Splunk Enterprise Reviews

The most useful thing about Splunk is the ease of integration with application. With uipath on-premises it was very much helpful as the business users can monitor the actions of robots through spluink without entering into uipath orchestrator

Expression creation for indexing was bit hard as it is not user-friendly to business users if they wanted to create any new fields, also the forwarder was not able to directly connect with uipath cloud so that the logs has to be shifted to intermediate file before uploading into splunk, but that seems not an issue with splunk but more related to uipath cloud

The versatility is amazing. The same data in logs, such as IIS, can be used for Security, Application performance, and even error handling. This allows us to use one log to help multiple teams. This is just one example.

Start up takes someone who has had some training. While searching and output is easy, its the onboarding of custom apps that takes the know how.

Splunk offers a lot of ways to connect with multiple data providers and sources to populate the reports and dashboards you need to show your business performance or data.

Customer support was a little slow. Requires a little knowledge of how to construct queries.

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

I really like the platform, the data collection is ideal and the reports are detailed, it is the most appropriate SIEM service to monitor our IT infrastructure, it is an ideal software to take preventive measures, it is easy to customize the dashboards, the monitoring is constant and it gives us security in real time, the alerts are accurate and it helps us understand what is happening and fix it before it becomes serious.

It is a somewhat expensive service but with more powerful features than other free SIEM systems, and it is a bit complex to set up and use for inexperienced users, so a lot of help should be sought from experienced staff and support team at first.

We are using Splunk for log monitoring . It is integrated with Kubernetes and pivot cloud via data bus. By Splunk we get Realtime log application. It provides best visualization of data generated by system. Splunk also provide option to filter data based on data range and time. We can configure email alert for specific issue. Splunk also provide ML model for data. Splunk use simple query to get data ,everyone can easily learn Splunk query.

I haven't found any issue yet the only problem with Splunk I have that log in Splunk is scattered . We need to build good query or better logging mechanism at application side.

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge.
The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it
It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

Through its robust log analysis and ability to collect data from different sources, we can easily perform analysis on various data and predict any future operational hazards. Splunk enterprise efficiently monitors our log activities and and gives results to any queries at faster speed than most SIEM tools.

The searches can be complex at times and the messages on query errors aren't always specific.

Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn.
Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process.
Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it.

There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does.
Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.

Splunk Enterprise is best tool to analyze the data based on different visualization. It help us to lookup distributed logs for micro-services . It enables field based lookup. For complex logging, we can use search query using expression. We can create multiple reports/charts for visualization such as a pie or bar chart for our data. Best feature what i like , We can visualize our search results and share them with others using dashboard panels. If Already have a dashboard, we can add a new panel from a report, clone from another dashboard, or add a prebuilt panel. Fully customization available. Interfaces is very flexible. We export it in different formats, or refresh it to visualize the newest data. Online Support is available through different community.

Search query builder is fully based on technical. for Non technical users, its really difficult to lookup logs. Sometimes, error thrown by query builder is more difficult to understand. Deep Learning is required to use splunk for production data. For Large application installation, it need to manage more.