Great platform to create dashboard,monitor, analyze big data
What do you like best about the product?
It makes it easy to analyze and search large amount of data especially logs from different applications and the best thing about this tool is that we can create graphs and charts based on the number of errors and number of messages to show it to dev team or higher management
What do you dislike about the product?
I accept it has many best features but in the real time applications generates huge log data hence splunk charges more as more data comes in. And it is challenging for some people to understand all the features and usage of them. It takes more time process as there is huge data in its containers
What problems is the product solving and how is that benefiting you?
Usually searching for some part of data in the huge big data is not easy but we can do that in the splunk containers. Also monitoring the data is easy. Splunk can be integrated with ETL and ESB tools very easily. And it takes care of the report generation based on the log data
Splunk drain for logging and alert
What do you like best about the product?
We can use splunk to store the log and refer in later time and also we can trigger alert when something goes wrong in our application.
What do you dislike about the product?
Need more flexibility in alert trigger and the trigger should not be a timed it should be trigger the alert on the instance of getting the keyword
What problems is the product solving and how is that benefiting you?
Usually logs on pcf will be deleted in 2 hours so we can't see after some time so we used splunk drain to collect and trigger alert if something goes off line which increases the predictability and manageability ad the application
A highly versatile data collection and monitoring tool
What is our primary use case?
We use the monitoring solution. People might ask me to create a new request, maybe for a specific Windows event log, which is how we create a ticket for an incident. Most of the time, this creates a new alert for people. It can be a little complex. We can also create dashboards with some information for other teams. Dashboard alerting is a big part of the work.
Though we use Splunk for monitoring, for me, it is more software that collects lots of data and can then be used for alerting.
We use a custom environment.
What is most valuable?
The best thing about Splunk is you can collect all the data you want, and you can play with the data and do what you want. You can modify the data and collect all the information into one dashboard. It's very cool. In other monitoring software like Zabbix, you can't easily do something like this. With Splunk, it's very easy. You need to understand Splunk's language, but you can do what you want after that. You can correlate your data with CSV files. Splunk can monitor, extract, transform, and load software.
What needs improvement?
Splunk is not an out-of-the-box solution like Micro Focus or Zabbix. You have to create your request to collect the data and add crucial components to the software. You have add-ons created by Splunk or the community but don't have out-of-the-box monitoring items in the software. For example, FETCH CUP with Micro Focus is agentless monitoring, has a lot of out-of-box items, and is easy to use. You will find it difficult to use Splunk initially, which could use improvement. However, I know there is another module from Splunk that focuses on fast and secure monitoring with more out-of-box add-ons, but I haven't used it since when I started using it, it lacked out-of-box items. All the same, Splunk could be more user-friendly for new users.
For how long have I used the solution?
I've worked with the solution for about two years.
What do I think about the stability of the solution?
I rate Splunk's stability a nine out of ten because it's very stable. I don't face issues with projects.
What do I think about the scalability of the solution?
You can scale Splunk. It works with an indexer which indexes search data. If you want more power, you can add more indexers, so I rank Splunk's scalability an eight out of ten.
How was the initial setup?
With all the documentation available, the initial setup is not difficult. If all you want is a stand-alone app in Splunk to handle all the processes, you just need to create a project in the data server, which is easy.
What's my experience with pricing, setup cost, and licensing?
You must buy a license with the on-prem version, usually through an intermediary. In France, it's Accenture. There are cloud solutions where Splunk handles the servers and patching directly, and you just use the solution.
The solution is expensive, so I rate its pricing a four out of ten. Though the solution is expensive, it depends on which company purchases the product.
Which other solutions did I evaluate?
Though I haven't used it, Grafana is also a CM that can collect data.
What other advice do I have?
I didn't create the custom environment we use at my organization. Still, it doesn't seem too difficult to build things because there is a lot of online documentation and videos. You can also get training with Splunk. You have a lot of data to help you when you want to create a new environment.
I rate Splunk Enterprise Platform an eight out of ten. The solution is very powerful, and I like to play with data to do what I want.
Good infrastructure and easy to maintain
What is our primary use case?
We use Splunk Enterprise for data visualization.
We use Splunk administration rather than Splunk development.
We provide support to users so they can access our Splunk application and use it however they want. For example, if they are not able to view some of the logs that are coming from their servers in our Splunk, then we usually check all the logs here that have been missed and forward the ones that were not forwarded.
Also, sometimes they use their access to install some apps. We have Splunk apps and they want us to create an app for their usage. We also need to create these apps in the Splunk application. Sometimes they aren't able to download or upload files into Splunk or other websites. They aren't able to download these reports as PDF files. We usually work on this and try to resolve it as quickly as possible.
How has it helped my organization?
We use Splunk for cyber security. We have a lot of teams who use Splunk for different purposes. The security team uses it to authorize log-ins, so in case something happens, Splunk monitors it. Also, the development team uses it to monitor data while they're creating a new application.
What is most valuable?
