Splunk Observability Cloud Reviews

Splunk is primarily used for log monitoring, where I collect all my security logs, system logs, and application logs into a centralized place. This helps me customize my monitoring models.

Splunk has provided me with a centralized platform to manage multiple features. Instead of using various products, Splunk offers everything in one solution, which adds value to my organization.

The most valuable feature is the ability to customize dashboards based on my queries or any other customization I may need.

I'm still experiencing some features of the product. However, in future updates, I would like to see more predefined monitoring query solutions, which could be more effective.

I have been using Splunk Synthetic Monitoring for almost five years, primarily focusing on log monitoring.

Overall, the product is stable, and I would rate it an eight out of ten.

For scalability, I would give it a nine out of ten.

Technical support is good but could be improved, particularly concerning the time taken for ticket resolution.

The main reason for choosing Splunk over other products is its comprehensive capabilities and flexible customization options. It is widely used and provides cloud solutions.

The initial setup was quite straightforward, and agent installation can be done quickly. However, the entire setup process might involve multiple people due to organizational policies.

The implementation process involved around five to ten people due to our organization's processes and need for multiple approvals.

Using Splunk has saved my organization about 30% of our budget compared to using multiple different monitoring products.

Splunk is a bit expensive since it charges based on the indexing rate of data. However, considering the features it provides, the pricing is quite affordable compared to other monitoring solutions.

Overall, I would recommend Splunk to anyone seeking a monitoring solution, thanks to its extensive capabilities and features.

I'd rate the solution nine out of ten.

The main purpose of using Splunk APM is to optimize our application. We use Splunk APM primarily to understand how the application works, how it uses resources, and its response time in connection with different infra services. It is mainly used for application optimization and reviewing third-party application dependency response times.

Splunk APM helps us to identify long-running queries and long-running functions or methods, as well as third-party dependencies that are not responding on time. We are easily able to see the error or trace it. A developer can easily find out the issue without having to dig into the application.

We normally do not use the Tag Spotlight functionality, but our developers use this functionality when we are trying to dig into the logs. It helps to search the data that we want to see. It helps to troubleshoot the actual problem and visualize the data. We can see how the error is coming and how many reports are coming.

Splunk APM has helped us to optimize the application performance, find out when third-party services go down, and monitor our application within our SLA. It allows us to minimize our downtime. We can send timely notifications to our users. It mainly helps us to optimize application performance, and secondly, we are able to generate alerts based on the data that we receive from Splunk.

Splunk APM helps us to find errors immediately and resolve them. We are able to find some of the errors within five minutes. It minimizes the time to identify errors. There are about 30% to 40% time savings.

The best feature is the service map that they have. I have used multiple APM solutions such as Datadog and Elastic. They have a service map, but it does not work like Splunk APM. Splunk APM provides a holistic view of the application. Unlike other APMs, Splunk's service map is quite effective.

We suggested they provide an alert based on insert services. We told them that they have all the data, so why not have an alert on the insert service? They took feedback from us and added that feature. That feature helps us identify if any third-party dependent is down.

There is room for improvement in the alerting system, which is complicated and has less documentation available. We sometimes encountered issues in setting up alerts. The custom detector could be more simplified to assist system engineers in setting up alerts with ease.

We tested Splunk APM last year and officially started using it this year. It has been about a year.

Splunk APM is stable. I would rate its stability a nine out of ten, as it delivers on its promises.

We have not had to scale it. Our clients are medium enterprises.

The support is responsive, though it could use some improvement. In the past, we contacted their support about a feature. They did respond to us, but they did not explicitly inform us about the feature's absence. Instead, they directed us to try various resources or articles. They did not have a clear answer. I would rate them a five out of ten for customer service.

Neutral

Before using Splunk APM, I used Elastic APM and Datadog. Splunk APM is better than them. Splunk's service map and support for our existing libraries were significant reasons for the switch. The previous vendor required library updates that we could not accommodate, but Splunk supported our existing setups.

The initial setup of Splunk APM was easy and straightforward. It took around a week.

It appears to be expensive compared to competitors.

Splunk APM is suitable for enterprise solutions, particularly for those deeply involved in technical business. The service map and overall stability make it a robust choice for such needs.

I would rate Splunk APM a nine out of ten.

We use the solution to do a lot of email checking. We also use the tool to monitor different embassies, server IPs and some of the teams.

Splunk Infrastructure Monitoring has helped our organization tremendously. We have onboarded Splunk for the last four years, and we have 30 to 40 contractors who use Splunk daily. The solution has helped not just a small organization like ours but the whole DOS (Department of State).

The solution monitors attacks or unauthorized access to the information we want to protect. There is a dashboard called ISSO that monitors pretty much everything worldwide. We also monitor almost 300 embassies and consulates.

The solution's machine learning deployment is hard and should be made user-friendly. Even if a team doesn't have a data scientist, they should be able to use the machine learning toolkit for monitoring purposes. The solution should include more algorithms and SPL commands that people can use.

I have been using Splunk Infrastructure Monitoring for four months.

We haven’t faced any issues with the solution’s stability.

