Splunk Review

Capability to expand functionality through custom code for data inputs, commands, visualization, alerts, and machine learning


What is our primary use case?

We use Splunk for infrastructure monitoring, application monitoring and in the security space for our organization as well as for our customers.

How has it helped my organization?

Since Splunk is a platform for data, we can ingest and correlate data from virtually any type of system.

It has a fast turnaround time for setting up monitoring/alerting and forecasting of trends as per our customers' requirements.

What is most valuable?

The following are top three features that I find quite valuable:

  1. Capability to expand the functionality through custom code for data inputs, commands, visualization, alerts, and machine learning.
  2. Quick turnaround time for setting up monitoring and alerting with built-in capabilities, plenty of enterprise grade apps available on Splunkbase, and custom coding based on Splunk development skill level.
  3. Free Splunk license for PoCs on personal machines and the ability to scale the PoC to an enterprise level app.

What needs improvement?

  • Scheduled PDF generation does not work well for all visualizations, and it does not work for custom visualizations.
  • While scheduled reports can be embedded, Splunk dashboard can not be embedded directly without enabling cross origin.
  • Missing capability for audio/video and image processing.

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email