We use the solution to manage a large volume of data from our servers for the project I'm currently working on. Since we don't need all the data, we filter out and extract the specific information required for our applications. Depending on our needs, we use it to filter, investigate, and analyze log data for any errors or requirements.

The most valuable feature I've found in the Splunk Enterprise Platform is its log readability and filtering capabilities. The filters on the left side are particularly useful, allowing me to quickly narrow down the data to what's relevant for any application or server service. The interesting fields feature helps me get the values I need most of the time.

Additionally, the dashboard and report creation aspects are excellent, especially for automation. Integrating Splunk Enterprise Platform with Power Automate and other automation tools allows me to create precise reports that keep my team updated. The tool is not difficult for a beginner to learn.

Splunk Enterprise Platform could improve in the area of basic log readability. When performing basic searches without advanced filters, the logs often contain timestamps and various unknown codes or other elements that can be confusing. Removing or simplifying these parts would make it easier for users who are not developers or do not have a development background to understand and find relevant information easily.

If I could add a feature to the Splunk Enterprise Platform to make my life easier, I'd like to add an internal automation tool. We can use third-party automation tools like Power Automate, but it would be better if Splunk Enterprise Platform had its built-in tool.

This tool could automate reports and make sending emails with Excel attachments or other formats to specific people easier. We're currently using third-party tools for this, but having it as a first-party feature would be better.

I have been using the product for more than two years.

I haven't found any bugs while working with the application.

My company has more than 100 product users.

I haven't contacted the support team yet. I get information from my seniors and leads.

Before using the Splunk Enterprise Platform, basic knowledge of log analytics tools like Logstash is beneficial. While it does not require specific prerequisites, having some background knowledge will help. Remember that Splunk is a paid service, unlike other log analytics tools like ELK Stack, which may offer free versions.

I rate the overall solution a nine out of ten.

We use Splunk to create dashboards and do analysis.

Splunk can be used primarily to port log files, allowing for easy and quick management of large amounts of logs. However, this can also be a drawback due to the configuration, parsing, and dashboard creation limitations. Communication is stream-based, which means you need to do a lot of pre-emptive setup to get a nice export. Another issue with Splunk is its streamlined nature; it reruns the query whenever you refresh a dashboard. This becomes problematic if you have a large volume of log files, as it can be slow, resource-intensive, and require significant storage space.

It is designed to process and analyze log files. You feed log files into the platform, automatically extracting different fields. This allows you to filter and manipulate the data in a stream-based manner. Essentially, you pass a log file through various filters sequentially, enhancing or reducing its size by adding or removing information. However, this stream-based approach can make it challenging to create detailed dashboards easily. The platform primarily focuses on log files and is unsuitable for real-time data analysis.

I have been using Splunk Enterprise Platform for one or two years.

The product is stable.

I rate the solution’s stability a six out of ten.

It can be very slow if you have a lot of data, and scaling it up for better performance can be quite expensive.

A thousand users use this solution. We have many systems and a lot of data.
It is centrally deployed and used extensively across various systems. I use it daily, but sometimes I only use it once a month. It depends on the data I need or the issue I'm investigating.

I rate the solution’s scalability a four out of ten.

The initial setup is straightforward.

I wouldn't recommend Splunk Enterprise Platform because it's slow and has significant limitations.

Overall, I rate the solution a six out of ten.

We use the solution for patching.

It's not just one feature I like the most. Every person wants to collect and rate logs, and I value how the Splunk Enterprise Platform handles this.The most valuable part for us is setting up the alerts and reports to manage the logs and log metrics. We use it to support every tool across the entire bank.We are the ones who manage all the data, and if there's any issue, everything depends on the Splunk Enterprise Platform.

The tool uses upgraded rules restricting access to specific people, ensuring that only certain individuals can edit. Everyone else has read-only access. Splunk Enterprise Platform's dashboard and visualization features are good. These features are some of the best parts of the software because you can customize the dashboard however you need. The user interface is perfect and keeps getting better with new updates. It's very user-friendly, allowing everyone to create their dashboards easily.

The Splunk Enterprise Platform has room for improvement, particularly in automating the permissions process during app promotions. Currently, permissions are manually set when different teams request an application move to production, which is time-consuming. Automating this process would streamline operations by automatically assigning the appropriate permissions and roles to specific services or teams, reducing the need to review each request ticket manually.

I have been using the tool for one year and five months.

I would rate the tool's stability as ten out of ten. It provides outstanding security and is also very user-friendly.

We have encountered issues with scaling up and handling increasing data volumes, but we address them according to customer requirements. As for scalability, I would rate it a nine out of ten.

The solution's support uses a ticketing system to address dashboards, alerts, reports, etc. If server issues or alerts are triggered, they respond by raising a ticket. They investigate the problem by checking logs and assessing any impact on disk storage.

I handle smaller support tasks myself but escalate them to my head for high-priority issues.

My company's senior SMEs help with the deployment process.

The solution's pricing increases with the amount of data used. This pricing model is acceptable because it aligns with the security features provided. It ensures that the price reflects the level of security and the amount of data we're managing.

