We implement it for our clients. The number of people involved depends on the license utilization, the number of devices, and the time frame. Two to three months are normally required for the full integration of a customer environment, and a minimum of two people are required for the integration.

Currently, I am the only one handling the deployment, but when it comes to operations, we need at least two to three people.

It requires maintenance. Generally, 2 people are required, but for my clients, I am the only one who is taking care of the maintenance.

From the client team, two people were involved in the deployment process. One person was from their implementation team to understand how the tool is deployed. Another person was from the admin team of engineering, where they were trying to understand what resources they needed to deploy to get usability of plans. A third person was there to understand the context of how the log will be initiated into Splunk.

That is something that was required from their environment. From our side, there were three resources with expertise in Splunk. They were the first hands-on people who were working on the implementation side. Later on, I came into the picture so that implementation could be done to create visibility in the client's environment. Before passing and giving them indexes, the context was taken from us by giving us visibility into the environment and how we want to approach it.

For the implementation, we used two integrators and Splunk Professional Services.

Our deployment team handles both deployment and support services, including maintenance responsibilities.

We deployed Splunk with an in-house team of five to 10 people and some professional support from the vendor. 

We used an integrator.

The integrator we used to do our initial deployment was excellent. The integrator we used to do our last round of upgrades was less than excellent.

When I hire an integrator to do an upgrade in an environment, I expect them to come back and say "all of your application layer apps are upgradeable, but your OS's need to be upgraded. Do you want me to do that? Or should you do that?" I now have different versions of OS's under Splunk running in my Linux world and it would've been nice to upgrade the system OS and then upgrade Splunk, even if it was more disruptive. I guess I have to read the statement of work more closely in the future.

We used all in-house resources to implement Splunk.

We had the Splunk team, and they did wherever they needed to get everything deployed. Our experience with them was good. We have worked with Splunk for years now. Their support has been very beneficial. If I have a question, they jump right on and let me know. They walk me through it and give me updates, so I am pretty happy with Splunk.

The implementation was completed in-house.

The implementation was completed by a third party.

We do it ourselves.

Splunk handled the implementation. It was a joint effort between them bringing the knowledge and us doing the actual work.

I handled the deployment independently, but the required personnel depends on the organization's size and the expected outcomes. For larger organizations, especially when the new tool integrates with various departments like operations, development, and security, it becomes a collaborative effort. In such cases, it's not a one-person job and involvement from multiple departments is essential. However, for smaller companies, the process is less complicated. It involves coordinating with support and developer teams to communicate the implementation, and the focus is on providing the necessary outputs from the tool to support their ongoing work effectively.

I utilized it in a single, non-geographically dispersed location. My experience is limited to a single site, and I haven't worked on a multi-site installation.

While it can run stably for a certain period, eventually, there is a need to manage or archive logs, especially if your background storage is not unlimited, as is often the case in these scenarios.

We have folks who do the deployment. I am more on the interface side.

We have a team at the company that completed the setup and deployment.

It was implemented in-house. Its maintenance is pretty lightweight, and I take care of it. I have a couple of other team members to help make changes. We have engineers who are available for adding capacity. We have a team of six or seven people to support our Splunk Enterprise.

We implement through a vendor.

This was implemented through a combination of in house and vendor developers.

The implementation was completed in-house.

I implemented Splunk through a POC.

There are two to three people required for the implementation of Splunk.

The integration and initial setup of Splunk were managed with the assistance of local support.

For the installation, we received some assistance from the vendor.

We used an integrator to assist us in the initial setup.

I completed the installation with the help of some friends, in the IT department.

We implemented through an in-house team with some support from the Splunk team. It was a very smooth process, from our perspective. 

We have an in-house team for deployment in maintenance. Splunk is a tool that does not require much staff to maintain. The users can start with a PoC, simply learn it, and deploy it for themselves. They don't require subject experts to be hired for the installation and configuration.

We have one or two engineers that take care of all maintenance-related issues. It really depends on the scale of your project. One of our projects required a huge deployment — we needed a huge team to match. If it's a small deployment, then two people are enough.

My team was the team who had set up this implementation. I would be remiss if I didn't say that our level of expertise is quite high with an average of 4 Splunk certifications per person on my team.

In-house. We had professional services however, we did the install prior to the consultant arriving. So, his workload was light considering we had already installed and configured the Splunk servers.

I handled the implementation myself. I didn't need any outside assistance from any integrators. I'm a consultant myself.  

We do not have any dedicated people who are working on Splunk, but we have a team of approximately 100 people that are responsible for the development of mobile applications, backend systems, DevOps, etc.

We hired a contractor with significant experience with Splunk, Elastic.io, AWS, and custom development. They were expensive, but worth every penny.

I handled the implementation myself. It was done in-house. 

We used packaged professional services from a partner of Splunk. Our experience with them was very good.

In terms of maintenance, it is pretty simple. There are fewer patches than there would be for supporting a Windows device. There is not much labor to maintain it.

We did get support to assist us with a few complex fields.

We wrote the automation to bootstrap everything onto AWS, which was fairly easy. As long as we had all the hooks going into AWS, and we had the SDK. So, we did not have too much trouble getting the bootstrap up and running.

My company provides the implementation and maintenance services to our customers.

We used a consultant for the implementation of the solution. The full process took approximately one week.

We had a big problem with communication sometimes during the implementation. Some files in our network were a little difficult to receive. This was our fault because of some of our firewall configurations.

We have a five-person maintenance team that works on this solution.

We handled the process internally. We did not need the assistance of any integrators or consultants. 

There were consultants involved in the deployment.

We have an internal team that does the maintenance of the solution.

In-house.  We at Splunxter are Splunk experts.  We can do anything with Splunk.  We always hit homeruns.

The deployment was in-house and took about two days with the correct licenses and permissions.

We worked with a Splunk consultant who shadowed us to help ensure we performed the process correctly. 

We used a consultant for the deployment, from KDDI Vietnam. Our experience with him was good.

Vendor implementation, and I would rate them as a seven out of 10.  

I implemented it myself.

Implemented in house with the support of the vendor with high level of expertise.

It takes two people to deploy and maintain.

I implemented through an in-house team. 

We have our own internal team for its maintenance.

Deployment is not difficult but the lock sources and configurations can take time. We have a team of 15 technicians that do the deployments.

We used an integrator to do the implementation.

We did it ourselves. We had around two people for deployment and maintenance, but we had around 15 users. They all were SOC people.

You will need a Splunk implementation specialist for the deployment.

Splunk required two engineers to implement, and we will add another one to maintain the solution.

I have a team of a few Splunk consultants who are currently managing it for me. For a mid-sized organization, at least 15 persons are required to manage the entire Splunk instance.

We were able to handle the installation on our own. 

There are 40 people responsible for the deployment and maintenance of the solution, four of whom are engineers. There is a computer DE who is responsible for the engineering and a candidate for graduation in 2022.

We implemented in-house

We used a combintation of in-house (ie. myself) and an experienced Splunk partner.

There are six people in my team working with Splunk. I am not sure about other users, but we are a mix of data scientists, data engineers, software engineers, IT, and software engineers.