My primary use cases for Splunk Observability Cloud include creating dashboards for metrics, detecting incidents, and ensuring overall observability of applications, service connections, and integrations, along with reporting and Slack integrations.

By visualizing the integration of the service, I can understand the flow of the data, which is one of the features I appreciate most about Splunk Observability Cloud.

With the metrics collection, I can proactively find incidents and work on the major issues when they happen and predict these issues.

With alerting and the detectors, we can inform the engineers that are on call to take over the service responsibility.

With the metrics and the dashboards, we can have a clear view of how the system is performing. Splunk Observability Cloud has helped improve my operational performance by detecting, analyzing tracings, and detecting alerts.

50% of our metrics on Splunk Observability Cloud are custom metrics, so we heavily rely on that. The out-of-the-box customizable dashboards provided by Splunk Observability Cloud are excellent, especially with the Amazon ones, AWS, memory cache, and Kubernetes dashboards, which are complete for the Kubernetes needs.

The UI of Splunk Observability Cloud is one of the major issues; it's old and has been there for more than 10 years, acquired by other applications from other companies. It's time to reinvent how the UI is going to work with the AI modules and integrations, making it softer and cleaner.

Splunk Observability Cloud is comprehensive in terms of functionality and features, so educating users has to be more functional. Users need to know how to be educated about certain views or pages they're working on.

I have been using Splunk Observability Cloud for five years.

I assess the stability and reliability of Splunk Observability Cloud as built on top of reliability because of the Cisco networking and infrastructure. That's not a concern for me; I totally rely on it. I've experienced downtime, crashes, and performance issues with Splunk Observability Cloud, as with any other solution. Comparing it with other monitoring solutions, Splunk has been excellent with availability. When I experienced issues, they were communicated through maintenance windows, resulting in 100% satisfaction with how they conduct this.

Splunk Observability Cloud scales very well with the growing needs of my organization. We didn't have scaling issues as the application evolved. I expanded usage of Splunk Observability Cloud when the company opened new coverage areas in different countries. Adding those metrics or new indexes to Splunk wasn't much of an issue in scaling.

I evaluate customer service and technical support for Splunk Observability Cloud as having only great experiences working with people at Splunk.

Positive

Prior to adopting Splunk Observability Cloud, I was using Datadog, which would accomplish 70% of what Splunk does currently.

There have been so many challenges that I can't name one right now. There is always a challenge in deploying open source material, like the open telemetry modules, that don't have the reliance on Splunk. It's just an integration challenge that we have the most. Deploying Splunk itself wasn't that much of a big deal.

I see ROI with Splunk Observability Cloud. My company is heavily dedicated to analytics, so the Splunk deal is significant. I cannot imagine how the business would run without it currently.

I had low pricing and setup costs for Splunk Observability Cloud, and overall, my company has received a good deal on all the features that we have. We just have to understand how to explore it further.

Not directly because of Splunk, but the visualization that I have with the main aspects of scaling made us create custom dashboards that proactively detect the changes in scale, and then we can get ready for those changes. We don't have to spend time testing the new capacity when it's already being defined and envisioned by Splunk.

My advice to other organizations considering Splunk Observability Cloud is to watch out for your budget. If I could assess the impact of not having Splunk Observability Cloud, there would be a monetary impact with other solutions. For the business, we would lose resiliency of the system. To imagine the impact, it would be catastrophic.

Splunk has to think about how to redesign Observability Cloud. It came from SignalFx and AppDynamics to Splunk Cloud. It's a merge of different platforms into one, and this merge is being done at a pace where I expected more velocity.

On a scale of one to ten, I rate Splunk Observability Cloud overall as a seven.

Our main use cases for Splunk Observability Cloud are to observe our application, our websites, and our infrastructure metrics.

What I appreciate the most about Splunk Observability Cloud is the APM part and the log analytics part. These features can help us with troubleshooting our problems between multiple systems. 

Distributed tracing is very useful to us, and the infrastructure part can help us identify problems with the infrastructure. Splunk Observability Cloud has helped improve our operational performance and our company's resilience on the path of adopting it, and I expect more improvements in the future.

The RUM part of Splunk Observability Cloud can be improved significantly. We are currently struggling to use it since our application is mixed mobile and non-mobile. Some AI features in the search functionality could be beneficial in the next release of Splunk Observability Cloud.

