customizable. 

I'd recommend the solution to others. I'd rate it eight out of ten. 

It monitors every level of infrastructure in our environment, including remote locations across the world.

Splunk ITSI has end-to-end visibility into the cloud-native environment. This is important but not as important because we are primarily on-prem in every aspect of our IT infrastructure. However, for things that we do have in the cloud, it is important that we have visibility there.

Splunk ITSI has helped reduce our mean time to resolve. We can see very quickly when things are down and where they are down. I have taken steps to reduce the time to identify and time to resolve with Splunk ITSI.

The unified platform helps consolidate networking, security, and IT observability tools. It forces certain groups to work together and more closely, as they should. It increases awareness of the current statuses of other environments, which is important.

Instant usability of gathered event metrics is available. We have metrics data from systems, and we can use that to instantly get system status and trends.

There should be entity conflict resolution, specifically regarding duplicate entities. There should be case sensitivity for various keys amongst entities, specifically host names. We need IT metrics-based indexes and more content packs. I know they are coming out with these features.

I have been using Splunk ITSI for two years.

Its stability is great.

It is handling well what it is supposed to handle for some parts of our setup, and with the new version, it is only going to get better.

I have never used their support. Community is the first place I go.

I started with the company two years ago. They had it long before that.

I would rate Splunk ITSI an eight out of ten. It is pretty good, but there are some inflexibilities with the analyzer that can be annoying. 

Splunk ITSI is a product for operations. I use it for detecting issues in the operations and generating alerts for them.

It is an intelligence platform for operational excellence.

The end-to-end visibility is a great thing about Splunk ITSI. It provides an end-to-end view to any user, from a normal engineer to a high-level manager.

We were able to realize the benefits of Splunk ITSI immediately.

Splunk ITSI helps to right-size resources to match the demand. It improves the quality. It is more organized. It can definitely help in rightsizing.

It helps to avoid duplicated alerts. If rightly implemented, it can reduce the duplication of alerts and provide more specific and accurate context.

Splunk ITSI has helped reduce incident volume. The reduction is implementation-dependent. If it is rightly implemented, we can reduce it to a very low percentage. Out of 100, we get only 10 alerts. If the context is correct, we only need one alert. This can be achieved with ITSI.

Splunk ITSI has helped reduce our alert noise, but I do not have the numbers because the initial implementation was not right. There were so many alerts, but when we corrected the implementation, it reduced them by a lot. I do not have the numbers, but thousands have become hundreds.

Splunk ITSI has helped reduce our mean time to detect (MTTD). It is at least five minutes. The mean time to resolve is dependent on the team. I do not have control over that because, in Splunk ITSI, we generate alerts for multiple teams, not just one team. It all depends on their SLAs.

Splunk ITSI helps us to automate alerting and automatically generate alerts or create incidents. It is not an automation tool to reduce mundane tasks.

Splunk ITSI helped us save costs by reducing downtime and manpower costs or avoiding SLA penalties.

The service analyzer view and automatic creation of incidents are valuable.

Better documentation would definitely help. Many people do not know about it, so better documentation and use case explanations would be helpful. There should be more YouTube videos about how to implement ITSI

The biggest improvement area is making it open to developers. Right now, it is very closed. It can only be downloaded by people who have a license to and not everyone. If it is open to everybody, more people will use it.

It has been quite a long time. It has been more than four or five years.

It is pretty stable. If we have the proper infrastructure, this tool is very stable. It does not crash.

Its scalability is high. It can scale very well. You can increase the size of the cluster. You can increase the capacity vertically and horizontally. It is very scalable.

They are good. They respond based on the SLAs. The quality of service depends on how informative you are when you provide the case details to them, but they have the ability to escalate it to higher levels and get help. They have the skills, but sometimes, the support is not in the UK. It sometimes comes from the US, so there may be time constraints when you set up a call. Otherwise, they are good.

Neutral

I have used other solutions. In the old days, I used a BMC system. Splunk ITSI is a completely different type of alerting system.

The BMC solution is more monotonic. It does not have the intelligence like Splunk ITSI to reduce the noise. It just picks up a metric and alerts based on that threshold, whereas, in ITSI, we have the control to reduce the number of alerts generated on the same threshold by adding some intelligence to it. It has the ability to do that Intelligence part. That is why it is called ITSI.

