We have a public URL that allows anyone to authenticate for ADFS. This allows them to connect using Active Directory.
The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.
This is a feature-rich product.
Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for. For example, when something goes wrong, I can spend hours trying to figure out the problem and have nothing to refer to. I find that it confuses me somewhat, so it is something that can be improved.
I feel that technical support can be improved because it is always done through the use of a support ticket, which is not very convenient.
Setting up and configuring integrations are not easy to do.
We implement this solution within the past year.
Splunk Cloud is quite stable. I do not remember having any issues with bugs or glitches.
I would expect that the scalability is quite good, albeit expensive.
Technical support is okay, although they are not as quick to respond as I believe they should be. I feel that some of the support processes are not very convenient.
The initial setup is straightforward, although we still revisit it. We started several months ago and are still trying to set it up in a more structured way. Really, we are still in the deployment stage in some regards because we are struggling with exactly how it should be set up.
We had some assistance from a consultant after the initial setup was completed. It worked well for simple uses, but now, we have some help in trying to configure it to meet our needs.
The price is something that people complain about.
My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features.
I would rate this solution a seven out of ten.