If you were talking to someone whose organization is considering Splunk Cloud, what would you say?
How would you rate it and why? Any other tips or advice?
Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product. Interface-wise, I think the product is good. Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective. Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them. Whatever the use cases we had for Splunk, we were able to make it work. Cost optimization is the only thing that needs to be reconsidered. On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.
I would rate Splunk a nine out of ten. The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.
I feel that Splunk Cloud is good as it is. It is the best tool on the market. My advice to anybody who is considering this solution is to start now and don't wait. Every day that you wait, you can be wasting time and money. I would rate this solution a nine out of ten.
My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features. I would rate this solution a seven out of ten.
Overall, I find that Splunk is pretty good. It is a very mature product and I can see that compared to when I used to five years ago as an end-user, they have been improving in every way. The interface is something that has become more user-friendly over time. When there is something missing, it is handled by another product from the vendor. For example, if you need to add predictive analysis then you use Splunk Phantom. There are many other SIEM tools on the market, such as IBM QRadar and ArcSight Logger. Splunk is comparatively more expensive but it has many features and good functionality. I definitely recommend it. I would rate this solution a nine out of ten.
What do you like most about Splunk Cloud?
Thanks for sharing your thoughts with the community!
Let the community know what you think. Share your opinions now!