We have both on-premises and cloud deployment models. Its deployment is difficult for a beginner user. You need a consultant or somebody experienced in Splunk ITSI to implement it properly. Splunk ITSI is a premium product. You need very good Splunk infrastructure initially to run this on top. To run it properly, you should have good knowledge. You should at least have Splunk Architect-level certification. Otherwise, you can implement it, but it will not work properly or as you expect.

It is mostly a clustered solution. It is not normally done on a single server. We need to build the entire cluster. The initial build probably can take two weeks. Configuring everything can take a long time. Six months can be considered a good time to make it run properly for enterprise usage.

It needs regular upgrades, backups, and time-to-time updates to the system configurations. It requires a dedicated team. Once it is properly set up, less than ten people can manage it.

I am an ITSI consultant, so I am not a user. I set it up for customers.

The number of people required depends on how much data we need to bring in. If we have a lot of data and a variety of systems, more people are required. If we are just focusing on a singular system, one person can do the job.

In an enterprise environment, there are a multitude of systems and monitoring requirements. Usually, there is a team onboarding data and setting it up. 10-15 people are a good choice for a big enterprise, like a banking client.

It is more of a premium product. I do not have much visibility into pricing because it is taken care of by high-level enterprise customers. I just ask for the license that I need and they negotiate. It all happens between Splunk and the company. I know that it is expensive, but I do not think there is another solution that can do similar things for that price.

To someone who already has an IT alerting and incident management solution but is considering switching to Splunk ITSI, I would say that it will add value to their organization. It can reduce a lot of noise. I would suggest going for it, but it should be the right implementation. You should have knowledgeable people to implement it from the beginning.

It is not something that you just buy and switch on and will start working. It needs a lot of configuration and proper configuration to make it run properly. That is an important part for Splunk ITSI. It is not just the product. The person who is implementing it should be very good. Then only its value can be seen. Otherwise, you have the application but may not get the right value out of it.

Overall, from my experience, I would rate Splunk ITSI an eight out of ten.

Splunk ITSI (IT Service Intelligence) is primarily used for managing alerts and events. It helps me monitor different APIs in inbound and outbound scenarios and triggers alerts. The tool is primarily used to handle threat intelligence and manage event alerts, despite certain limitations like false positives.

Splunk ITSI has enabled us to better manage events and alerts, aiding in quicker data retrieval and enhanced system uptime. Its ability to correlate multiple event sources allows for comprehensive integration, which has been valuable in improving our organization's security posture.

Splunk ITSI allows for integration with threat intelligence, enabling my organization to correlate more than two events for generating alerts. It has a swift data ingestion and retrieval capability due to its robust query language. The system helps reduce data loss and improve event management, offering a platform for various deployment models. The global trust in its capabilities is evident, especially given the preference by financial sectors. Additionally, having features like IT Service Intelligence enhances our organization by providing actionable insights quickly, which is crucial for operational efficiency.

Splunk ITSI could benefit from including more features that other solutions support, such as vulnerability management modules. This would help manage vulnerabilities effectively, allowing my organization to track patch management and compliance more thoroughly. It would be beneficial to include a feature that provides comprehensive vulnerability management similar to open-source solutions.

I have been working with Splunk ITSI (IT Service Intelligence) for nearly two and a half years.

Splunk ITSI is quite stable, and I would rate its stability at around eight point five to nine. The setup, however, must be done correctly as incorrect deployment can lead to issues.

Splunk is highly scalable, with the ability to expand efficiently. I would rate its scalability at nine.

Having worked closely with Splunk support engineers, I've observed their high capabilities in resolving issues. The technical support is excellent, and I would rate it at ten.

Positive

Previously, we have used other solutions like Wazuh and IBM QRadar. We recommend Wazuh primarily due to its lower cost and robust capabilities, although it may lack in certain areas where Splunk ITSI excels.

The initial setup for Splunk ITSI can be a complex process, especially when compared to the simplicity of open-source solutions like Wazuh.