Splunk Infrastructure Monitoring is highly scalable. We were able to do monitoring and some of the advanced analytics.

I have not contacted Splunk's technical support. We have contacted our account manager for issues, and she's been awesome.

We have different vendors who do deployments, which is different for the government than regular businesses.

We have seen a return on investment with Splunk Infrastructure Monitoring regarding the kind of threats we can identify.

Splunk Infrastructure Monitoring is an expensive solution.

Our organization monitors multiple cloud environments using Splunk Infrastructure Monitoring, which works well. This is the only tool we use, and we aren't considering moving or having additional tools.

It is important for our organization that Splunk Infrastructure Monitoring has end-to-end visibility into our cloud-native environments. Our job is critical and very sensitive, so having end-to-end visibility is really helpful.

Splunk Infrastructure Monitoring has helped reduce our mean time to resolve. Looking at the solution's dashboards has helped tremendously because we don't have to look at the individual index or events.

Our business is different from that of a private organization, and Splunk Infrastructure Monitoring has helped improve our organization's business resilience. The machine learning toolkit allows us to do clustering, and we have a couple of deployments on the clusters. That has helped cluster different events based on their critical or security threats.

We have seen time to value using Splunk Infrastructure Monitoring.

Splunk's unified platform has helped consolidate networking, security, and IT observability tools. We don't have to integrate Splunk with a different tool and worry whether those two will integrate. Having everything in one platform helps us create dashboards, alerts, and monitoring tools in one place.

Overall, I rate the solution an eight or nine out of ten.

We utilize Splunk APM for security purposes, monitoring all transactions within the organization to prevent potential attacks. Additionally, we leverage Splunk APM to analyze application logs, gaining insights into application behaviour and facilitating a reduction in Mean Time To Resolution should any issues arise in the production environment.

OpenTelemetry provides more accurate information about an application by combining views from the customer perspective, infrastructure metrics, and application-specific data. This holistic view enables full telemetry observability, allowing us to analyze and strategize effectively for our company or clients.

Once configured correctly, the analysis reporting the Splunk APM provides is better than that of the other APM tools. Once the correct fields are defined, we can create different report dashboards.

Splunk isn't an ideal tool for application performance management due to the extensive setup required. It necessitates various configurations to gather diverse information from applications, networks, or other sources. Creating the right tables and defining the appropriate fields to extract comprehensive data involves a significant amount of setup within the tool. Managing this process can be quite challenging. However, once configured, the collected information is invaluable, although not easily manageable.

Splunk falls short compared to other APM tools such as AppDynamics or Datadog. It does not collect online information in real time and relies heavily on log files. Unlike Datadog, which collects real-time application behaviour data like CPU, memory, load, and response time, Splunk requires additional configuration to obtain similar information. This makes using Splunk for APM purposes significantly more difficult compared to the automatic data collection capabilities of AppDynamics or Datadog.

I have been using Splunk APM for more than a decade.

Splunk APM lacks scalability, requiring the administrator to constantly monitor or create specific alerts to ensure sufficient disk space, CPU, and memory for data collection and transaction processing. This results in a tool that is challenging to manage and costly to maintain.

Splunk support is responsive and provides quick resolutions when tickets are opened. Their service has left a positive impression on me.

Positive

The initial deployment is complex, requiring the definition of the switch, storage, correct host, and working with certification. This necessitates at least one expensive specialist, costing approximately $5,000 per month to hire and work with our team.

Splunk APM is expensive. Even before we begin, we need substantial infrastructure investment to collect comprehensive logs. For example, to gather log data, we must create specific tables in Splunk, starting at 50 gigabytes. In a cloud environment, this storage requirement becomes very costly.

I would rate Splunk APM six out of ten.

Cisco recently acquired Splunk, and its roadmap for the coming year includes incorporating aspects of Splunk into AppDynamics. Cisco's intention behind combining these two tools is to showcase its commitment to open telemetry and comprehensive observability to the market and its customers.

Splunk Infrastructure Monitoring helps identify bottlenecks within the network domain, including issues related to server databases, application response times, and code. These problems can be resolved by our customers promptly.

It is easy to use. It offers a unique dashboard reporting tool called Ollie. Ollie is essentially an observability tool, and it's also referred to simply as "Ollie" for brevity. It's important to note that this product is agent-based only.

Splunk Infrastructure Monitoring helps improve the efficiency and performance of applications by up to 70 percent.

It has helped reduce our mean time to detect. It has helped to reduce our mean time to resolve by around 50 percent.

Splunk helps us focus on business-critical initiatives.

It integrates well with multiple sets of products.

The vibrant dashboards are valuable.

The main drawback of Splunk for network monitoring is its limited agent deployment. Splunk excels at collecting data from servers and databases where agents can be installed. However, it cannot directly monitor network devices, unlike Broadcom.

Broadcom offers Spectrum and Performance Management tools that primarily work on SNMP to collect data from network devices. Splunk doesn't have a directly comparable functionality for network devices.

