2019-10-10T09:25:00Z

What advice do you have for others considering Splunk Insights for Infrastructure?


If you were talking to someone whose organization is considering Splunk Insights for Infrastructure, what would you say?

How would you rate it and why? Any other tips or advice?

Guest
1010 Answers

author avatar
Top 10Real User

As a newbie, I wouldn't prefer Splunk. The reason being that it's a completely enterprise-grade solution. As a startup, you don't implement Splunk for the first time. We'd put an open-source product. With us, we have many of the Italian products, which proves to be a good open-source solution. In the end, people intend to go for enterprise support for the vulnerability patching, report generation, and enterprise support. People go for licensing based on that. I wouldn't refer any newbies to go for a weak enterprise-grade solution as they barge into any technology. I would rate Splunk a seven out of ten.

2020-03-29T08:26:00Z
author avatar
Top 5Real User

I would rate Splunk Insights for Infrastructure at a seven out of ten.

2020-03-15T08:07:00Z
author avatar
Top 5Consultant

I would definitely recommend the solution. I'd rate it eight out of ten. I don't believe we have a business relationship with Splunk, but we do have a large number of licenses with them.

2020-03-09T08:07:55Z
author avatar
Top 5Real User

We're a Splunk partner and reseller. Typically, the solution is on-prem for the most part because it requires a very heavy lift in storage and the storage is very expensive. Most companies deploy it on-premise and then add on the cloud solution as well later on. I'd warn other organizations that want to use the solution that they need to be prepared to spend a lot of money. I'd rate the solution seven out of ten due to the fact that it's extremely complex to run and deploy.

2020-03-09T08:07:00Z
author avatar
Top 5Real User

On a scale from one to ten where one is the worst and ten is the best, I would rate it at around an eight. We are using it for six years now and renewing the support and the license. So you can say that we are at least reasonably happy with the product and do not have to replace it. To make the product rate higher they would have to match some of the capabilities of other products within the same category that they lack. For example, if we want to get to a feature in QRadar, we can get to it in two clicks. But with Splunk, we need to do a lot more to navigate to the features. Sometimes when we need to accomplish a task, it may not be part of the basic system so we need to write more code and do more work to get the same result as we might if using another product. The other point, I think, has to do with the storage. Splunk does not have appliances and storage and we have to be the ones who are responsible for taking care of the matters of requisitioning the appropriate hardware. A lot of storage is needed just for logs that it generates. So I think this hardware problem and need for storage is another issue that we might face with Splunk if we use it as a SIEM (Security Information and Event Management).

2020-01-29T11:22:00Z
author avatar
Top 10Real User

This is a very good product, but my advice is that you have to be trained in order to use it, otherwise you will be lost. I would rate this solution an eight out of ten.

2019-10-28T06:34:00Z
author avatar
Top 5LeaderboardReal User

My experience with this solution in analyzing machine data is really good. The interface could be simplified and I would like to have more clustering. On a scale of one to ten, I rate this solution a seven.

2019-10-28T06:33:00Z
author avatar
Top 5LeaderboardConsultant

We use the private cloud deployment model. I'd rate the solution seven out of ten.

2019-10-20T10:33:00Z
author avatar
Top 5LeaderboardReal User

I am not certified with Splunk, but I am a system administrator. I passed the fundamentals one and two. This is a very good solution. I would rate this solution a nine out of ten.

2019-10-10T09:25:00Z
author avatar
Real User

The advice that I would give to companies considering this type of solution is that choosing the right solution all depends on what you want to do. I'd say Splunk makes more sense if you only want to have one tool or service to monitor. A lot of our infrastructure is not complex. I just put Splunk there, I collect the logs and I calculate what I need. I do that step-by-step, so it is a bit difficult as an approach when things are more complex. You want to reduce complexity when monitoring just one single service. Our business is focused on monitoring. We don't want monitoring to care about software distribution and additional concerns. So, if it is just straight forward monitoring of a service that you need to do, then I think then you're right to use this product. There are other potential solutions. On a scale from one to ten where one is the worst and ten is the best, I would rate Splunk as an eight.

2019-10-10T09:25:00Z
Learn what your peers think about Splunk Insights for Infrastructure. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.