We leverage the Splunk Cloud Platform for log ingestion. This allows us to create dashboards, alerts, and reports from security and application log data.

Splunk Cloud Platform offers real-time monitoring capabilities. It continuously ingests data from various sources, allowing us to track its flow. We can set up alerts to be notified of any anomalies, such as spikes in CPU or memory usage. These alerts can be configured to trigger email notifications, keeping us informed of potential issues. Additionally, Splunk Cloud Platform provides real-time dashboards that visualize the data as it's collected.

The federated search feature is useful for our cybersecurity team to complete their log analysis.

Splunk Cloud Platform offers seamless integration with other systems and applications. This is achieved through apps and add-ons developed by Splunk.

Splunk is a good reporting tool. It allows us to generate reports and attach them to emails in CSV or PDF format.

Splunk Cloud Platform has been instrumental in helping our cybersecurity team continuously monitor our data for anomalies and attacks. Its usefulness extends beyond security, though. Teams that ingest their logs into Splunk can monitor various services. If a service goes down, Splunk will trigger an alert. Splunk offers a robust monitoring suite, including dashboards, alerts, and reports. We can monitor system resources like memory and CPU consumption, application logs, Azure logs, and even Office 365 logs. For example, Splunk can reveal who sent emails, who participated in group email threads, and who added or removed members from Active Directory groups. This audit log capability allows us to investigate activity even months or years later. Splunk provides a wide range of use cases for our organization. We noticed these benefits as soon as Splunk started ingesting data.

Splunk has improved our decision-making process thanks to its clear dashboards that help us analyze information and make informed choices.

Splunk has been valuable as a compliance tool because it centralizes log ingestion. Any tool generating logs should be configured to send them to Splunk. This allows us to easily identify compliant applications – those whose logs are collected. Conversely, uncollected logs raise security concerns, as they represent a potential attack surface.

Splunk has significantly improved our organization's security posture. As a primary security tool, Splunk allows us to collect application logs, monitor activity for potential attacks, and conduct searches to identify suspicious behavior.

I like that Splunk Cloud Platform is managed by the vendor.

I like the Cloud monitoring console feature.

I like the support for all the apps and add-ons.

Splunk currently manages the components, which restricts our ability to access them directly. I would like to be granted read access to be able to review the components.

I have been using Splunk Cloud Platform for one and a half years.

The Splunk Cloud Platform is stable as long as we perform proper maintenance to prevent bugs.

This system is very scalable. That means it can be easily adapted to accommodate our needs. We can increase the number of licenses we use, or add more resources like CPU and memory. We can also request additional components, such as adding more user accounts if our team grows from four to eight members. Overall, the scalability of this system is a major advantage.

I would rate the scalability of Splunk Cloud Platform nine out of ten.

Splunk Cloud Platform offers excellent technical support that is both knowledgeable and responsive.

The initial setup is straightforward but it takes a month or two to complete because of the applications that need to be onboarded.

We first need to calculate the amount of data we need to ingest. Then, based on that amount, we can plan how much data we need to onboard and what components we'll need.

Two experienced people were involved in the deployment.

The implementation was completed in-house.

Splunk Cloud Platform is more expensive than some of its competitors, but it offers a wider range of features.

I would rate the Splunk Cloud Platform eight out of ten.

Splunk Cloud Platform is deployed in multiple locations.

Splunk Cloud Platform requires maintenance.

I recommend the Splunk Cloud Platform to others.

If you're using cloud services, Splunk Cloud Platform is a good option. It minimizes management overhead for you since Splunk handles the underlying infrastructure. Splunk Enterprise however requires more resources to manage.

My manager typically requests dashboards, alerts, and scheduled reports. Based on their specific requirements, I create reports and dashboards that visualize the data. We leverage the Splunk Cloud Platform to fulfill these needs.

Additionally, my teammates may approach me for insights. I analyze the data and provide them with these insights, which they then use for team meetings and further data analysis. This ultimately helps them make informed decisions.

