What do you like most about Splunk?

It is the best tool if you have a complex environment or if data ingestion is too huge.

Splunk works based on parsing log files.

It's better than IBM, in my opinion, because it's an independent entity.

Splunk is stable, and this is why many customers want it.

You can use it to gather syslog messages from anything.

The product is good, it satisfies our customers.

Great platform with user-friendly interface and GUI.

The Splunk user community and forum are most valuable.

The ability to ingest different log types from many different products in our environment is most valuable.

One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us.

The most valuable features are how stable and easy to use Splunk is.

The additional vendors we've brought on board, particularly the elastic, have been quite beneficial.

The reporting aspect is good and it does what I need it to do.

The solution is very fast and succinct.

We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job.

The log aggregation is great.

The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening.

Easy to deploy and simple to use.

The most valuable features of the solution are it is straightforward to use and the documentation is good for finding out how to get the data you are looking for.

I have found the installation can be of medium difficulty to very complex depending on the use case.

Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful.

There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive.

The integration is seamless with many devices and operating systems.

Its integration is most valuable. Its UI is also pretty much easy.

It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool.

It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want.

Its compatibility with other SIEMS is very useful.

The solution has plenty of features that are good.

What I really like is that even if you have already collected the data, you can extract fields and can build searches.

The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data.

The initial setup is pretty straightforward.

Good for log collection and log management.

The correlation capabilities are the first value that our clients say they like with Splunk.

The most valuable feature is that it's very good for log aggregation.

The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature.

The most valuable feature is the log aggregation, being able to scan through all of the logs.

Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data.

Splunk is a user-friendly solution.

The logs on the solution are excellent.

This is a straightforward solution, easy to configure.

The flexibility of the solution is quite good.

It's the completeness of the solution that we like the most.

The most valuable aspect of the solution is the dashboard. It's very intuitive.

The completeness of the solution is what we like the most.

The initial setup is really straightforward. It's one of the easiest installations.

It helps us uncover bottlenecks in the network.

The most valuable feature of Splunk is the log monitoring.

It can log more logs than other solutions. It's a good way to troubleshoot problems.

We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company.

It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make.

It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull on the reports very easily, take action, and notify stakeholders.

The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers.

The search function for spam is like a google search. You just enter and it will quickly show you the results.

It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature.

The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports.

It has a big user base, so the community is useful.

The client site login is pretty extensible and probably cost-effective.

It is very simple to tweak or write a small piece of glue code to go ahead and create a new dashboard for a business unit to make near real-time decisions to focus more on other geographies when launching the product.

It provides logs in one place, so they are easy to find. It collects the logs from multiple places, then you have just one place where you see the whole flow from the front-end to the back-end.

Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc.

We have a one stop dashboard for health of some of our services where you can click in and it takes you to other dashboards that have custom near real-time metrics that show the application's health.

The technical support has been very good. They are very responsive and have been helpful.

It has helped us look at modern technology, as well as penetrate our legacy systems, to see where the bottlenecks are.

It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues.

The stock analysts and security people use one single dashboard (one single location) to check our logs.

In the past we used the different application to collect logs. We used SurfWatch and VMware to do so. But, we found that the Splunk has more capacity to do more in less time. They provide a aster speed to index all the events , and this is a huge asset.

This solution helps us increase our productivity.

It has virtual visualization, and other products do not.

It gives us the liberty to do more in terms of use cases.

Positive features include replication capabilities, software development kits, and the architecture.

It is a one stop shop as a full monitoring and alerting solution for operations and application analysis for most of our back-end systems.

Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats.

We can ingest and correlate data from virtually any type of system.

Splunk has significantly helped with aggregation and correlation of critical logs. Not having to grep on each individual server has made everyone more efficient.

Splunk has facilitated the correlation of information security logs to look for incidents which could cause damage to the company's infrastructure, as well as financial losses from leaks.

We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations.

The ability to ingest any data and display it in a way that anyone can understand.

Visualizations helped the organisation with a better understanding of its KPIs.

It is easy to use in any environment.

It has a rapid response search environment in the event of an incident.

Splunk allows us to find insights that we were not able to with traditional BI tools using ETL​. It allows us to dig into raw events.

The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data.

Low barrier to start searching with the ability to normalize data on the fly.

We can do things in minutes instead of days.

Support is quick and competent.

Visualizations are the best way to understand deviation techniques from the norm.

With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM

Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations.

I like the ease with which dashboards can be created.

My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports.

It allows for transparency into IT metrics for insightful business analytics.

It helped us consolidate all our solutions into an easy tool to use for various employees.

The ability to quickly search logs, performance data, and other inputs has helped tremendously with troubleshooting.

We are much faster finding and addressing issues with Splunk.

Speeds up root cause analysis and can help identify issues that your organization never realized were occurring.

Integrity with many vendors: This simplifies the implementation and integration with different devices

Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses.

The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time.