In GCP, Cloud Run is not natively supported by Splunk, and we are challenged with bringing data from Cloud Run to Splunk. Native support of it in the future would be great for us.

We started using Splunk Observability Cloud one year ago.

I would assess Splunk Observability Cloud as quite reliable. The only problem is the graphical interface, which sometimes is buggy. It crashes, doesn't display data, and requires reloading the browser. I have experienced downtime with Splunk Observability Cloud only once, which lasted one hour due to issues that prevented us from logging into the platform.

Splunk Observability Cloud scales with the growing needs of our organization quite efficiently. I have expanded the usage of Splunk Observability Cloud, and the process of expanding usage was smooth apart from one part.

Customer service and technical support respond very quickly. That said, sometimes the solutions take too long to implement.

Neutral

Before adopting Splunk Observability Cloud, we used DataDog, and before that, we had no solution. The factors that led me to consider the change were mainly because my company has different IT offices. My IT office used DataDog, another IT office used New Relic, and others used different tools. We needed to adopt Splunk across the group to have something standard in my company.

My experience with deploying Splunk Observability Cloud was quite good, mainly since we almost have everything on cloud and that makes deployment quite easy.

My advice to other organizations considering Splunk Observability Cloud is to adopt it if you don't have anything else as it's a very good tool, and having something for observability is very good. Not only for the observability part but for all the Splunk platform, that's great. 

On a scale of one to ten, I rate Splunk Observability Cloud a seven out of ten.

My main use cases for Splunk Observability Cloud include Application Performance Monitoring, synthetic monitoring, and dabbling in infrastructure and what comes along with it; however, we do already have a tool that does infrastructure. We're debating about just switching it all over to Observability.

The features of Splunk Observability Cloud that I prefer the most are its all-encompassing licensing model, which is comparatively better than others in the market. We're switching off AppDynamics, and the licensing model always constrained us, so that is our main reason for switching to observability, as the licensing is all-encompassing.

The benefits of these features for my organization are significant. The license is all in one, meaning infrastructure, APM, synthetics, RUM, and the logs are all under one license, allowing us to offer that to our application teams more so than we were ever able to do before. 

We're currently trying to implement RUM, Real User Monitoring, with two applications just to get a feel for it, which we were never able to do before, since it was a completely separate license that we needed to purchase. So we're able to offer more of a full suite, more of a one-stop shop sort of thing, versus what we were able to do before.

The user interface of Splunk Observability Cloud needs a lot of work. I have been known to describe it as slapping lipstick on a pig. The pretty colors draw in everybody, however, the actual functionality of it has a lot that you cannot do, and how the user interface is organized is very difficult to navigate. This is a driving factor for us not to use the product.

The next release of Splunk Observability Cloud should include a feature that makes it so that when looking at charts and dashboards, and also looking at one environment regardless of the product feature that you're in, APM, infrastructure, RUM, the environment that is chosen in the first location when you sign into Splunk Observability Cloud needs to stay persistent all the way through. There's no reason that a user should have to keep having to restart all of their filters and select their environment anytime that they switch to a different area of the tool.

I have been using Splunk Observability Cloud for one year exactly.

I have not experienced downtime, crashes, or performance issues with Splunk Observability Cloud yet.

Splunk Observability Cloud scales with the growing needs of my organization, however, we very quickly always run into hitting the limit for custom metrics. This is something we've discovered that we have to manually manage, which is not fun, especially for large applications such as our huge tracking system, since we're a logistics company, as well as the two main revenue-generating applications. We are probably going to hold off putting them into Splunk Observability as we're constantly bumping the limit already.

I would evaluate customer service and technical support as hit or miss as I get the impression that the support folks assigned to our account might be spread a little too thin. They are good people and do good work; however, I get the impression they're spread a little too thin. If we put in a ticket, we do get a response in a decent amount of time, so that's not a problem.

Positive

Prior to adopting Splunk Observability Cloud, I used several solutions. The solutions we used include Zabbix, Splunk Core, Grafana, Prometheus, and AppDynamics, so a whole suite of things.