Splunk Cloud Platform improves our incident response time by enabling the retrieval of large data volumes. The platform offers impressive search speeds, and we don't need additional SQL commands to optimize response times.

We saw immediate benefits from the Splunk Cloud Platform. Being able to access and analyze logs provided valuable insights.

Splunk's impact on decision-making is significant. I have access to all the data I need, and it is always reliable.

Splunk Cloud Platform's search modes are a powerful feature. There are 3 main modes: Fast, Verbose, and Smart. These modes allow us to customize our search based on our needs, which can significantly improve our response time.

Splunk Cloud Platform's dashboard could benefit from some improvements. While it functions adequately, it appears very minimalistic. It's built using a simple XML format, and while newer dashboard options have been released, it still lacks the visual capabilities of tools like Power BI and Tableau. While I understand these are different platforms, having a more powerful dashboard option for the Splunk Cloud Platform would be valuable.

There is a lack of comprehensive learning materials offered by Splunk to prepare for their certifications.

Splunk uses SQL as its search language. One challenge I've encountered is with subsearches used in joins. These subsearches can only handle a maximum of 50,000 entries. If our data set is larger, we won't be able to join it using a subsearch. This limitation has been a significant obstacle for me. I've searched the Splunk community forums, and even reached out to my colleagues and seniors for a solution, but haven't found a definitive answer yet.

I have been using Splunk Cloud Platform for 2 years.

It is reliable. In my experience working with virtual machines, any search lags are likely due to the VMs themselves, not Splunk.

I would rate the stability 8 out of 10.

Splunk Cloud Platform is horizontal scaling. So it is easy to scale based on the data we are using.

I would rate the scalability of Splunk Cloud Platform 9 out of 10.

Deploying Splunk Cloud Platform requires knowledge of the Splunk architecture, the deployment server, and the components.

We have seen a return on investment.

The certifications are costly.

I would rate Splunk Cloud Platform 8 out of 10.

The maintenance required is minimal.

The resilience of Splunk is good.

I recommend the product.

Splunk Cloud Platform is a powerful tool for handling big data. To get the most out of it, understanding both the developer and administrator sides is beneficial. The platform offers broad compatibility with various technologies and allows for easy scaling to accommodate your needs.

We use Splunk Cloud for monitoring various ticketing tools, servers, applications, URLs, and client transactions. We're monitoring the transactions and data flow.

Splunk has sped up our response and reduced the time we spend manually monitoring any logs for ticketing tools or servers. It saves us around 2 hours daily.

We can onboard multiple data types for monitoring from various ports and use Splunk to monitor laptops or other devices directly. If everything is stored in our database, we can also monitor that and see who is logging in and when. You can monitor which files are being used most and which ones aren't. We can also check for any fraudulent activity in the system. The reporting is highly detailed.

Splunk is best when used for real-time monitoring. We can use AI and machine learning, too. Splunk plans to launch new observability features soon. The federated search feature has helped us eliminate redundancy in data servers and discontinue servers that aren't being used much. We can remove those servers from the environment to cut costs.

We can use Splunk to monitor multiple environments. The ease of monitoring depends on the source, application, or cloud environment size.

Sometimes, integrating with other systems is difficult, and it isn't feasible to connect with other applications, but it's easy most of the time. I rate Splunk 7 out of 10 for its ability to integrate with other systems.

Every time they launch new versions, we experience a few bugs. The most recent version had a couple of bugs in the databases. We contacted the vendor and got assistance solving these bugs, so the environment is more stable.

I have used Splunk Cloud for 4 years.

I rate Splunk 8 out of 10 for stability. It has some bugs, but that is common in any product. At least, Splunk resolves bugs quickly.

Splunk's scalability is nice.

I rate Splunk's technical support 9 out of 10.

Splunk is easy to deploy. We have it deployed across data centers at multiple locations. Splunk requires some maintenance after deployment.

Splunk is a bit pricey, but it's reasonable for the features offered.

I rate Splunk Cloud Platform 8 out of 10. I would definitely recommend Splunk to others.

