My company uses Splunk Enterprise Platform for monitoring and user base filtering.

The most valuable feature of the solution is the analytics part. Integration with other applications is another valuable feature of Splunk Enterprise Platform.

Splunk Enterprise Platform is already a refined product, so I don't have any recommendations related to areas that need improvement.

The cost of Splunk Enterprise Platform is an area of concern where improvements can be made by bringing down the costs. Product-related, I don't have any feedback.

The support offered by Splunk Enterprise Platform has certain shortcomings that need improvement.

I have been using Splunk Enterprise Platform for a few weeks since it was recently deployed in my company. I use the solution's latest version. My company operates as a service provider of the solution.

The product's stability is good. Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a nine out of ten.

Around 5,000 people use the solution. Around 10 to 15 analysts use Splunk Enterprise Platform in my company.

The solution is used on a regular and daily basis in my company.

I am moderately satisfied with the solution's technical support. I rate the technical support an eight out of ten.

Positive

Splunk Enterprise Platform was easy to implement. I rate the product's implementation phase an eight out of ten, where one is difficult, and ten is easy.

The solution is deployed on an on-premises model.

The solution's deployment phase was carried out over a period of one or two months.

I rate the product's pricing a ten on a scale of one to ten, where one is cheap, and ten is expensive. It is a very pricey tool.

I would recommend the product to those who plan to use it, provided the pricing of the solution is brought down.

I rate the overall product an eight out of ten.

We have around 38 virtual machines, including the desktop. We have filled our gap network. Splunk Enterprise monitors all network layer traffic, starting with Cisco traffic port violations. We are monitoring Windows logs, CPU, RAM, and disk utilization in Windows.

Splunk Enterprise is a wireless enterprise application that can be customized based on training. We can add new machines, Spring Forwarders, and whatever else we need to complete the job.

We have an enterprise system that we can only use up to 70% capacity. We have no Internet access. To ensure our system runs optimally, we must configure specific rules, such as RAM, CPU, and space utilization alerts. Also, it is tough for us to reach out to Splunk. We have another software called Nessus, which can be used for vulnerability scans to improve and expand our vulnerability management capabilities. We can add a vulnerability management tool and back network traffic monitoring. This would allow us to add everything into a single platform since we currently use multiple applications for eight solutions.

I have been using Splunk Enterprise Platform since 2020. We are using the latest version of the solution.

The product is stable.

We have 43 users using this platform.

The initial setup is easy. We manage the installation of Splunk Enterprise Platform. On the first installation day, there are extensive procedures from Splunk and Honeywell. They are explaining how to install the software using Honeywell automation. They have provided a lot of documentation, but it is incomplete. It takes them two days to complete the installation, and then they train us for another week.

We are using 11GB per day. Since I did all the analysis to determine how much we are consuming, we are currently utilizing around 5GB out of 11 GB. Therefore, we can reduce our usage from 11GB/day to 5GB/day. We reached out to Splunk, and they confirmed that this is possible. They also mentioned that there are commercial benefits to signing a longer-term contract. We are currently working on reducing our usage from 11GB/day to 5GB/day.

We have annual automation for our automated building and availability building. The maintenance is easy. We will do a vulnerability scan. Then, we need to ask someone from the Splunk team to confirm that upgrading to this version of Windows or applying monthly or weekly patches will not impact the Splunk application. It's not easy or feasible to reach out to Splunk directly. Splunk is an enterprise software platform that monitors storage, CPU, RAM, Windows logs, and Cisco network logs on large machine setups. I suggest Splunk to anyone with these needs. Overall, I rate the solution an eight out of ten.

I use the platform to collect data and report to the clients that need reporting from Splunk. I work on gathering big data from all over my company and exporting it into proper reports.

What I find the most valuable about the platform is its DB Connect and its versatility in general. I also like its adaptability to any use case when it comes to collecting and analyzing data.

It is hard to say in what areas the platform could be improved since it's very versatile and applies to many use cases. It already has the functioning vetted into the core architecture of the product. In my opinion, there is no need for additional features because it already has many, and I haven't used them all.

I've been using Splunk Enterprise Platform for two and a half years. I am a Splunk software architect and Splunk is the only platform I use.

It's a very stable platform. A ten out of ten.