Pricing can vary significantly based on the selected modules and deployment choices. Splunk ITSI tends to be more expensive compared to some open-source solutions.

We have evaluated several solutions, including Wazuh, IBM QRadar, and other open-source platforms.

Overall, I would rate Splunk ITSI at nine or nine point two. I would recommend it for enterprise-level organizations due to its cost implications; smaller companies may prefer open-source solutions to reduce expenses. The solution could improve by integrating more vulnerability management features. I would rate the overall solution at nine.

I use ITSI for different companies but with the same objective: to correlate alerts from different sources and assess them according to multiple frameworks. For example, I can combine the alerts from different sources into a single episode. The analyst can resolve the issue without looking in multiple places to get the necessary information.

ITSI was initially challenging, but you can pick it up quickly once you understand the concept. It also depends on the goal. Combining different sources into episodes is one thing, but integrating ITSI with automation or other ITSM solutions may take longer. 

The solution has a forecasting module. You must have a good infrastructure because AI takes a lot of processing, but it works well. Based on previous data, you can assess it in 30 minutes or so. Having that predictive ability is a lifesaver. 

It can streamline incident management. ITSI has a feature called Teams that lets you control access to different services to control which teams are responsible. You can control permissions and everything else. Everyone is assigned to a team with a unique experience while using the frame of the platform.

ITSI has a feature called NetFlow. It depends on what you plug into it, but in my use case, we usually click alerts before they become incidents and measure how many alerts become incidents to get an idea of how much it's helping to resolve things before they turn into incidents and have an impact. 

It has helped to reduce alert noise because we can group alerts from different sources into one ITSM ticket with information from various sources. This helps our team resolve the issue because they only need to look at a single ticket instead of opening multiple ITSMs to gather all the necessary information to assess the problem.

The amount of alert noise reduced depends on the maturity of the environment. When you set up rules to aggregate events, you have to know some information about those events, like the team that created them, the system they belong to, the impact, and whether they're infrastructure, a service, or an application. If you have those all set up, it could be a 75 percent noise reduction.

ITSI reduced our meantime to detection because ITSI is plugged into each search, and as soon as an event is detected, it's processed and sent to the responsible team. It has helped us to detect issues and resolve them faster so we can provide more information upfront to IT.

It helps the IT team resolve things faster, but it depends on the information that ITSI is grouping. If you have enough information to find the root cause, it can help to resolve everything quicker. For example, let's say an analyst is looking at five impacted services, but one of them is the root cause. If we can provide that information upfront to the analyst, he can resolve the issue much faster because he doesn't have to look at each separately to assess the cause. 

ITSI has helped us automate some tasks. Many issues aren't easily solved. You must have good communication with the team and analysts to see the steps they take to resolve something, but it can tackle the most common issues and free up time. But you must be careful not to automate something a developer should fix. Automation helps a lot, but you can't automate everything. 

What I like the most is the event correlations. It's a file structure, and ITSI has a correlation layer where you can normalize the events from different sources. Once these events are normalized, you set up rules to aggregate them into different or the same attributes. After the rules are defined, you can automate the process to solve the issue automatically. 

Generally, the visibility is decent, but you need to set it up properly to have good visibility in a way that makes sense to see the issues you need to see. In ITSI, you have the concept of services and a service tree. If it's set up correctly, it can help you find the root cause of a problem. You need someone who understands ITSI and your business. 

One thing ITSI could improve on is the maintenance windows. I have a huge case where I had to implement something related to the maintenance window. If you try to look up the issues in ITSI, you have to check the incidents individually, and putting hundreds of hosts in maintenance can be a hindrance. 

I have used Splunk ITSI for four years.

I rate ITSI nine out of 10. I've had issues before, but they are usually caused by the configuration or infrastructure. You have to be careful when deploying Splunk across your infrastructure. 

ITSI is scalable, but its engine is somewhat of a weakness. The engine runs on one machine, but ITSI is scalable because even though the engine runs on one machine, it assigns processes to other machines to work on. You can do well with ITSI horizontally, but sometimes, you need to think vertically because the processing takes some memory.