I used it in my last organization for monitoring, intrusion detection, and intrusion prevention.

We wanted to take preventative actions so we implemented it.

The monthly security reports were detailed, and we got to know about a lot of vulnerabilities that we did not know about before.

It integrated well with other systems and applications in our environment. I would rate it a ten out of ten in terms of integration.

Splunk Cloud Platform had a good impact on decision-making processes in our organization.

It was helpful for data access for compliance and privacy regulations. I would rate it a nine out of ten in this aspect.

Splunk Cloud Platform had a very good impact on our organization’s security posture. The resilience that it offered was very important because we were dealing with client data.

For reporting, a lot of manual intervention was required to create the reports, but after that, it worked well.

Its interconnectivity with the cloud platforms, such as Azure and AWS, was valuable.

We had multiple cloud environments. It was easy to monitor multiple cloud environments using the Splunk Cloud Platform’s dashboard.

Considering its price point, it does not need any improvement. However, it does require manual implementation.

There can be more modules and more integration with other areas in the cloud and on-prem. I am not sure whether it includes network devices and things like that.

I worked with this solution for one year and a half.

It is stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability and extensibility.

I got great support from them every time. I would rate them a ten out of ten.

We were not using any similar solution previously.

It was deployed on a public cloud. Its setup was quite complicated. A lot of steps were involved in implementing it.

We had some engineers from Splunk to advise on a couple of things.

We had three people involved in the deployment. They were all cloud engineers.

It did require maintenance. We had one person involved in the maintenance.

It was a good model.

We evaluated other solutions, but I do not remember the names. I know there was one from AT&T.

I would rate Splunk Cloud Platform a nine out of ten.

We use the solution for application status alerting, user activities, and active directories. We use the solution for visualization, alerting, and analyzing events or incidents.

The most valuable feature of Splunk Cloud Platform is the alerting feature.

Currently, Splunk Cloud Platform is very easy to use and read. The solution's visualization for the end users is also good. However, setting up the solution or an alert is not straightforward. There's a lot of incompatibility and areas that you have to consider while setting up the solution.

All those things make setting up the solution very complex for regular people who know the business operation. So, they have to hire a third party or a technical person who doesn't understand the business to set it up for them, which usually creates a gap.

When someone who cares about the business and understands its operation sets up the solution, they would set it right. There's always a gap when a technical person or third party sets it up. It may lead to many workarounds to fix issues like alert fatigue or false security. Splunk Cloud Platform needs to be made more user-friendly because it's not user-friendly.

I have been using Splunk Cloud Platform for four to five years.

Splunk Cloud Platform is pretty stable, and I don't have any issues.

Splunk Cloud Platform is a scalable solution.

I usually go to forums and discussions to get answers to my issues. You might need a Splunk account username to talk to technical support. When most users I have talked to face a problem, they Google it. I don't know if the technical support would provide you with support if you were stuck.

I have previously used different solutions like DataStage, Datadog, Grafana, and ClickView.

We evaluated other options before choosing the Splunk Cloud Platform. But when a company buys Splunk services, the end users have to use what they have as a resource.

Splunk Cloud Platform is a really good tool for getting alerts and better information about incident management and maintenance. Because of the solution's complex setup, most alerts are set by developers or people who create multiple unnecessary alerts, creating alert fatigue. Compared to other systems, like Dynatrace, Splunk Cloud Platform is not a smart system for analyzing alerts.

As a project manager, I oversee the process of contacting the concerned parties, knowing what needs to be monitored and why they need the alerting mechanism. I was not directly involved in the scripting and adding Splunk Cloud Platform in the back end.

As business requirements change, Splunk Cloud Platform needs maintenance in terms of setting up different parameters, which is not an easy task.

Everybody uses the Splunk Cloud Platform in a different way. I would advise users to share their experiences about technical difficulties in the forums and community. Sometimes, others might go through the same problem without much documentation, and sharing your technical problems might help others.