While Splunk offers a wider range of data collection, including metrics, logs, and more, it can be more expensive. Splunk's licensing model is based on data volume (terabytes) rather than the number of devices. This can be costlier compared to Broadcom or similar tools, which often use device-based licensing.

The end-to-end visibility is lacking because Splunk cannot directly monitor network devices.

Broadcom provides a topology-based root cause analysis that is not available with Splunk.

I have been using Splunk Infrastructure Monitoring for 10 years. 

Splunk Infrastructure Monitoring is stable. 

Splunk deployment is simplified because it is cloud-based. The deployment takes no more than 15 days to complete.

Splunk's infrastructure monitoring costs can be high because our billing is based on data volume measured in terabytes, rather than the number of devices being monitored.

Replacing legacy systems with Splunk could cost up to $200,000.

I would rate Splunk Infrastructure Monitoring 7 out of 10.

The decision to move from another infrastructure monitoring solution to Splunk should be based on a customer's specific needs. While Splunk offers visually appealing dashboards and access to a wider range of data compared to Broadcom products, pricing can be a significant factor, especially in the Indian market.

Deploying Splunk for a customer can involve higher upfront infrastructure costs. This is because implementing Splunk effectively often requires writing custom queries to filter data and optimize license usage. While this approach minimizes licensing costs, it can be labor-intensive.

My main use cases for Splunk Observability Cloud include Application Performance Monitoring, Real User Monitoring, and Synthetic Monitoring.

Splunk Observability Cloud has proven to be beneficial for our organization. In evaluating its effectiveness in improving digital resilience within my organization, I have experienced lower costs of unplanned digital downtime.

The solution has helped improve operational performance and company resilience.

Splunk Observability Cloud can be optimized to its full potential. 

I have been using Splunk Observability Cloud since this year.

The stability and reliability of Splunk Observability Cloud has been satisfactory. Customer service and technical support have been evaluated positively.

Splunk Observability Cloud scales effectively with the growing needs of my organization.

Positive

I have always used Splunk products.

My experience with the pricing, setup costs, and licensing has shown a return on investment with Splunk Observability Cloud.

I would recommend organizations to consider implementing Splunk Observability Cloud. 

On a scale of one to 10, I would rate Splunk Observability Cloud overall as nine.

We use Splunk to monitor some devices in the company. We have several cloud groups for monitoring the energy companies in the state. The stack has several devices to monitor if you have a problem. There is a mixture of solutions.

The solution monitors the system in real-time. We can find the resources and investigate security incidents. Splunk and another solution, AppDynamics, monitor several devices.

We integrate Splunk with a data collection solution, and it plugs in the users to collect data at several points in the network and infrastructure. The data is indexed in Splunk, which can be visualized in different dashboards. Monitoring for fraud is critical for the company because you have to resolve many problems in the infrastructure with federal information in the dashboard. 

The company has many systems that the customer pays to access. Splunk APM issued via AppDynamics helps find problems in the feed. It reduces the risk of supervising all the devices. I can supervise the flow and simulate the conditions of the repository across several dashboards to show what's happening at the moment.

The dashboards are used mainly to visualize information about the infrastructure, but it isn't easy to construct or use the dashboards. While we tried to resolve the issue by calling support, it would be easier if they had an AI co-pilot to identify the problem and help you solve it. 

I have been using Splunk APM.

Splunk APM isn't easy to scale because you have to follow the steps and implement best practices, which can be a little awkward.

I rate Splunk support 10 out of 10. We had good documentation, and the support team at Splunk has a lot of experience with code and the tool. 

Positive

I haven't had any problems deploying Splunk. When I installed Splunk for the first time, I thought the product line was complex because I had to build the solution. After working on it for a while, it has become easier to do the solution next time.

Splunk APM is a crucial tool because it controls all the systems and solves a lot of problems.

I rate Splunk APM 8.5 out of 10. It's an excellent solution.

I have the logs of my applications, and they're usually a bit volatile. The log switch doesn't stay there on the application for a long time, so Splunk can require that. It can take 15 days for the logs to be available to do some kind of research. I'm using Splunk to ingest application logs, create dashboards, and set up alerts. 

The biggest benefit of Splunk is that we can retain logs and correlate the data. Telemetry data has a huge impact because it's much easier to see everything. 

Splunk has significantly reduced our mean resolution time. The workflow at my company involves application microservices applications running on the cloud. These logs are highly volatile, so they're only retained for three to five minutes, and we had to reproduce an issue to trace why it failed. That meant we had to do everything again to capture the log at the moment.  Now, we have the data to analyze one or two hours.

Splunk's dashboards are great. The solution provides end-to-end visibility across my environment. Visualizing large amounts of data is easier because we can correlate the data from any target source. 

The licensing model is expensive. We need to monitor the amount of data ingested because the cost is based on the data collected. 

I have used Splunk APM for three years now.

We have instances for production and development. I've never seen the production instance go down. Our development instance has gone down, but that's expected. 

I used tools like Elasticsearch, which is similar to Splunk. I've also used other observability tools like Grafana and Dynatrace, but they have different features.

I rate Splunk APM 10 out of 10.