Manipulate You Data
Splunk is widely used for manipulation of data and we encounter the use of this tool almostl twice a week. Even though it costs much more but still we have not found any alternative that is able to offer all these functionalities.
Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn.
Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process.
Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it.
There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does.
Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.
Excellent tool for logs & data anlaysis
Overall, it is a very good monitoring tool for an support team and developers for doing root cause analysis.
Splunk Visually represents the logs mainly from production servers in the web UI .
People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query.
It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively.
we can access all types of logs including XML and JSON.
we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues.
This tool is boon for production support team in any enterprise company.
Licensing cost is quite higher for enterprise usage.
Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)
Best Tool for Monitoring Purposes.
As a user of Splunk, we generally used to monitor the log provided by the server clusters belonging to a tool called API Connect. As the logs are stored in Splunk, we tally the transaction count from API Connect tool and filter the log search in Splunk with a particular search query. We can download the logs of particular time and date of API Connect servers in case of transaction count issues. We create a dashboard for all the individual API's transaction count in terms of total transaction count of all API's. In this way, it makes our work easier to find out which API has the highest transaction count. We even use Splunk to know the state of the machine. Reports generated by the Splunk helps us to find out the API with the highest response time. In this way, Splunk makes our work a lot easier as it is very fast and highly secure.
1) Accepts multiple data formats like CSV, JSON, XML
2) Does the hard work for us i.e converting machine data to a human-readable format.
3) Can create customized alerts to serve our business purpose.
4) Searching on the based on queries is pretty simple.
5) We can create dashboards to analyze and visualize our search results.
6) Can export the log content to our Personal computers.
7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy.
8) Technical support for the Splunk is very quick as they have a dedicated staff for that.
I did not find any flaws with this software.
Software is fantastic once you get it fed the data. Setup can be a bear.
Software saves a great deal of time tracking down errors and issues in the network. Was able to spot a security issue using the software we might never have even noticed otherwise.
Fast consolidation of disparate logs in an easy to search way for troubleshooting. I can find problems within my organization very quickly. Sales team was very responsive in getting me a trial license to estimate my needs.
Set up takes some time and planning. The Licensing scheme can be pretty expensive and until you've got it up and running it can be hard to estimate how much license you need.
This is the tool every devops should have expertise on!
Made life easier for all SRE/DevOps oncall.
First of all you don't need to login to your servers. Just configure splunk forwarder on all of your server and have peace of mind. During outages you dont have to panic and just rely on Splunk and be sure that you will have your root cause visible in splunk.
Kernel huge page issues, Search head clustering, Index clusetering. These features are as good as costly too. For SHC and IC it does need all same config hosts.
One of the best place to check large amount of the logs information.Every companies best tool.
make our business life easy
The best thing about this software is i love its UI part and its dashboard where it provides the logs of all the enterprise application every business which has large amount of the transactions being held are required to maintain this tool and its logging and search frequency are very much loved and dash board has very colourful UI and easily understandable
There is no least about this software but we are looking for some more enhanced featured like optimisation and all
Best thing for monitoring application
good log monitoring tool
We are using this tool for monitoring our services log. It is easy to monitor the data using this. For each service, you can configure which log file should be shown on the UI(web). On UI, it provides lot of features like finding pattern in logs, doing analysis and generating reports and much more.
Learning is slow. Initially, it takes time to understand the reports and pattern it finds out of the log. But it's worth learning it.
Splunk, gold standard in log collection
I'm continuously impressed by the quality of the software, and the depth of what it can accomplish. Worth every penny!
After going through the free online training I was able to get this product up and running to consume Linux audit logs. Writing SPL wasn't too difficult, at least for basic scenarios. The regular expression generator is especially helpful!
The configuration resides across many different levels (default, local, and then again within the apps). Having levels of configuration is a bit of a nightmare to manage.
splunk enterprise security
overall splunk is the best tool it provides lt of system information, we have installed splunk on all the servers accross our environment
Integrating spunk with other tools it is one of the best feature which splunk has. we can pull logs by integrating with other tools.
Writing a query in splunk is difficult. it should customize the query for users.
amazing tool to look at your application behaviour
best tool to monitor logs of your application
Main purpose of this tool for us is to monitor the logs of our application. And I can say, it is very good at this. Finding the stats, pattern out of log is very easy. You can run multiple queries job on a single application log. You can monitor job running on your logs like you can kill them, can stop particular job. It's support of sql like queries on logs is just amazing.
This is a great tool, there is no disadvantage of this product but just mention you need a bit of learning to use it's all the functionality.
Many Featured Tool
We first started using Splunk as a log analysis tool like many companies do but we're not getting into a number of other use cases based on how powerful and robust the tool can be for our business. They have a lot of good apps on their marketplace and the visualizations make information for less tech savvy users readily available.
Starting this tool up and really getting it working takes some time, research and resources just based on the vast number of solutions it can provide. Like other tools that we use, it requires us to have good focus during planning to make sure we're not trying to do too much and instead focus on a few use cases to start.
Easy to use once set up
Splunk is a fantastic SIEM
A must have tool for managing logs and monitoring the app behaviour
Just amazing tool to manage your logs
I think it's great tool to see the logs of your application with advance query search. Splunk support lots stat mechanism, also you can start multiple stats jobs on your location. It is just fabulous thing.
I have been using this for last one and half year but can say a single negative point of this too.
If you want SIEM, it's splunk and only splunk
Great company, great company, amazing high price tag....
It dominates the industry in SIEM.... People would love to hate it... it's critical in terms of looking at your logs and seeing if something is not right and you have hackers or unwanted people on your system. It's the industry leader and has all the cool features.
The price.. it's expensive and you have vendor lock-in... All my clients hate it for the price, but love it for its features and leading R&D.
Powerful search tool, steep learning curve
The best log/data aggregation tool on the market, but it comes at a price
- Hugh library of add-ons that have been pre-built by others saves you significant time
- Large community (and events like Splunk Live) to help and keep you engaged
- Refined interface compared to some of the free competitors
- You'll like the tool so much that you'll want to throw all kinds of data into it and the cost will grow substantially!
- Only pricing is by data volume, no options to pay by host, source, etc.
Reliable Application for Cybersecurity
Splunk is a wealth of information.
We used Splunk as part of our compliance and delivery for email marketing. The tool itself requires some industry knowledge and a day or two of hands-on training, however, once you get the hang of it's pretty easy and very useful in order to dig into consumer/user data.
Splunk is a great solution for SIEM and also for monitoring your infrastructure
We needed a way to monitor our internal environment and start to be more proactive with issues, so we started sending all of our logs to Splunk and we we able to get insights we did not know we needed. It is a great solution and they are constantly innovating.
Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.
Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.