Splunk Enterprise Platform is a powerful application that offers extensive visibility into events, notable occurrences, and correlations, providing robust capabilities.

The valuable feature is the onboarding of various logs using different methods. Additionally, it excels in content development and use case creation. I want to learn about upcoming technologies like Splunk Cloud and Azure integration. These platforms offer extensive capabilities for visualizing and manipulating data according to our requirements. Splunk's proficiency in field extractions and onboarding logs from diverse sources makes it highly capable. Its logging addition and parsing capabilities are particularly noteworthy.

In Splunk Enterprise Platform, while the dashboard feature is powerful, it does have limitations in terms of the number of parameters that can be included in one dashboard. However, it's important to note that these limitations can be addressed through effective dashboard design and optimization techniques. Despite these constraints, Splunk offers extensive capabilities for creating insightful dashboards that can visualize relevant data effectively.

Splunk excels in providing accurate and valuable alerts and reports. These features are crucial in reducing manual efforts, minimizing human errors, and expediting incident resolution processes. With Splunk's alerting and reporting functionalities, users can fine-tune alerts, apply filters, and include necessary information for thorough investigation and analysis. These capabilities contribute significantly to enhancing operational efficiency and decision-making within organizations.

I have been using Splunk Enterprise Platform for five years.

I rate the solution’s stability an eight out of ten.

Scalability is very flexible. Without the Splunk support, we can deploy and scale up.

The responsiveness of the support is very good. They will ask you if you are raising any P2, P1, or major incidents so they'll help us with immediate and accurate results.

The initial setup is straightforward , with detailed deployment steps outlined in their documentation. Additionally, the Splunk community is a valuable resource where users can ask questions and receive expert solutions.

Splunk Enterprise Platform does not have a few application add-ons. Therefore, when we aim to integrate log sources from new or important ones that Splunk lacks add-ons for, we resort to developing custom add-ons. While this approach allows us to proceed with our work, it requires significant human effort and increases the likelihood of errors. Moreover, troubleshooting becomes time-consuming under these circumstances. Ideally, Splunk would offer add-ons for every possible application, significantly improving our efficiency and effectiveness.

The Splunk Enterprise Platform offers excellent visibility through real-time monitoring. Whenever any data matches our client's SQL code, it triggers an immediate alert, allowing us to respond to incidents swiftly. This capability is highly beneficial during any incident, making Splunk an invaluable tool.

There are various components, such as Universal Forwarder, Indexer, and Search Head. These components are relatively straightforward to set up. However, when implementing a distributed environment or setting up clustering, Splunk offers robust capabilities. Additionally, managing data storage sizing is also seamless.

Overall, I rate the solution an eight out of ten.

We use the Splunk Enterprise Platform for logging and monitoring purposes. If users log into different databases and do something, we onboard database logs and other AWS logs to Splunk. Then, we create a dashboard alert report, and based on those dashboard alerts, we monitor users' actions. If they perform suspicious activities, we also send alerts. We use the solution to create dashboard alerts, reports, and some query language.

The most valuable features of the solution are the load balancing technique, the forwarding technique, and SSL certification.

Sometimes, queries don't give proper results, and the indexes go down.

I have been using Splunk Enterprise Platform for seven years.

I rate the solution an eight out of ten for stability.

I rate the solution’s scalability a nine out of ten.

The solution’s technical support is good.

The solution’s initial setup is easy.

I have heard from my managers that Splunk Enterprise Platform is an expensive solution.

The solution has helped us with our security information and event management. If someone performs deletion operations, we get an automated alert informing us that a privileged activity has been performed. We forward the logs in real-time. We are ingesting 10GB of data into the solution daily. We have some input filters in the solution's dashboard.

Overall, I rate the solution an eight out of ten.

I have a variety of use cases. My company uses it for cloud-related operations, anomaly identification, and threat detection.

It's been very useful in regard to security information and threat management (SIEM). Splunk is a valuable tool for my organization.

The timestamp indexing and the easy-to-use visualization features are the most valuable features for data analysis.

Moreover, the dashboard and visualization features have made a big difference. We can quickly identify issues within the dashboards and easily generate insightful reports. If something goes down, we can easily detect the issue.

Splunk's real-time processing capability has been pretty good for my use cases.

There is room for improvement in terms of scalability. They can enhance the ability to handle increasing volumes of data.

I have been using it for four years now.

There have been occasional issues, but nothing major.

I would rate the stability an eight out of ten.

I never had issues with scalability. My organization has 8,000 end users.

I would rate the scalability an eight out of ten.

The customer service and support are good.

In general, the initial setup is fairly easy.

Not everyone can do it. Some knowledge and experience would likely be helpful to get the most out of the setup.

Typically, the deployment would take around 16 to 20 hours.

The pricing is about average.

Overall, I would rate the solution an eight out of ten.

I would recommend using this solution. Overall, Splunk is a good tool for analysis and for representing data in a short span of time. It helps minimize unnecessary noise in the data.

I use the Enterprise platform mainly to monitor infrastructure, applications, and some security logs.

The most valuable feature of Splunk for data analysis is its ability to search using SPL and SQL. With SPL commands, you can analyze both structured and unstructured data and build visualizations, dashboards, and reports. Additionally, Splunk offers alerting mechanisms for proactive monitoring.