Overall, I rate Splunk Cloud Platform a seven out of ten.

The primary use cases of Splunk Cloud Platform are security log monitoring and compliance.

The most valuable feature of Splunk Cloud Platform is its flexibility and readiness because it's already prebuilt, and everything is click-to-go. Splunk has multiple features, but the cloud feature comes with that. It is built for a smaller organization, but that's how organizations grow. The solution is good for a new budding organizational group.

Splunk Cloud Platform should improve its integrations and consider multiple integrations or direct integration with other platforms like Microsoft Azure, Google Cloud, or AWS.

I would like to see more integrations because integration is related to bringing in more data. More integrations would increase the visibility and customer's point of scope. Customers are initially tied to one platform and stick to it because of its feasibility. Integration becomes a major challenge when they want to bring in different solutions.

Once they have different integrations from Splunk, they need not worry about security, things to monitor, or what compliance they must meet. Everything will be physical, and integration will bring in a lot of things.

I have been working with Splunk Cloud Platform for one and a half years.

Splunk Cloud Platform is a stable solution.

Splunk Cloud Platform's technical support is good. The support's technical capabilities are always great because everyone who is capable joins in and contributes. However, at a high level, we understand there is always a gap in automation. We have process automation that can be resolved or detected by customers.

The flaws in our cloud can be fixed. We can send an integration update to the customer and tell them that you must fix this so everything works fine. For a download-compatible system, you can update an older heavy forwarder version to a newer version to grasp the maximum out of it.

I have worked with a lot of other products, but not as a cloud solution. I have designed cloud solutions for other products like what Splunk currently has. I have worked with IBM, which has its own cloud platform, cloud monitoring solutions, and security solutions. Similarly, we have other market solutions that will act as a security solution, but they are in different behaviors. We have designed one for other customers, which monitors other cloud and hybrid solutions.

Splunk is currently at the top rating because I haven't explored other ones. I started exploring Microsoft Sentinel, which is a good competition for the Splunk Cloud Platform, and it's a healthy competition. I would like to see a very light-flavored source solution integrated with the Splunk Cloud. Once people start tasting source solutions, they will surely explore them more because that's how hunger is created. Other solutions already have the source solution in them. For example, Sentinel has its own source solution, which they give as an integrated part.

Splunk Cloud Platform’s initial setup was quite easy.

The Splunk team was involved in the solution's deployment.

Splunk Cloud Platform's pricing is a little on the higher end. When smaller organizations start their journey of onboarding log sources or security solutions, they think Splunk is quite worth it. But when they start growing, they feel it's quite eating up their budget on security. So, it is fine for smaller organizations. It all depends on how the discounts are provided.

Splunk Cloud Platform is used in our customer's company. The solution is deployed on the Spunk Cloud in our organization.

Splunk Cloud Platform is a very good product in the market, and you can use it wisely. Compared to other products for the cloud solution, you can use Splunk Cloud Platform for a wide range of tools. Splunk Cloud Platform is the best product to onboard for a new startup or a working good industry with a very small number of people. You don't have to sit in an office and work. You can work it from anywhere and integrate the log sources. That's how easy it is.

The cloud is not for a bigger organization. The one which is sitting in the environment can be used. For example, if you have one terabyte of ingestion per day, that is not what we expect a bigger organization to ingest on a cloud. It would become quite expensive to store, manage, and process.

It is good for smaller organizations because they have around 25, 30, or 100 GB of ingestion per day. If you want to grow bigger and bigger, you can use a hybrid model. If that model is available, that would be great for bigger organizations. For example, the cloud is integrated into the cloud, and on-premise is integrated into data centers. That should work fine.

Splunk does the solution's maintenance. From our side, the local integration material has to be maintained as per the cloud instance. It all depends on the customer. If the customer is fully on the cloud, it should not be a problem. We still have to upgrade heavy forwarders, universal forwarders, and deployment servers. However, the rest is taken care of by Splunk itself.

