What is our primary use case?
- Monitoring IT and other processes for a large university.
- Leveraging alerts and dashboards to detect and predict security breaches and other events.
How has it helped my organization?
Splunk has enabled us to detect, even predict potential security issues, before they become severe. It has enabled our operations and development teams to more efficiently monitor and troubleshoot their systems.
What is most valuable?
The search language is easy to understand and teach to new users. The SDK is comprehensive and has incredible levels of integration with the platform and data.
What needs improvement?
- Certain sections of the developer documentation could use some updating and clarification.
- Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling.
- Some terminology is vague and confusing (examples: deployer versus deployment server or search head versus search peer).
For how long have I used the solution?
Three to five years.
How is customer service and technical support?
Support is quick and competent.