Dec 27 2018
What is most valuable?We like the dashboard creation and the ease with which we can harness the APIs to create custom BI dashboards on the fly. This adds most value for us. The nature of some of our microservices that I have run on the cloud are mixed workloads, wherein with the flow of data, it can change over time. In… more»
What needs improvement?For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is… more»
What other advice do I have?Make sure it fits your use case. Be clear about what you want to achieve, get out of the product, and how you want to integrate it. Once you tie the solution into your systems, it is not trivial or easy to walk away from. Therefore, due diligence needs to be made to understand what your requirements… more»
Which other solutions did I evaluate?I wasn't there when the evaluation was done. When I came on board, this product was handed down to me, and we have not evaluated any other solutions or products since then.
Jan 17 2018
What is most valuable?The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing… more»
How has it helped my organization?Splunk has helped our organization mainly on our increased use of the security side. We use Splunk to monitor all machine logins (both successful and unsuccessful) and… more»
What needs improvement?Splunk has continually been increasing its features and also expanding and perfecting its core functionality. I would like to see it to continue to improve its predictive… more»
What's my experience with pricing, setup cost, and licensing?Setup cost is cheap: It is free, it is user-friendly, and it is fast. I would highly recommend anyone evaluating this option to download the free trial which allows for… more»
If you previously used a different solution, which one did you use and why did you switch?We did not use a different solution before. The closest thing that we would have done to this would have been personally scraping logs reactively, which cost us roughly… more»
What other advice do I have?If you have an R&D department within your company that is looking for something new to increase the efficiencies and effectiveness of your company's operations, I would… more»
Which other solutions did I evaluate?We evaluated the ELK Stack, of which recently we have implemented with a customer who was looking for a more lightweight, cheaper alternative that would work "Good… more»
Find out what your peers are saying about Splunk, IBM, LogRhythm and others in Security Information and Event Management (SIEM). Updated: November 2019.
378,397 professionals have used our research since 2012.
Dec 24 2018
It is easy for our developers to use if they want to search their logs. Something should be built into the product that if you're close to your license, then it shuts things down.
What is most valuable?Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc.
How has it helped my organization?We have used the alerts for a lot of things. They gave us the ability to kind of make an alert simply. So, we did one for SQL injection. We also had some services which… more»
What needs improvement?A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started… more»
What's my experience with pricing, setup cost, and licensing?The pricing seems good relative to the other vendors that we have had here. However, they need to find ways to be more flexible with the licensing and be able to deal with… more»
If you previously used a different solution, which one did you use and why did you switch?Before Splunk, we used Kibana and Elasticsearch. Sometimes, with them, logs wouldn't even be there. We have received an infinite time reduction there. We couldn't use what… more»
What other advice do I have?Implement something and watch how much data you are sending to it, then have some way to shut it off without redeploying your app in case things get hairy. We use the… more»
Which other solutions did I evaluate?There are a lot of vendors in the space at the conference this year. Therefore, we probably talked to six or seven different ones, and the market seems to be… more»
Jan 09 2019
We were able to create a catalog of dashboards and have a holistic view at all levels, understanding our business better
What is most valuable?The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports. The dashboards are very intuitive and similar to… more»
How has it helped my organization?Every team immediately created their own Splunk dashboard, and all the product owners were ecstatic about this. We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much… more»
What needs improvement?The query language is pretty slick and easy, but it is not consistent in parts. Some of it feels a little esoteric. Personally, some of my engineers are coming from SQL or other languages. Some things are a little bit surprising in Splunk… more»
What other advice do I have?Go with Splunk. A lot of people know how to use it because they have experience with it. It works well. While it has some pain points, it provides reports and data visibility. It integrates great with Opsgenie, PagerDuty and Slack. We love… more»
Which other solutions did I evaluate?We knew we were going to go with Splunk. It was the leader and the one we liked. We didn't consider any others since Splunk met our needs. We chose Splunk because of the ease of the UI, querying, and creating dashboards. It has a… more»
Dec 19 2018
What is most valuable?The most valuable feature is its centralized log analytics.
How has it helped my organization?We have a one stop dashboard for health of some of our services where you can click in and it takes you to other dashboards that have custom near real-time metrics that show the application's health. From there, you can drill in to see the… more»
What needs improvement?The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer. Splunk is good about viewing data within the last seven or 14 days, but if you want to see a year-over-year trend, you… more»
What other advice do I have?It works well when searching logs. If you looked to try to do things beyond this, the problem that we ran into is that we treated it as the hammer which hits all nails. That is not really feasible, and there are other tools out there that… more»
Which other solutions did I evaluate?We looked at the Elk Stack, Kibana, and Sumo Logic. We chose Splunk because their cost is better, the maintenance factor is a little higher, and the core functionality is higher than what other products provide. The core functionality is… more»
Jan 01 2019
What is most valuable?The ability to create dashboards. You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do.
How has it helped my organization?We use it primarily for troubleshooting. We had an issue with SaltStack recently and were able to look for the same log entry on a thousand servers simultaneously, making the process easy.
What needs improvement?When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved. I would like to see an updated dashboard. The dashboard… more»
What other advice do I have?Build your environment a lot bigger than you think you will need it, because you fill it up quickly. We log somewhere in the neighborhood of two to four terabytes a day per data center. We use both AWS and SaaS versions. With the SaaS… more»
Which other solutions did I evaluate?Splunk has no real competition. It is just Splunk, and that is it.
Aug 05 2019
What is most valuable?* Core Splunk * Saved searches * Dashboards (SimpleXML) With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with… more»
How has it helped my organization?Out clients went from unhappy using inflexible, poorly-supported products (in some cases barely functionally) to confident and excited when using Splunk. Not only are they… more»
What needs improvement?* It needs integration with a configuration management solution. * It could use better password management for forwarders. * It needs a better way to export dynamic views… more»
What's my experience with pricing, setup cost, and licensing?Get free PS if you can (ask) or USE THE DOCS. The documentation will get you to success. If you are not getting more value out of Splunk than the license you are paying… more»
If you previously used a different solution, which one did you use and why did you switch?I have dabbled with LogRythm and ArcSight and they are both OK, but Time-To-Value is WAY shorter with Splunk, IMHO.
What other advice do I have?You can also get GREAT help at answers.splunk.com.
Which other solutions did I evaluate?No,we went with the free trial and got so much value so quickly we bought in.
Feb 14 2019
Clients benefit from the live security monitoring of their parent IP infrastructure base but Splunk should adjust the pricing
What is most valuable?Splunk has many good apps and has a contribution from all security vendors. That's where Splunk wins.
How has it helped my organization?We sell it to clients so clients benefit from Splunk in terms of live security monitoring of their parent IP infrastructure base. Their IP security and network application base is where we have a 24/7 monitoring interface.
What needs improvement?Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market. Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote… more»
What's my experience with pricing, setup cost, and licensing?Pricing is one factor that hurts everybody on the market; the client, the reseller, everybody that touches it. Only Splunk makes money. It is hard to have it for the long term if it's a stretch for your budget. Pricing becomes a problem and… more»
What other advice do I have?I will rate it as a security product an eight out of 10. There's no product which is perfect unless you go back and you create a psychic of the solutions.
See 50 More Splunk Reviews
User Assessments By Topic About Splunk
Read Archived Reviews
What is Splunk?
Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.
Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.