Our customers monitor multiple cloud environments, which are distinguished in their environment. It is integrated in a different format and not directly integrated. Monitoring multiple cloud environments using the Splunk Cloud Platform’s dashboards is quite easy and reliable.

It's a standard thing. I don't know about other comparative tools, but the first time I used Splunk Cloud Platform, it was quite good enough and can be used for the current organization.

I rate Splunk Cloud Platform's integration with other systems and applications in our environment a seven to eight. This is an average rating where you can see that the growth still has to be achieved. Splunk Cloud Platform should work on its integration with third-party products.

Splunk Cloud Platform has different types of formats, and those are enough. The rest of the reporting, like the presentation, should be done by itself. No one gives those. The reporting that Splunk Cloud Platform currently provides is enough.

It depends on the industry, but for financial or banking industries, Splunk Cloud Platform plays a major role in decision-making. If I want to rate it, you have to consider ten out of ten as Splunk or any other tool before they make any decision. If they have Splunk already, they should consider Splunk as a major partner to integrate and bring in more services apart from bringing any other solutions. That will create a multiple-glass observation, which will not be an easy decision. If one of our customers has Splunk, they must consider it a priority before bringing in any other solution.

Splunk Cloud Platform helps our organization access data for compliance and privacy regulations. Right now, Splunk is so feasible that it can integrate with any tool, anytime, and in any data format. So, it should not be a problem. Anyone brings in data in any format, Splunk Cloud Platform will surely meet it. The only thing is they need a good engineer to design it properly so that it brings in data properly.

An organization that does not have a security posture review is considered a zero, not a negative. We don't know when it becomes negative. The day they bring Splunk into the environment, it will obviously increase their visibility. Every time the security posture increases, they get to know the flaws.

Their observation of 24/7 monitoring, compliance, log monitoring, and forensics will come into the picture. They can enable everything in a single solution or product.

Splunk Cloud Platform is a resilient model. SIEM tools can perform post-detection. SIEM is not an EDR tool because it doesn't automatically detect something. A SIEM tool is used for compliance and audit. It is helpful for future investigation because it can record logs and keep them aside.

However, a SIEM tool does not have an automatic detection module. Although it has a prediction model, it does not have an auto-detection or blocking model. It cannot be a resilient tool, but it can be a vigilant tool.

Overall, I rate Splunk Cloud Platform a nine out of ten.

We use Splunk Cloud Platform to monitor our environment.

Monitoring multiple cloud environments is made easy with the Splunk Cloud Platform due to its fast ingestion and data recovery times.

Splunk's visibility into multiple environments is excellent. I have found that a hybrid environment works the best, as the login portion remains on-premises while the rest is in the cloud. This reduces the maintenance required on-premises.

There are two types of integration. The first involves bringing something into Splunk, while the second entails moving something out of Splunk. Bringing data into Splunk is relatively straightforward, with multiple options such as RAS, SysLog, and Splunk's built-in functions. However, exporting data from Splunk is more challenging and not as straightforward as the process of bringing data into Splunk.

Splunk Cloud Platform has influenced our decision-making processes. Splunk is primarily employed for security purposes; thus, it excels particularly in SIM. It encompasses an asset and identity framework that effectively gathers information about an organization's assets and individual identities, encompassing all users. Therefore, when considering Unified Business and SIM, Splunk proves to be highly proficient.

The cloud performance is good.

Not having to perform any maintenance because it is handled by Splunk saves our administrators time which is valuable.

Splunk should offer various options for real-time monitoring. If we could enhance the speed of data ingestion or data retrieval, that would be an added advantage. Additionally, there is room for improvement in SaaS-to-SaaS integration. I believe that reintroducing HTML dashboards would be beneficial, as they provide dedicated web features. This, in turn, gives users the flexibility and freedom to create custom dashboards more easily.

I have been using Splunk Cloud Platform for five years.

I would rate the stability of the Splunk Cloud Platform as an eight out of ten. We still encounter some lagging and errors, but not as much as with the on-premises deployment.

