What is our primary use case?
The data from Splunk is used for network monitoring, apart from that, they are using another tool with this kind of logic as well. Splunk is not the primary tool. The database I'm using for real-time data for our client. We have only about 3-4 users on this solution.
What is most valuable?
It's only the monitoring solution that we are using. I'll find that to be a great feature.
What needs improvement?
Splunk would be better if some tools were integrated to be able to take action on security or network concerns. People in the IT field are looking for a single tool that can do everything. Not separate tools for monitoring and fixing.
For how long have I used the solution?
We have been using Splunk Insights for infrastructure for about one year.
What do I think about the stability of the solution?
I have not had any problems with stability.
How was the initial setup?
Nothing is straightforward in data technology. You have to know about the technology. Even when chatting about the virtual image for a window, we need to know how to do things. If you know how the technology works, it's really simple.
Which other solutions did I evaluate?
I need a tool that can deal with all the security solutions, that will find security monitoring compliance requirements. So, I'll stick to BigFix over Splunk, because I'm not that big a fan of Splunk, to be honest. Apart from monitoring, in BigFix you can mitigate the issues, mitigate what the vendor is doing, and continue monitoring our clients. If any machine, any hardware in the department is vulnerable to any threat, with BigFix we can go ahead and take action, and mitigate that vulnerability within a couple of minutes.
What other advice do I have?
I would rate Splunk Insights for Infrastructure at a seven out of ten.
Which deployment model are you using for this solution?