The deployment has been fine for cloud applications. It is very tumultuous for on-prem. That is supposed to be getting fixed over the next year. Right now, it's not there. So I always tell my management we're a year and a half too early for this tool.

I have seen ROI for our cloud applications, as we've been able to fully integrate with one application, which is a big revenue producer for the post office, and it's something that they were not able to do before, so we have been able to see that. In terms of ROI, I would say 100%.

We don't currently use the out-of-the-box customizable dashboards provided by Splunk Observability Cloud to showcase IT performance to business leaders. 

I will say we have not expanded usage to other applications since we're still stuck where we are. 

My advice to other organizations considering Splunk Observability Cloud is to wait until next year. 

On a scale of one to ten, I would rate this solution five or six.

We utilize Splunk APM for security purposes, monitoring all transactions within the organization to prevent potential attacks. Additionally, we leverage Splunk APM to analyze application logs, gaining insights into application behaviour and facilitating a reduction in Mean Time To Resolution should any issues arise in the production environment.

OpenTelemetry provides more accurate information about an application by combining views from the customer perspective, infrastructure metrics, and application-specific data. This holistic view enables full telemetry observability, allowing us to analyze and strategize effectively for our company or clients.

Once configured correctly, the analysis reporting the Splunk APM provides is better than that of the other APM tools. Once the correct fields are defined, we can create different report dashboards.

Splunk isn't an ideal tool for application performance management due to the extensive setup required. It necessitates various configurations to gather diverse information from applications, networks, or other sources. Creating the right tables and defining the appropriate fields to extract comprehensive data involves a significant amount of setup within the tool. Managing this process can be quite challenging. However, once configured, the collected information is invaluable, although not easily manageable.

Splunk falls short compared to other APM tools such as AppDynamics or Datadog. It does not collect online information in real time and relies heavily on log files. Unlike Datadog, which collects real-time application behaviour data like CPU, memory, load, and response time, Splunk requires additional configuration to obtain similar information. This makes using Splunk for APM purposes significantly more difficult compared to the automatic data collection capabilities of AppDynamics or Datadog.

I have been using Splunk APM for more than a decade.

Splunk APM lacks scalability, requiring the administrator to constantly monitor or create specific alerts to ensure sufficient disk space, CPU, and memory for data collection and transaction processing. This results in a tool that is challenging to manage and costly to maintain.

Splunk support is responsive and provides quick resolutions when tickets are opened. Their service has left a positive impression on me.

Positive

The initial deployment is complex, requiring the definition of the switch, storage, correct host, and working with certification. This necessitates at least one expensive specialist, costing approximately $5,000 per month to hire and work with our team.

Splunk APM is expensive. Even before we begin, we need substantial infrastructure investment to collect comprehensive logs. For example, to gather log data, we must create specific tables in Splunk, starting at 50 gigabytes. In a cloud environment, this storage requirement becomes very costly.

I would rate Splunk APM six out of ten.

Cisco recently acquired Splunk, and its roadmap for the coming year includes incorporating aspects of Splunk into AppDynamics. Cisco's intention behind combining these two tools is to showcase its commitment to open telemetry and comprehensive observability to the market and its customers.

Splunk Infrastructure Monitoring helps identify bottlenecks within the network domain, including issues related to server databases, application response times, and code. These problems can be resolved by our customers promptly.

It is easy to use. It offers a unique dashboard reporting tool called Ollie. Ollie is essentially an observability tool, and it's also referred to simply as "Ollie" for brevity. It's important to note that this product is agent-based only.

Splunk Infrastructure Monitoring helps improve the efficiency and performance of applications by up to 70 percent.

It has helped reduce our mean time to detect. It has helped to reduce our mean time to resolve by around 50 percent.

Splunk helps us focus on business-critical initiatives.

It integrates well with multiple sets of products.

The vibrant dashboards are valuable.

The main drawback of Splunk for network monitoring is its limited agent deployment. Splunk excels at collecting data from servers and databases where agents can be installed. However, it cannot directly monitor network devices, unlike Broadcom.

Broadcom offers Spectrum and Performance Management tools that primarily work on SNMP to collect data from network devices. Splunk doesn't have a directly comparable functionality for network devices.

While Splunk offers a wider range of data collection, including metrics, logs, and more, it can be more expensive. Splunk's licensing model is based on data volume (terabytes) rather than the number of devices. This can be costlier compared to Broadcom or similar tools, which often use device-based licensing.