I occasionally get in touch with Splunk technical support, usually regarding data onboarding. These include routine activities like installing or uninstalling applications, as well as making changes to existing ones. On average, we submit at least one ticket per week to them.

I have used many tools including Elastic, Grafana, Tableau, and Sumo Logic.

Splunk is indeed superior in many cases, but other tools are also making progress to catch up, with Elastic being one of them. They have begun developing their own SIM offering, complete with its own SIM features. Similar to Splunk Cloud, Elastic also has its Elastic Cloud Stack. Some of the features provided by Elastic seem to outperform Splunk. Therefore, there is room for Splunk to enhance these aspects. As for pricing, it could be more competitive, considering that other tools also provide the freedom to choose the Cloud Stack. Although Splunk offers this flexibility, the process often involves extensive discussions, making it less adaptable compared to other tools.

The initial setup is somewhat complex regarding the CI/CD pipeline, and Splunk manages the deployment. Splunk provides a feature called ACS, which enables us to manage the deployment ourselves if desired, but it's simpler to have Splunk handle the deployment on our behalf.

The deployment took around one month and required ten people from Splunk's DevOps team.

The implementation was completed by Splunk.

The pricing is high for small organizations. The cost makes more sense for organizations that have a large amount of data ranges.

I would rate Splunk Cloud Platform an eight out of ten.

There are numerous tools that offer real-time reporting and alerting capabilities. Splunk is indeed effective, but due to the prerequisite of registering logs beforehand, a delay is inevitably introduced. Therefore, while Splunk is suitable for real-time reporting alerts, it may not be as optimal as some alternative solutions.

Resilience has added value and contributed to the improvement of our organization. This is highly significant. In most cases, the SOC team relies on the tool for issue mitigation and ticket resolution. Therefore, it is crucial for Splunk to remain consistently up-to-date and respond as quickly as possible. This holds immense importance.

The extensibility is good, but there is room for improvement, especially in integrating certain logs. Enhancing the process of incorporating raised logs is possible. In most cases now there are limitations on log creation. Previously, a direct option existed to import logs. However, this process has been altered, requiring users to develop an add-on for log integration, leading to increased complexity. Furthermore, users are expected to have knowledge of Python. This can be problematic in cases where users lack such expertise. Therefore, this aspect could certainly be enhanced.

For those who want to evaluate Splunk, it comes down to the volume of data. If they are dealing with a substantial amount of data flowing into their SIM, Splunk would be the superior option. Splunk effectively manages extensive datasets in comparison to other technologies. It also offers numerous additional functionalities, such as an enterprise security suite, assets, and identity framework. Moreover, it has undergone industry testing and has been employed in the field for a considerable duration. In contrast to other organizations, they provide a wealth of features.

I was working as a DevOps engineer in India. I was working for the payments domain of a client. We were mostly using Splunk for monitoring the production, deployment of API, and traffic.

We had two cloud platforms. When I joined the team, we were deploying all our APIs in Pivotal Cloud Foundry (PCF). We then migrated to AWS Kubernetes. We were able to monitor both platforms in Splunk. When we migrated to Kubernetes, Splunk helped us. When we were having the transaction loss, we were able to find out which node was throwing the error. We were able to fetch the details according to the nodes in Splunk. We were using different keywords on these platforms for fetching the data.

We could create our own query, and we could create our own alerts for a particular API. We could also configure these alert notifications to be mailed to particular managers and owners. We could just go through the alert to check if the API was running well or needed to be fixed.

As compared to other tools, it is very easy. It is very easy to learn. It also integrates well.

The reporting features are very good. The dashboards are very nice. We could create our own dashboards to monitor any volume dips or transaction loss.

The search for bulk data needs to be improved. When we were looking for the flow, we had to search really hard. I wanted to request the Splunk team to add some features for better search because getting the flow of the bulk data was sometimes hard.

I have worked with this solution for almost three years.

It is stable, but we did experience two or three downtimes.

