Splunk Enterprise
Splunk | 6.1.1Linux/Unix, Amazon Linux 2013.09 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
flexible tool
What do you like best about the product?
I mainly liked the ability provided for performing searches
What do you dislike about the product?
overall it was a good tool, but w/data export had some difficulty sharing results
What problems is the product solving and how is that benefiting you?
mainly working with IT systems reliability with this tool
- Leave a Comment |
- Mark review as helpful
Good software but slow
What do you like best about the product?
Graph trending capability of the software
What do you dislike about the product?
slow performance. take too much time to get useful information
What problems is the product solving and how is that benefiting you?
slow when multiple user use the product
Splunk Enterprise Review
What do you like best about the product?
The ability to capture and examine logs from various sources and turn it into normalized event data. I don't have to comb through several raw logs to find what I'm looking for and you can customize it to fit you organizations exact needs.... great benefit.
What do you dislike about the product?
This may be due to lack of knowledge but the ability to integrate directly with CVEs from the NVD. Maybe there's a data pull that exists that I don't know about. But if that was advertised more or perhaps more knowledge about that then I believe that would be beneficial.
What problems is the product solving and how is that benefiting you?
Addressing material weaknesses through implementing an Enterprise wide log solution.
Splunk makes left easy
What do you like best about the product?
The ability to customize and built things the way I need them. I am able to search and filter exactly what I need.
What do you dislike about the product?
Honestly there isn't much I can say that I do not like. Sometimes it can be slow depending on my search criteria but somewhat expected. It can also be a bit expensive.
What problems is the product solving and how is that benefiting you?
All info in one single interface. Saves tons of time.
Recommendations to others considering the product:
Leaving the money aspect of it, it will save the company tons of time. Time is money but if you currently have everything in multiple places, splunk will pay for itself.
Fully featured and performant
What do you like best about the product?
Splunk provides a convenient mechanism for gathering numerous system and software logs. The ability to search historical and real-time logs is a key capability for our monitoring. The custom field extraction and reporting are also a great feature for analysis.
What do you dislike about the product?
Splunk relies on a Perl-based regular expression structure. I can regex just about anything I want in a python regex and routinely am frustrated by Splunk's support of only Perl regex. This translates into a lot of lost time trying to figure out how to get my custom field extract to extract only what I want extracted.
What problems is the product solving and how is that benefiting you?
We see benefits in two key areas.
First, automatic detection and notification of errors in our volumes of logs. With a distributed system churning out logs from numerous components, it is impossible for a human to review those logs, detect anomalies, and correlate errors across them. With the use of Splunk Enterprise, we are able to set up intelligent searches that detect error custom error conditions and generate alerts to our operators for triage.
Second, a significant reduction in effort to perform analysis of software performance and usage. Through adding custom log messages in our software and custom field extraction in Splunk, we are able to generate detailed performance information that can be viewed in real-time or over custom historical periods. Similarly we are able to analyze our logs to determine how our system is being used. These features are critical to our operations and are a huge cost savings in time and effort.
First, automatic detection and notification of errors in our volumes of logs. With a distributed system churning out logs from numerous components, it is impossible for a human to review those logs, detect anomalies, and correlate errors across them. With the use of Splunk Enterprise, we are able to set up intelligent searches that detect error custom error conditions and generate alerts to our operators for triage.
Second, a significant reduction in effort to perform analysis of software performance and usage. Through adding custom log messages in our software and custom field extraction in Splunk, we are able to generate detailed performance information that can be viewed in real-time or over custom historical periods. Similarly we are able to analyze our logs to determine how our system is being used. These features are critical to our operations and are a huge cost savings in time and effort.
Recommendations to others considering the product:
Splunk is an excellent solution for simple to complex systems for log retention and analysis.
Okay for DB monitoring
What do you like best about the product?
The interface is fairly easy to use and you can access your data from anywhere after you log in. It works well when you don't have a ton of data.
What do you dislike about the product?
The query language is not intuitive and can feel difficult to use. Graphing and charting isn't easy to use either, though it seems like it could be a nice feature.
What problems is the product solving and how is that benefiting you?
Real time alerting, application monitoring, feature monitoring
Recommendations to others considering the product:
You have to learn the Splunk query language, or designate at least one or two people on your team to become proficient in it. You will may need to rewrite your logs because Splunk likes to index a specific way.
great tool for drawing out insights from voluminous data!
What do you like best about the product?
ease of use and relatively simple learning curve
What do you dislike about the product?
can be super expensive and the administration of it.
What problems is the product solving and how is that benefiting you?
being able to highlight problem areas in large logs and address them quickly
Great product for organizing and searching large sets of data
What do you like best about the product?
Splunk does a good job of ingesting log data in a variety of formats, without needing to define every field to parse ahead of time. Many modules available to help process common sources
What do you dislike about the product?
Dashboard setup is somewhat limited without aftermarket plugins.
What problems is the product solving and how is that benefiting you?
Combining many different log types into a single searchable repository makes it easy to correlate activity from many sources and gain a fuller understanding of what is going on.
Spunk is a must have for any large corporation
What do you like best about the product?
The query language, speed, and visualizations are truly amazing. Reporting, alerting, and ability to read any log format known to man just makes it that much better. For more advanced and dedicated users, scripting is also available in power shell or python.
What do you dislike about the product?
Not sure there is much to dislike, maybe cost?
What problems is the product solving and how is that benefiting you?
1. It fits our mission which is to grow our advanced analytics capabilities
2. Error prevention and monitoring in real time is huge
2. Error prevention and monitoring in real time is huge
Used everyday for 3 years
What do you like best about the product?
It's extremely fast, and reasonably easy to use. Dashboards can be setup to work in realtime, which is fantastic for tracking live events.
Responsive service and generally updates were good.
Responsive service and generally updates were good.
What do you dislike about the product?
It's not quite fully fledged as a database tool, or our version wasn't anyway. Sub-searches had a 10k limit, so that was occasionally a problem.
What problems is the product solving and how is that benefiting you?
Mainly used to test the product beacons are working properly, and for any live events analysis.
Recommendations to others considering the product:
It's a straightforward front end which should be suitable for most purposes.
showing 371 - 380