Splunk Review

Provides visibility into business metrics and insights that deliver value.


How has it helped my organization?

It is deployed to investigate, detect, respond, and prevent security incidents and threats by providing valuable context and visual insights to make faster and smarter security decisions.

What is most valuable?

  • Splunk delivers a holistic view of an application (the big picture).
  • Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value.
  • Significant reduction in mean-time-to-investigate (MTTI) and mean-time-to-resolve (MTTR) production incidents from days to hours.
  • Splunk visualization capabilities help pinpoint problem areas, spikes, and anomalies easier and faster.
  • Ability to monitor and resolve integration problems before they impact the business user area.
  • Splunk is being used as part of the development life cycle, resulting in better quality and more efficient applications.
  • Provides additional insights into a 360 degree view of the customer.

What needs improvement?

We usually have to follow up with technical support on our open cases. Otherwise, Splunk listens to customers and is constantly incorporating their feedback in future releases.

What do I think about the stability of the solution?

There are no software stability issues. The issues so far have been internal.

What do I think about the scalability of the solution?

There are no scalability issues. If you are planning on using Splunk for security use cases, I would recommend you go with Linux for your OS.

How is customer service and technical support?

We have the enterprise level of support. This is one area Splunk could improve upon, since we usually have to follow up with them on our open cases.

Which solutions did we use previously?

We did not have a previous solution.

How was the initial setup?

There were no issues with the initial setup. We utilized Splunk’s partner zones for the initial setup. In retrospect, we should have utilized Splunk Professional Services.

What's my experience with pricing, setup cost, and licensing?

Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO.

We contacted Gartner and other business associates to determine what others are paying for Splunk.

Which other solutions did I evaluate?

We started researching ELK (Elastic, Logstash, Kibana). But management was so impressed with Splunk that we ended this research.

What other advice do I have?

Ensure you have an executive sponsors to fully deploy Splunk across your organization to maximize your ROI and lower your TCO.

Make use of Splunk Professional Services.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
2 visitors found this review helpful
1 Comment
Alireza GhahroodReal UserTOP 5LEADERBOARD

If there's gold in log files, Splunk will help you to find it. Splunk bridges the gap between simple log management and security information and event management products from vendors such as ArcSight, RSA, Q1 Labs and Symantec.

Splunk lets you gather log data from systems and devices, and run queries on that data to find issues and debug problems. Splunk's capabilities also include reporting and alerting, pushing it ever-so-slightly into the world of SIEM.

What separates out Splunk from the world of Syslog servers and SIEM tools is Splunk Apps, a library of nearly 200 addons that make Splunk smarter about particular types of log information, change its look-and-feel or add new types of analysis.

29 May 17
Guest

Sign Up with Email