I rate Splunk support seven out of 10. Like any support, how fast they respond depends on the priority. Overall, they've helped a lot and were willing to enter a call to see the environment and the issues themselves. I would say do a good job overall.

Neutral

The complexity depends on your infrastructure. It's a lot easier if you have a single instance, but deploying on a cluster requires a little care. The package formats are specific to the roles of your cluster. We have to be careful with that. It's not too difficult. You can set it up in a day or two if you read the documentation. 

One person can set it up, depending on the size of the cluster. For example, if it only has two machines, one person can do it easily. You can set up a batch script to accelerate the installation. If you have that setup, you can do it easily in a day with one person. If you don't have that, it could take up to two days if you don't have much experience with ITSI.

I rate Splunk ITSI eight out of 10. I would recommend Splunk ITSI, depending on the company's context. If the ITSM solution they have serves them well, I don't think it's necessary to switch to ITSI because it's costly. I would only recommend it to someone who knows they will get a return and have the capital to invest. Small companies probably have a bit of difficulty using ITSI. If you're a big company having issues, ITSI can help you out. 

I recommend new users read the documentation carefully and watch a few videos on it. The first thing is to wrap your head around the concept. If you try to speculate at once without understanding a few things, it could be a lot more difficult. It's helpful if they stop and read the documentation to understand each piece.

I use the solution in my company for event management and areas consisting of episodes.

Splunk ITSI (IT Service Intelligence) has helped our organization correlate events into episodes.

The most valuable feature of the solution is event analytics, and it is because that was our core function when we moved from NOC to IBM Netcool Network Management and then from IBM Netcool Network Management to Splunk ITSI (IT Service Intelligence).

The main benefit I have experienced from using Splunk ITSI is that it has been helpful to have one consolidated tool.

My organization monitors multiple cloud environments using the product. In terms of the ease or difficulty one may have when trying to monitor multiple cloud environments, it is tricky. You have to learn and test things out.

It is important for our organization that Splunk ITSI (IT Service Intelligence) provides visibility into our cloud-native environment, but I would say that it is done in the dev and production environments.

Splunk ITSI (IT Service Intelligence) has helped us with the organization's business resilience. My impression of Splunk's ability to predict, identify, and solve problems in real-time, is that with the new AI feature set coming in, users can apply that logic to the episodes.

I have experienced cost efficiencies by switching to Splunk ITSI (IT Service Intelligence). The doc suggests that too has one pane of glass to go into the system and do automation straight from one page because they get hit with thousands of alerts and alarms every day, and we try to correlate that to a simplistic event.

I have experienced time to value using Splunk ITSI (IT Service Intelligence) over a couple of months.

Splunk's unified platform helps consolidate networking and IT observability tools but not security because our company is not in that space. The consolidation of tools impacts our organization since I feel it is easier to have fewer tools than more.

The dashboard function inside the individual episodes, not at the ITSI Notable Event Aggregation Policy level but actually at the correlation search layer, is an area where improvements are required.

In the next release of the tool, the product should offer a dashboard ID in the correlation search.

I have been using Splunk ITSI (IT Service Intelligence) for five years.

In the early days, the Java-based engine was kinda buggy, and some of the interfaces for Splunk ITSI (IT Service Intelligence) and event analytics needed to feel new and not outdated. It still kinda feels outdated, and I feel like Splunk hasn't really put a lot of thought into such a specific area in the last few years.

The solution's scalability is fine.

The solution's technical support team is okay. For most of the stuff I escalate, I have to always wait for a response from tier-two or tier-three level support.

I am used to solving stuff myself and providing a lot of debugging as to what tier-one or tier-two level support would do, and by the time I get to the aforementioned spot, I see that I have to wait and explain a lot of cycles because I am doing the same research as level one or level two support. I rate the technical support a five out of ten.

Neutral

I have experience with Tivoli Netcool, which is a legacy event system from IBM that has the same or similar approach as Splunk ITSI (IT Service Intelligence). I saw that Splunk ITSI (IT Service Intelligence) provides the same features as Tivoli Netcool.