Currently, we are on-prem. However, we have started cloud migration in the last few months. I rate the overall solution a ten out of ten. In daily life, every IT company should use it to monitor its logs. It is an emerging tool.

We use the solution to monitor, alert, report, and analyze.

In identity and asset management, Splunk will detect any vulnerabilities , or if any upgrade patching is improperly done, it will send an alert to the specific admin team, indicating the need to patch their servers.

The feature of Splunk Enterprise Platform is its comprehensive capabilities, consolidating various functionalities into a single tool. It excels in searching, reporting, and learning. Additionally, it offers automation and integration features for generating reports at specified business times. One prominent feature widely utilized by companies is enterprise security, crucial for cybersecurity purposes.

The solution could enhance automation capabilities. Currently, the process involves daily manual checks for potential issues, maintenance tasks, and planning for automation. Rather than relying solely on daily activities, there's a need to implement automation solutions for streamlined operations.

The main issue with the Splunk Enterprise Platform is its licensing cost, which can be high for small companies. Many businesses are migrating from Splunk to alternative tools. If Splunk were to lower its licensing fees or offer discounts, it would likely retain more customers.

I have been using Splunk Enterprise Platform for seven years. We are using 9.0.1.2 of the solution.

The solution is stable. There is no impact. I can rate it a nine out of ten.

When increasing your volume of data, high availability is crucial. With Splunk's robust clustering and enrollment features, data availability remains constant. If one site experiences downtime, the other will seamlessly take over, ensuring continuous data availability without any loss or impact.

10,000 users are using this solution.

As part of our operations focus, we often encounter numerous ticketed issues. Our team is dedicated to addressing these concerns and ensuring the best possible service for our customers.

Deployment typically takes just a fraction of an hour or two hours. Implementation can be completed within a single day, often within 24 hours.

Splunk Enterprise Platform allows customized data processing, making it highly versatile and easy to maintain. It seamlessly handles tasks like data masking and filtering, ensuring efficient data management.

When it comes to the visualization on the dashboard within the Splunk Enterprise Platform, we do have the chart available, and all its features are included. Additionally, if you require customization for a new customer's preferences, we can implement it using HTML or XML code. The primary approach for developing dashboards is based on XML. Therefore, if you need specific features like radio buttons or checkboxes, they are readily available for inclusion in the dashboards.

I recommend the solution.

Overall, I rate the solution a nine out of ten.

We use Splunk for onboarding updates, dashboards, application monitoring, and insights.

We are using it for event management. We don't have that much exposure on the security side.

It is very easy to use logs and create dashboards. You can define extractions for specific exceptions. Splunk can extract historical data and process upcoming data in real-time. You can easily modify, update, or edit extraction rules as needed. Additionally, you can create custom knowledge objects at any time. The platform allows you to restrict user access based on permissions. Even regular users can create reports and dashboards for their workflows.

Splunk Enterprise Platform needs some improvement. For instance, the dashboard sizing and customization options could be enhanced. There seems to be a limitation in adjusting the size of individual panels within a dashboard. This can be frustrating when comparing data across different panels, as users are forced to scroll continuously. Additionally, while Splunk offers some new features like student dashboards, modifying these dashboards requires a level of JavaScript expertise that not all users possess. Providing more user-friendly options for customization, such as adjusting colors and fonts directly from the user interface, could greatly improve the user experience.

Moreover, for users transitioning from other monitoring tools like Dynatrace, the interface may feel less intuitive and more cumbersome. Offering more intuitive visualization options and simplifying the customization process could bridge this gap and make Splunk more accessible to a wider range of users.

I have been using Splunk Enterprise Platform for seven years. We are using V9.0.4.1 of the solution.

The product is stable. I rate the solution’s stability a nine out of ten.

I've encountered numerous issues and challenges, but I've managed to overcome them. I rely on the Splunk community to find solutions whenever I face difficulties. I want to fully engage with the platform and be active in its development, but sometimes, I struggle to find the right resources or support.

The initial setup is easy.

Splunk Enterprise Platform can seem a bit costly compared to their five-year plans. There's a need to provide options, such as offering a free license for up to ten GB of data or a limited-time test and development license at no cost. For instance, if a company purchases a one-year product license, it could receive additional test and development licenses for free, up to a certain data limit. While there would naturally be some restrictions, such as limitations on certain features or functionalities, offering these options could encourage more people to adopt Splunk for their needs. Many individuals and stakeholders hesitate due to Splunk's perceived high costs when considering the additional expenses for enterprise support, operational support, and device licenses. Introducing more flexible licensing options could alleviate these concerns and attract more users to the platform, benefiting both Splunk and its customers.

Our experience with the Splunk Enterprise Platform has been positive regarding administration and development. However, there are some concerns regarding visualization. Despite our team's proficiency in activating and completing tasks, the dashboard's complexity has decreased user satisfaction. Many users find the visualization lacking when viewing multiple panels simultaneously. They express difficulty in navigating the UI and feel uncomfortable with it. Addressing these concerns would enhance the overall user experience from end to end.

Overall, I rate the solution a nine out of ten.