There is room for improvement in introducing more AI capabilities onto Splunk Enterprise Platform. While they might exist in other platforms like ITSI, enhancing the Enterprise Platform with AI features would benefit many users who predominantly use it.

I have been using Splunk Enterprise Platform for almost three years.

I would rate the stability of Splunk at around a seven out of ten. While it is generally good, in complex environments, issues may arise due to the increased number of components and dependencies. However, overall, the stability is good.

I would rate Splunk's scalability as a nine out of ten. It is the best log analysis application currently available. Scalability has allowed us to handle increasing volumes of data, enabling us to onboard additional customers and share infrastructure monitoring on the same setup. We have approximately 20 people using Splunk Enterprise Platform in our company.

The technical support team could improve by providing more direct assistance rather than primarily relying on community resources for issue resolution. While they do understand the issues, they often refer to existing communities for solutions instead of directly addressing system-specific concerns. Overall, I would rate the support as a six out of ten.

The initial setup of Splunk Enterprise is relatively complex compared to other monitoring applications in the market. There is a need to focus on simplifying key components and reducing dependencies for a smoother setup process. For a large environment, the deployment of Splunk Enterprise typically takes around three months to set up completely.

Splunk Enterprise Platform is a bit expensive.

I use the Platform to monitor my IT infrastructure. There are apps for Linux and Windows servers that capture performance metrics like CPU and memory usage. These metrics are collected and sent to the blank index through forwarders.

Splunk helps with security information and event management by detecting and monitoring network equipment and firewalls. It saves searches for specific terms, like threats, in firewall logs. When a match is found, it alerts about potential security breaches, helping to detect and address them.

The real-time processing capability in Splunk enhances data monitoring by centrally collecting all data. This allows for easy searching and scheduling of searches, reducing the need for manual intervention.

The dashboard and visualization features in Splunk impact data analysis by providing a clear status of data analysis. Users can create customized views for management, helping them understand what is happening within the infrastructure more effectively.

I would recommend Splunk to others, especially from the CIM perspective. Its data analysis and visualization capabilities are unmatched, making it an excellent choice for SIM.

Overall, I would rate Splunk Enterprise Platform as a nine out of ten.

We use the tool to monitor logs from various sources. Multiple users send their logs to the Splunk Enterprise Platform using different methods, including Universal Forwarder and AWS services like S3. Additionally, we utilize tools like AWS Genesys for log transmission.

The product helps monitor and visualize data. It allows you to handle various tasks. You can store, visualize, and analyze data with the Splunk Enterprise Platform. It offers features like virtual folders and heavy folders for filtering data. Additionally, you can create dashboards to showcase data to different teams and stakeholders. The tool also enables the creation of analytics and alerts and sends reports, making it a valuable tool for our system.

The dashboard and visualization features are good for data analysis. With features like the Studio dashboard introduced in versions 8 to 9, users find it much easier to create dashboards without knowledge of languages like XML.

Based on my experience, I've noticed areas for improvement, particularly in support. Developers typically interact with support personnel who may lack technical expertise when raising support tickets. This can result in delays as initial interactions involve sharing documents before escalation to higher support levels.

I have been using the product for four years.

I rate the tool's stability an eight out of ten.

The tool's scalability is good, and it is based on licensing. My company has more than 10,000 users.

I used Dynatrace before the Splunk Enterprise Platform.

The tool's deployment can be complex for the first time. It can become more manageable after that.

If you exceed your licensed limit, the product will issue a warning, typically a five-license warning. Additionally, they send daily email notifications informing you about the breach. This prompts you to consider options such as minimizing logs or acquiring additional licensing to address the issue.

It can be perceived as expensive, especially for organizations dealing with large volumes of data, such as in the banking sector, where numerous logs are generated every second. While other tools are available at lower costs, some teams may consider open-source or lower-cost alternatives, especially if they have funding constraints.

Regarding security and event management, the tool is handled by a different team. They utilize security enterprise tools, including SIEM, to manage security. Splunk Enterprise Platform's real-time processing capability significantly enhances our data monitoring. I would rate it an eight out of ten.

The solution is used for basically, to monitor various logs, so it is the application logs, some kind we are monitoring databases.

Splunk is providing, like, proactive monitoring using desserts and all. So these things have improved a lot. Like, in our done day to day activities and all. So whenever we are seeing any kind of alerts and also on that basis, we are going to create alert.

For monitoring security data is the most valuable feature.

Currently, I think things are good only. There are certain things which is not which is there in the other platform like UAE, UBA is there. Like, Splunk is having another product itself. But the thing is, like, if that can be incorporated with the Splunk Enterprise three version. So it will be helpful for the users to explore more on that one.

I have been using Splunk Enterprise Platform for five years.

The stability is a nine out of ten meaning the solution is highly stable.

It is a scalable solution. Around thousand plus users are using the solution.

I have been using this Splunk only from my, like, a shorting of the career. During this period, I have been using AppDynamics and NetSync as well.

Normally so for trial version, it is easy. So it depends on how much data you are ingesting. So if you are going for the Flushing environment, so that setup Could be somewhat difficult, but, normally, it will be easy only.

I have seen a Return on Investment.

Costing depends on, like, how much data you are investing. So that will increase your cost.

I will rate the overall solution a nine out of ten.