What is our primary use case?
Our primary use case of Splunk is for log monitoring and infrastructure monitoring. If we want to diagnose any issue in our application, we just push our application logs. This is on any client server using the universal forwarder logs on the Splunk server. After indexing, we can create a base log, and create attractive dashboards that are simple to understand and use. I'm a system administrator and we are customers of Splunk.
What is most valuable?
This is a straightforward solution, easy to configure and difficult to mess up.
What needs improvement?
Splunk is a very costly solution and I think it's the most expensive in the market in terms of costing. Splunk provides an application for infrastructure monitoring. If we're monitoring the docker with containers, we can't see the container name, only the ID. That's a big drawback.
For how long have I used the solution?
I've been using this solution for two years.
What do I think about the stability of the solution?
This is a stable solution. Deployment takes one person, it can be a system admin or an engineer.
What do I think about the scalability of the solution?
This is a scalable solution. We can do the clustering of it for large applications. We have around 15 users for this product.
How are customer service and technical support?
If I have any issues, I'll go to the community. I can generally get a response within a day. Although most of the documentation is good, some of it is unclear, particularly if you're new to the product.
How was the initial setup?
I think it takes around 10 minutes to install it on the server. On the client side, it takes around five minutes. I do the installation myself.
What other advice do I have?
If you're going with this solution, make sure that when implementing the ports are open. If they're not open, it creates problems with the server. Other than that, this is a very stable and very easy to configure product. We can easily deploy and easily use. Other similar solutions are difficult to configure, Splunk is the simplest. I've used three or four monitoring tools and Splunk is the easiest. If a company can afford it, this is a good product. We are planning to shift to another product because of the cost. We're searching for an open source or cheaper product.
I would rate this solution a nine out of 10. They lose one point for the price and lack of infrastructure support.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?