We had three or four monitoring tools other than Splunk. We had AppDynamics, Grafana, and others, but we were mostly concentrating on Splunk because we were able to fetch all the details from a particular transaction using Splunk. We were able to create our own dashboard so that we get alerts regarding errors or transaction loss for the customer. The most useful thing was that when we were fetching details from a payment ID or a grid, we were able to track the complete workflow for that API. We were also able to fetch the details about whether the issue was in our team or the external team. We were able to track that very accurately using Splunk.

It is not that complex. We just need the knowledge. We just need to know how to query the alert and set up dashboards. As compared to AppDynamics and Grafana, it is a lot easier.

Our dev team could set up a dashboard and deploy everything in two weeks.

It is not that expensive.

If the company is working on API-based deployment and API-based developments, then I would recommend Splunk. It is useful for tracking the flow and fetching the data.

Overall, I would rate it a seven out of ten.

I use the solution to create alerts for different servers. I also create dashboards in Splunk.

We have a lot of servers. It was hard to track which were down as we didn't have a monitoring platform. Splunk changes that. It receives data and if it doesn't get any data, it creates an alert so we are notified if something is down.

We also use it for making reports to help make management easier.

The monitoring of servers for high CPU utilization helps us out. If there are offline servers or high utilizations, we can see the incidents and optimize our processes.

The cloud is very fast. We have a lot of data in our Splunk instance and it isn't slow in any way.

The maintenance is good. We have good support if we have queries or issues. With on-premises Splunk, if we ran into issues, we'd have to figure things out ourselves. With the cloud version, it's easier to get support.

We can monitor multiple cloud environments, including Azure and AWS.

It can be difficult to monitor cloud platforms. We are integrating more cloud servers and patching data sources from those servers. It's very easy to use Splunk and have everything go to the dashboards.

We get good visibility into multiple environments. We can easily search from Splunk Cloud to our on-prem or AWS directly. We also do not ingest the data in order to see it.

We can easily integrate with other systems. It's very helpful. We can leverage Splunk to gather any specific reports we want with this integration capability.

The reporting is very good. Every month we have a call with Splunk personnel and they'll show us reports to show high usage for search, for example. From our side, we can change or update in order to optimize our systems.

The cloud has helped us with decision-making. It helps make maintenance decisions very easy.

It's very resilient.

Testing can handle a lot of logs, however, we are unsure if the speed will be affected.

When we are using OneDrive or SharePoint, as a developer, we'd like to have better integration between the two.

There are some issues with Splunk blocking some shared mailboxes.

Support could be improved.

I have been using the solution for five years.

The Splunk cloud is very stable. I've never experienced crashing. If there are issues, they will notify us. It doesn't take long to resolve issues at all. Things tend to be resolved in an hour or so.

The solution is very scalable.

I haven't experienced the extensibility, or the ability to extend the system, however, my understanding is that it is very good. We have yet to upgrade it.

When we have high-priority tickets, it's hard getting help efficiently. We'd prefer to call. It takes time to get someone to help. We've had to submit tickets via the portal, and they asked us to call instead. It's hard to get above P1.

It would be ideal to get a specific phone number or email so that we do not have to wait hours to get help.

We do have different Splunk support services where we talk to them bi-weekly, and at that point, we can talk about any high-priority issues. They do try to help us with queries.

We previously used Splunk on-premises.

I do not have any experience with the initial setup. Since it is a cloud deployment, Splunk handles the maintenance mainly.

I'm not aware of the exact pricing. That said, my understanding is that it is very reasonable. However, every application has a price. We need separate licenses for everything. They don't have any bundles.

For the first few years, I used the solution on-premises, and then I moved over to the cloud.

I use the classic dashboard; I don't yet use the studio.

It has not yet affected our security posture.

We have not yet explored federated search.

I'd rate the solution ten out of ten.

If a user is planning to use the Cloud Platform is to consider the pricing. It's fast to access and there is no downtime. It's very good from a user perspective. I'm happy with it. It's helpful.

Users should work to maximize the power of Splunk to get the most out of it. Leverage the applications, including security.