The scalability of Splunk is ten out of ten. It's one of the best platforms on the market. Approximately 1,000-2,000 people use the platform at our company, but only two people are needed to maintain it and I'm one of them. Everything is automated and it is very easy to manage 2,000 users on my own.

I would compare Splunk Phantom with RSA NetWitness and Elasticsearch. All three solutions give the same output but in a different way. They analyze data in different ways. Each product has its scalability, versatility, and appliances in the current business needs of the company that uses it.

The initial setup is very easy. At our company, we deployed Splunk ourselves because we are a team of Splunk architects and we have done it before.

The platform is too expensive for small businesses. If you choose the free plan, it only has 15 GB of data per day, and it may not be enough to run a small business. You need to pay a subscription based on data ingestion, and that's very expensive. Splunk should focus more on delivering something for small businesses and entrepreneurs. I give the pricing a three or four out of ten. Although the product is pricey, it's truly magnificent.

Overall, I give Splunk a nine out of ten and not a solid ten just because there are new updates every day and we don't know exactly what we need to search for since it's not that viewable. 

The product comes with a faster installation and response time. When I search something on the log, they give the result in a few seconds. Even if I didn’t have EDR, I can investigate rules in Splunk.

The solution is only meant for big companies.

I have been using the Splunk Enterprise Platform for three years. 

I rate the solution’s stability a ten out of ten.

We have around ten people working with the solution.

I rate the solution’s scalability a ten out of ten.

I didn’t contacted the customer support. Spunk has a website and community which has everything you need.

The initial setup is easy. For deployment, I created a Splunk demo on my computer and on a POC environment. I ran the demo for 10 clients on 10 machines, and it took about 20 minutes.

Spunk is used by big companies like with 2000 clients. 

I rate the solution’s pricing one out of ten.

There are around ten engineer required for troubleshooting of the solution.

I recommend the solution to other organisation since it is very responsive.

Overall, I rate the solution a ten out of ten.

We use the monitoring solution. People might ask me to create a new request, maybe for a specific Windows event log, which is how we create a ticket for an incident. Most of the time, this creates a new alert for people. It can be a little complex. We can also create dashboards with some information for other teams. Dashboard alerting is a big part of the work.

Though we use Splunk for monitoring, for me, it is more software that collects lots of data and can then be used for alerting.

We use a custom environment.

The best thing about Splunk is you can collect all the data you want, and you can play with the data and do what you want. You can modify the data and collect all the information into one dashboard. It's very cool. In other monitoring software like Zabbix, you can't easily do something like this. With Splunk, it's very easy. You need to understand Splunk's language, but you can do what you want after that. You can correlate your data with CSV files. Splunk can monitor, extract, transform, and load software.

Splunk is not an out-of-the-box solution like Micro Focus or Zabbix. You have to create your request to collect the data and add crucial components to the software. You have add-ons created by Splunk or the community but don't have out-of-the-box monitoring items in the software. For example, FETCH CUP with Micro Focus is agentless monitoring, has a lot of out-of-box items, and is easy to use. You will find it difficult to use Splunk initially, which could use improvement. However, I know there is another module from Splunk that focuses on fast and secure monitoring with more out-of-box add-ons, but I haven't used it since when I started using it, it lacked out-of-box items. All the same, Splunk could be more user-friendly for new users.

I've worked with the solution for about two years.

I rate Splunk's stability a nine out of ten because it's very stable. I don't face issues with projects.

You can scale Splunk. It works with an indexer which indexes search data. If you want more power, you can add more indexers, so I rank Splunk's scalability an eight out of ten.

With all the documentation available, the initial setup is not difficult. If all you want is a stand-alone app in Splunk to handle all the processes, you just need to create a project in the data server, which is easy.

You must buy a license with the on-prem version, usually through an intermediary. In France, it's Accenture. There are cloud solutions where Splunk handles the servers and patching directly, and you just use the solution.

The solution is expensive, so I rate its pricing a four out of ten. Though the solution is expensive, it depends on which company purchases the product.

Though I haven't used it, Grafana is also a CM that can collect data.

I didn't create the custom environment we use at my organization. Still, it doesn't seem too difficult to build things because there is a lot of online documentation and videos. You can also get training with Splunk. You have a lot of data to help you when you want to create a new environment.

I rate Splunk Enterprise Platform an eight out of ten. The solution is very powerful, and I like to play with data to do what I want.