In the enterprise platform, all of the clusters and indexes are under our maintenance. If required, we can make changes and see the logs manually by getting into the servers.
What needs improvement?
Things have to be managed manually in Splunk Enterprise, which is not the case in Splunk Cloud, where the client could manage it on their own.
It would be useful if Splunk Enterprise Platform could monitor the application URL, to check whether it's responsive or not.
For how long have I used the solution?
I've been using it for a year and a half.
What do I think about the stability of the solution?
It is completely stable and the infrastructure is good. We have no issues with our Splunk Enterprise Platform.
How are customer service and support?
We contact technical support whenever there's an issue with logs and they work through it with us.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We use both Splunk Cloud and Splunk Enterprise. We might opt for Splunk Cloud in the future since it's less expensive, but we are currently using both.
How was the initial setup?
The deployment takes about a day. I would say that the initial setup is quite a complex thing to do because there are a lot of things that have to be done for clustering all the features and indexing and then forwarding data to the indexes. When it comes to applications, we have to replicate the data. The process takes time. Once everything is done, we still need to monitor the infrastructure constantly.
It is easy to maintain if you are familiar with the deployment model.
Which other solutions did I evaluate?
I have hands-on experience with AWS, Linux, Ansible, and Terraform and with programs like Python, Java, and SQL as well. I also use tools like Catchpoint, Nagios, and Grafana.
What other advice do I have?
I would suggest using Splunk Cloud first, and then Splunk Enterprise because the maintenance and the infrastructure management are easy. I would rate it an eight out of ten.
Best solution for log management
What do you like best about the product?
Splunk seems to hit the perfect balance of out-of-the-box usability and customization. Tools like enterprise security make it easy to adapt for quick use by SecOps, but it also works well for custom inputs and parsing.
What do you dislike about the product?
Seems like a lot of work could be done to clean the data before storing it. Frequently, the raw event isn't needed, and converting the data to json format to remove excess characters could really improve ingestion and searching.
What problems is the product solving and how is that benefiting you?
Splunk is the common source of all logs in the company. It can be used by any team and ensures centralized location of all data that might be needed across departments.
Splunk Enterprise AMI doesn't exists in AWS China Market Place
Dear AWS/Splunk Team,
We have noticed that this Splunk Enterprise AMI doesn't exists in China AWS Market Place, is there any possibility of adding the AMI to CN?
China AWS Market Place: https://awsmarketplace.amazonaws.cn/marketplace
Looking forward for your reply.
splunk
What do you like best about the product?
It help us to get the alert from application which reduce manualy work.Through this alert we were able to understand that something is wrong in application before it is getting worse
What do you dislike about the product?
Nothing to dislike about splunk enterprise.
What problems is the product solving and how is that benefiting you?
It is reducing the manual by giving alerts at the earliest, we were able to resolve things earlier before it got worse so because this performance has improved it will be helpful for organization
An excellent log aggregation and searching tool
What do you like best about the product?
Having all of your logs in one place where you can easily run stats or analysis on them is invaluable. It also allows users access to logs they need without needing access to potentially sensitive systems.
What do you dislike about the product?
It is expensive as well as requiring quite powerful hardware to run (depending on the amount of log data you are ingesting). The trick is it becomes more and more useful the more data you put into it, but also more expensive.
What problems is the product solving and how is that benefiting you?
Splunk solves a number of problems, including distributed access to logging, retiring legacy alerting systems (eg. Swatch), retiring legacy log aggregation systems (eg. syslog-ng), etc.
Best app for managing all servers in one place
What do you like best about the product?
Splunk Platform is one of the applications of Splunk and helps to manage all types of servers on a single platform, which is easy to operate and troubleshoot in case of any issues.
What do you dislike about the product?
nothing I found to dislike about splunk platform
What problems is the product solving and how is that benefiting you?
splunk platform helps to manage all servers on one place is most beneficial thing
Review for Splunk Platform
What do you like best about the product?
In my experience working with the Splunk platform, it is highly regarded for its capabilities in its search and analysis. It allows integration logs from multiple services and analysis of data from various sources. It is not only in Analysis, but It is beneficial to create custom alerts for timely reminders for any crash apps or exceptions to catch. It also provides scalability options to handle the growing data volume managing services. Splunk alerts are handy for any organization for better-handling incidents; It has multiple configuration options like sending notification email, Pagerduty etc.
What do you dislike about the product?
Splunk has various components, and new developers find it hard to understand the configuration and search language(SPL), which can take more time and effort. Splunk search handles large amounts of data. Writing search queries is a little tricky as there are many unknown terminology. It is essential to go through some of the Splunk introductory tutorials.
What problems is the product solving and how is that benefiting you?
Some of the problems it eased out for developers are - It allows quick filtering issues, integrating logs from multiple services, and analyzing data from various sources. It is beneficial to create dashboards that can filter logs promptly, which is very useful for monitoring the performance of apps and finding issues regularly. Alerts are critical for applications to work. Splunk helps create Alerts that can run periodically to inform the teams of any crashes or exceptions that occur and degrade the performance.