The end-to-end visibility is lacking because Splunk cannot directly monitor network devices.

Broadcom provides a topology-based root cause analysis that is not available with Splunk.

I have been using Splunk Infrastructure Monitoring for 10 years. 

Splunk Infrastructure Monitoring is stable. 

Splunk deployment is simplified because it is cloud-based. The deployment takes no more than 15 days to complete.

Splunk's infrastructure monitoring costs can be high because our billing is based on data volume measured in terabytes, rather than the number of devices being monitored.

Replacing legacy systems with Splunk could cost up to $200,000.

I would rate Splunk Infrastructure Monitoring 7 out of 10.

The decision to move from another infrastructure monitoring solution to Splunk should be based on a customer's specific needs. While Splunk offers visually appealing dashboards and access to a wider range of data compared to Broadcom products, pricing can be a significant factor, especially in the Indian market.

Deploying Splunk for a customer can involve higher upfront infrastructure costs. This is because implementing Splunk effectively often requires writing custom queries to filter data and optimize license usage. While this approach minimizes licensing costs, it can be labor-intensive.

Right now it improves the gap between our on-prem data centers and our cloud environment. We've been using Splunk on-prem for eight or nine years now and it's been useful seeing existing tools that we've used like Splunk integrate into cloud environments and bridge that gap. We use the integration the most.

It has reduced our mean time to resolve. It's been easy to aggregate logs and infrastructure data in one place, making it easier to find a single point as opposed to jumping around tools. It's ten to fifteen percent better. It makes aggregating data and logs faster for our cloud purposes.

There's a feature that allows you to connect to AWS infrastructure that we've been using. Its integration with the cloud is what we're looking forward to the most.

It is very easy to monitor multiple cloud environments. It's like a single pane of glass for us. We can use it to monitor our on-prem and both of our cloud environments as opposed to having different tools for each environment. It makes it all come together in one tool.

It's fairly important that it has end-to-end visibility into our native environment. We host a lot of other programs in our program. We host an infrastructure platform. It's good to have the integration that we can pass on to our customers to show them that there are tools they can use to better their program while we're using them to better ours. So it's been pretty beneficial.

Splunk's ability to predict, identify, and solve problems in real-time is good. I was very happy with the keynote. A lot of the use of machine learning is cool. We're excited to get our hands on that once it makes its way to Enterprise.

We still use Splunk Enterprise licensing. A lot of the newer features go into Splunk Cloud before Enterprise. We're not looking to switch our licensing over, so we're falling behind on the newer features. I know Splunk has plans to move their cloud features into Enterprise at some point. The only improvement we would like is to have more features put into Enterprise that focus on the cloud. Some people come from an on-prem environment and slowly move to cloud and would have to make a full jump into the Splunk Cloud licensing to get any of the cool Cloud features.

The program that I'm on has been using Splunk Infrastructure Monitoring for around three years now. We started off mainly on-prem for data centers and we've slowly migrated into AWS and Azure for cloud footprint.

The company has been using Splunk since we were a lot smaller. We were using Splunk for data logs, aggregation, and things like that.

It's very stable. We've never had issues with that. Anytime we do have stability issues, it's something that we can work on to fix. It's not an inherent flaw with the product.

Scalability is excellent. That's what Splunk is designed for, big data aggregation. It's been very easy and seamless to scale up over the years.

I've only had a couple of Splunk support cases, and they've been very, very prompt in responding, especially compared to some of the other big enterprise tools we use.

Positive

We have seen ROI. It's made onboarding better and it's easier for engineers in our project because there's a single pane to view all of these different environments.

We have seen time to value. It makes it a lot easier to train new people and get them spun up. We had our cloud environment for a couple of years before we started integrating with Splunk. It was a pretty quick improvement within a couple of months, noticing how beneficial it was to have a single pane of glass in all of our different environments.

I understand Splunk wants people to move towards Cloud licensing for a lot of the newer features, especially for multi-cloud. It would be nice to see those in Enterprise. I understand why they do it but that is my main concern. 

I would rate Splunk Infrastructure Monitoring a seven out of ten. There's more we can do with it. We just haven't explored it.