When it came to the deployment part, Splunk's professional services did not know much of what our company needed, considering the level that we were expecting from the product. I come from a telco background where the company used to deal with 1,00,000 alarms a day, and event analytics wasn't something that was really built for it in the beginning when I first deployed it. There were a lot of learning curves that I had to go through to deal with the tool. As I continued to grow with the product, I started pitching probably around 20 ideas at a time to the team, and a lot of my ideas actually made it to Splunk's GA launches. I worked with Isha, Ross Wilkinson, and another person who was right in the middle between them. Though I had spoken to the senior VP of a particular sector and pitched the idea of using Fandom for IT automation, it eventually died out.

The solution is deployed on an on-premises model. I use the cloud services from AWS.

Splunk directly helped with the product's deployment.

I have experienced an ROI using the tool, considering the efficiency it offers so that we do not have to take care of certain functions.

Pricing was pretty good, and it is possible to just add on the features we want.

I considered Resolve systems for automation and a tool named Moogsoft. Moogsoft has a lot better visual capabilities and looks better than Splunk ITSI (IT Service Intelligence) when it comes to event analytics. I am hoping that with a better dashboard, Splunk ITSI (IT Service Intelligence) can build a better UI layer.

I feel like there is a lot more that can be done in the tool, but I don't know if it is going to be a dying product or if Splunk Observability will try to take over some of the core functions of Splunk ITSI (IT Service Intelligence).

I rate the solution a seven out of ten.

Splunk ITSI is used to analyze data and create alerts. This helps us to maintain our security best practices.

Our organization was looking for a security monitoring tool. I use Splunk ITSI as a monitoring and security tool. It helps me to protect data and prevent malware and hackers from accessing my environment. Splunk ITSI can be used to protect our role and infrastructure. It can also provide insights into how and what is helpful within our infrastructure.

Splunk ITSI provides great end-to-end visibility into our network environment. It can identify the exact root cause of an issue without any additional troubleshooting on my part.

Predictive analytics is valuable for preventing incidents before they occur because it allows me to see when the data stopped being indexed, which saves me time from having to investigate.

Splunk ITSI makes it easier to secure our entire infrastructure. Before Splunk ITSI, our environment was chaotic.

Splunk ITSI streamlines our incident management by providing a financial report of all applications in our environment.

Splunk ITSI has helped us reduce alert noise. After configuring ITSI, we set certain parameters based on our alerts. These alerts are the conditions that ITSI uses to automatically reduce noise.

Splunk ITSI helps to reduce our mean time to detect by monitoring key performance indicators such as CPU overload and the percentage of use revenue trend. On average the automation has reduced our mean time to detect by five minutes.

Splunk ITSI significantly reduces our mean time to resolve because most of our time was previously spent troubleshooting. With ITSI, we don't have to troubleshoot at all.

Splunk ITSI can help reduce downtime, but the extent of its effectiveness depends on how it is implemented.

Splunk ITSI has a lot of advantages. There are a lot of different aspects when implementing Splunk ITSI in our environment.

Splunk ITSI helps us secure our environment by allowing us to create automatons that run when alerts are triggered. This automation can pass through the CI/CD pipeline tool, which helps to increase security.

The data recovery has room for improvement.

I have been using Splunk ITSI for three years now.

Splunk ITSI can be deployed on-premises or in the cloud. However, we typically deploy it in the cloud because of the available services. These services do require a lot of permissions.

Splunk ITSI is stable.

Splunk ITSI is scalable.

The quality of support depends on the individual use case and how we configure the solution.

Positive

Splunk ITSI can be installed remotely or manually. The deployment time depends on the operating system being used to deploy the solution into the cloud. Once ITSI is deployed, I can perform a ROM test through the CI/CD pipeline.

Splunk ITSI's visibility into our environment provides good value to our organization.

Splunk ITSI is a pay-per-use service that is priced fairly based on the amount of data we use.

I give Splunk ITSI an eight out of ten.

Splunk ITSI is a cheaper and easier-to-use alternative to APM solutions. Unlike APM solutions, Splunk ITSI also helps with application management, memory management, host log volume, and CPU usage.

Our clients vary in size, with some using small amounts of data and others using terabytes of data within Splunk ITSI.

Splunk ITSI maintenance involves updating the software and ensuring that it is compatible with the applications that it will integrate with.