Splunk Enterprise Reviews

The system is highly intuitive to use. It is faster than other solutions I've used on the market and has a huge library of 3rd party plugins to get more from the system. It is easy to create scheduled searches, dashboards, reports etc. but there are a number of additional plugins (at an extra cost) to help with security, single pane of glass and metric collection.

It offers challenges for a decentralized working model. Where Splunk is centrally managed, it is easy to ensure that best practices are maintained. Where the system is opened up for an entire department to utilize and on-board their logs, it becomes more difficult. However, with some creative thinking and good process, this issue can be overcome.

Splunk comes with lot of in-built templates for each and every feature like log visualisation, dashboarding, traces,etc This makes the developers life lot easier. I can't think of any other logging tool that is snappy as well as accurate.
I love the fact how easily I can plug it in my docker-compose to push container logs.

Even though, it offers numerous features for different needs, each feature has its own learning curve. For instance log visualisation needs querying skills, which may be in natural language but it takes bit of time to get familiar.

- Ability to search logs across processes and services
- Ability to develop dashboards to Monitor critical metrics
- Ability to set up alerts based on threshold values

- Need to regex well in order to use the tool to its full ability
- Ability to extract values out of the log statements could be simpler
- Alerts usually end up being over alerting or false alerts.

If you need real-time grokking into your infrastructure, look no further than Splunk. I love love love the dashboards. It’s easy to tell a story with your data, and the live search is so FAST!

SPL is a little hard to get used to, but once you get the hang of it, it’s not so bad. I recommend downloading their community edition for some great examples of queries and dashboards.

Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn.
Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process.
Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it.

There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does.
Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.

Through its robust log analysis and ability to collect data from different sources, we can easily perform analysis on various data and predict any future operational hazards. Splunk enterprise efficiently monitors our log activities and and gives results to any queries at faster speed than most SIEM tools.

The searches can be complex at times and the messages on query errors aren't always specific.

The ability to set up queries and get data back quickly is invaluable

Learning to structure queries is a bit of a challenge in the beginning

The tool can collect all sorts of data from diffuse sources and preform advanced analytics on it. It has powerful monitoring capabilities useful in threat identification and maintaining the health of our IT infrastructure. Splunk enterprise helps us to foresee, trends through machine learning which has been a crucial to making informed business decisions.

Training new users is tough, the learning curve is very steep and it gets overwhelming for them. The installation and configuration process is very long and needs a lot of time.

Sofware is really excellent and best suited for small and large scale business who would like their systems, interfaces, server space and database health check to be performed.

Sometimes the Splunk alerts creates multiple tickets in ITSM tool during issue. Hence it may result in spending sometime for closure of open incidents.

I worked with a team member to integrate McAfee Endpoint Security with Splunk Enterprise so that virus scanning logs could be easily monitored. Integration was extremely smooth, and the data was nicely visualized on Splunk. There was very little delay in the virus detection logs being updated on Splunk as we performed several tests for virus scanning. As a user, it was very easy to navigate and I greatly enjoyed the usage of filters for filtering specific events that occurred.

It's a great product for boosting your security posture, however the cost of the tool and additional storage was a bit steep. It was also a bit difficult to create filters for the logs, which was a necessity for our end user.

Splunk Enterprise is best tool to analyze the data based on different visualization. It help us to lookup distributed logs for micro-services . It enables field based lookup. For complex logging, we can use search query using expression. We can create multiple reports/charts for visualization such as a pie or bar chart for our data. Best feature what i like , We can visualize our search results and share them with others using dashboard panels. If Already have a dashboard, we can add a new panel from a report, clone from another dashboard, or add a prebuilt panel. Fully customization available. Interfaces is very flexible. We export it in different formats, or refresh it to visualize the newest data. Online Support is available through different community.

Search query builder is fully based on technical. for Non technical users, its really difficult to lookup logs. Sometimes, error thrown by query builder is more difficult to understand. Deep Learning is required to use splunk for production data. For Large application installation, it need to manage more.

Splunk Visually represents the logs mainly from production servers in the web UI .

People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query.

It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively.

we can access all types of logs including XML and JSON.

we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues.

This tool is boon for production support team in any enterprise company.

Licensing cost is quite higher for enterprise usage.

Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)

Splunk appsStrength and capabilitiesIntegration with most solutions

Resource utilizationLimited local partner support

1) Accepts multiple data formats like CSV, JSON, XML
2) Does the hard work for us i.e converting machine data to a human-readable format.
3) Can create customized alerts to serve our business purpose.
4) Searching on the based on queries is pretty simple.
5) We can create dashboards to analyze and visualize our search results.
6) Can export the log content to our Personal computers.
7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy.
8) Technical support for the Splunk is very quick as they have a dedicated staff for that.

I did not find any flaws with this software.

Splunk is more than a tool or a product, it is a big data platform. Splunk can be used as a simple log aggregator all the way to a Big Data engine to find efficiency in operations of the Internet of Things. Splunk is less about its abilities, and more about your imagination about what you can do with Splunk. That is the beauty of the platform. Splunk shines in providing operational intelligence about systems and processes. Finding out how your systems are operating, how your processes are functioning leads to quick resolution of problems and points to where budgets are best spent.

Splunk is deceptively easy to set up and use. But like learning to play chess, you can learn the moves in half an hour, but take a lifetime to master. Splunk quickly provides value, but requires imagination and creativity as well as wide ranging knowledge of systems and processes to move to the next level. Not every organization needs that kind of talent to get a great return from Splunk, but the companies who compete and win will.

Fast consolidation of disparate logs in an easy to search way for troubleshooting. I can find problems within my organization very quickly. Sales team was very responsive in getting me a trial license to estimate my needs.

Set up takes some time and planning. The Licensing scheme can be pretty expensive and until you've got it up and running it can be hard to estimate how much license you need.

-Easy to use tool
-Simple graphical interface which makes it easy for a new user to understand the features easily
-Real time data analysis can be carried out

When we try to search for data which is more than 30 days old, then sometimes we see slowness

When you need to store, correlate, and search large amounts of data, especially System Log data, there is no tool that even comes close to Splunk. It's power and flexibility is amazing.

Very expensive. Difficult to implement until all moving parts are understood. Steep learning curve for beginners.

Splunk integrates with almost all popular enterprise software products including VMware, AWS, Azure, etc. Most customers use it primarily to do log analysis but it can also perform data analytics for business reporting. The UI is very straightforward and enables you to quickly search through large datasets using SPL. We were able to quickly locate the source of the issues by using Splunk to triangulate logs from several different components. There is a Splunk Cloud version with a free trial if you are aiming to do some integration work and testing. Finally, like all monitoring tools, Splunk offers AI and machine learning for even better predictive analytics.

Splunk is expensive and probably not for smaller startup companies. The pricing is tiered and is subscription-based so if you start to ingest a lot of data, look out. It can eat into most of your IT budget and Splunk by itself doesn't handle all the Day 2 operations that are needed.

Splunk is great for monitoring, logging, and analyzing the large volume of data on the servers. Our support teams use Splunk to collect data/logs from the servers and troubleshoot product related issues. We introduced Splunk few years ago in our organization and it helped improve our defect/issue analysis and problem solving abilities

While Splunk is not too complex, it also requires a certain level of skillset to decipher the information. It may take a while to figure things out if you are a new user, or someone with limited technical knowledge

We are using this tool for monitoring our services log. It is easy to monitor the data using this. For each service, you can configure which log file should be shown on the UI(web). On UI, it provides lot of features like finding pattern in logs, doing analysis and generating reports and much more.

Learning is slow. Initially, it takes time to understand the reports and pattern it finds out of the log. But it's worth learning it.

The best part of it is its UI which has very responsive page and can drag couple of days logs. Best in its performance and versions are being upgraded at regular intervals and its best in delivering the outcomes as required

I work at Fintech company and we use Splunk for checking error logs and tracking anything that goes wrong within the system. I like Splunk as it gives exact line number which is breaking the code which makes easier to debug.

The index should be accurate otherwise viewing logs is not easy.

Splunk is first of all reliable from stability and information security perspective, which is a must. Second, it has one of the most advanced feature sets in analyzing, manipulation, anomaly detecting and processing log data residing in its database. Even AI/ML options are on the table, and it's possible to start implementing AI/ML with Splunk immediately.

For certain types of use, licensing structure can hit you in your face relatively quickly.

Easy to use tool with use in IT as well as security. Further business users can be trained easily as well.

Have not found one yet since I started using 4 years ago.