If i have put a word it would say "Fantastic". The functionalities Splunk provides eases team to manage/monitor their IT infrastructure and internal application you will be well aware about the performance of your applications. Setup alerting and take necessary actions in stipulated time to overcome all the issues which may affect your application performance.

Splunk offers various features whether you need to setup monitoring on your server, application logs based on logs ingestion set alerts so that teams got notified on real time and take actions accordingly. In this way, it helps to monitor application which are mission critical. You can make dashboards in Splunk where you can configure various components such indexes, data inputs and schedule reports as well. To achieve additional functionalities we can install third party apps as well such as AWS Add on for cloud watch log ingestion.

From Admin perspective, I found user access management a little difficult. The roles of access management becomes complicated because some time the config files for that didn't came very handy. Other then that I think all in all Splunk provides fulfill all of the requirements.

Splunk's SPL is a flexible, straight forward query-language with aspects of SQL, R, Python, and Bash. The fact that an analyst can learn to be an engineer through using the platform provides ease of growth. It is unmatched in its automation to make data actionable, while providing reporting and visualization capabilities.

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Easily identifying trends between systems Helps identifying problems

Makes it easy to identify trends within your environment. Once everything is aggregated it makes it easy for example, to see the knock on events of a network outage throughout the environment.

Web user interface is a bit clunky. Its very polished interface, but in many cases it's style over substance. When I'm debugging an issue I want to be able to drill down into the problem fast, and the shiny interface can be sluggish and slow you down.h

Best tracking and data analysis tool which help to monitor and manage the server and system component in very effective way. Real time Visualization helps to take the quick decision so that desired action can be taken to avoid failure.Best data collection in the forms of log and which helps to define the best set of automation jobs to fix the issue.

There are few components or observation like,1. most of the time observes the slowness in the performance.2. Sometime observe the delay in the issue or updated log reflection on the portal. 3. Need more storage to manage and maintain the lo g which impact organizational costing and budget.

Splunk data visualization and its analytics handling chunks of data is exceptional.

Data visualization, Analytics skills with AI-powered and can handle data in TB/per day without any interruptions in services. Live dashboards, developing use-cases and their capabilities (correlation).

complex architecture and efficient skills are required, financial is also not feasible for small and medium customers. no inbuilt query builders for beginners to understand the platform.

We needed a way to monitor our internal environment and start to be more proactive with issues, so we started sending all of our logs to Splunk and we we able to get insights we did not know we needed. It is a great solution and they are constantly innovating.

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Overall i like the product but as the user base grows the logs grows too. This busts the limits of the licensing. We need to keep on doing housekeeping to ensure that our license limits is not crossed.

The ablitity to configure and tweak the use cases. Building Intelligence into forensics. The AI feature is gud but needs more enhancements.

The log management needs to be efficient , If the auditing logs is enabled then a huge influx of logs are pumed into splunk but no meaningful meaning can be derived.

Provides a single location for collecting and analyzing logs. Provides ease of use for non-technical users, but powerful features for security and IT. There is an add-on/app for anything you could imagine.

Some documentation is vague, and when certain things don't work, it can be difficult to find out a solution to the problem.

Splunk has made me realize the ability to correlate different data from different realms altogether and generate valuable insights.

The ability to use this software for security operations, data analysis, creating dashboards, generating tickets and everything else

Splunk uses its own SPL, which is not very easy to learn. However, there are lots of documentation that Splunk provides to its customers. There is paid training available which is useful for beginners to learn.

It's a great tool and used for many years to come.

Real time use. The ingestion of data and more.

Nothing yet.. maybe performance at times.

Is a robust and intelligent management tool that enables everyone with user computer knowledge to navigate in real-time, consolidate vast data into a visualized report of dashboard features , reliable and web based, no major equipment required for setup, user need a smartphone or compute to access the platform through the web, you can navigate the system as long as you have computer knowledge without any training required(user friendly) .

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge. The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

XRAY vision on your production instances. Every day we code our applications so that we will be splunk friendly with our app log statements. For example "featureX=value" allows you to query for every customer that engaged with featureX.

Splunk allows us to see exactly what is going on in production! I work on commerce for a fortune 100 company, and we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time. You will learn that you can place strategic log statements in your code that allows you to identify situations in production and be proactive at solving them. For example, you can log your customer's session cookie ID, and track any given customer's activity on your website via your app logs. It gives you dials and charting capabilities to monitor even the slightest drops in customer activities due to flaws in code or slowing network calls.

PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses.

Saved my a$$ many times. In a multi-server environment, if you don't have Splunk or something like it, it will be a nightmare to try and coordinate the various log files involved.

Several of our applications are distributed across multiple systems. It is the same software running on each server but doing the same job for different users. Each server would generate its own log files. When things went wrong, we used Splunk to be able to see what was going on on each server. Click a few buttons and you get two logs from two different servers listed together coordinated by time. But that leads you to discover that the issue came from a separate upstream or downstream server, then bring in those logs too . . . all coordinated by time. Don't get me wrong, the IT guys love these tools for their own enterprise reasons, but as a server stack developer, this was a resource I used OFTEN.

I never fully grokked their SQL like language. I could do basic things daily without issue. However, I often had to hit the documentation to do anything more than a simple "find this" query.

We are in Autodesk, use it much, as part of the monitoring tool. We like it and would like it to be improved and even more useful

Dashboards feature is amazing, I use it much. Alerts and queries are easy to set up. Mostly it works fast so it's kind of Dev friendly so it's easy to onboard the new guys

Alerts should have a better way to manage it. There should be a way to promote alerts to different environments - so we will be able to set the Dev/Stg/Prod Sometimes some things that we want to do take a while searching on the internet for a solution - they might think how to do it better - maybe some examples or better documentation

Splunk has been key in sever major issue root causes by analyzing logs and from that being able to build reports and determine causes of issues. In addition being able to trend and look for the data in the many logs is very helpful.

We use this tool primarily as a repository for syslog messages for infrastructure. It allows us to quickly analyze the logs and patterns to determine issues based on patterns. In addition it alerts very well from text based trigger alerts. These features are very easy to use and dependable.

I do not have any cons for this software. Mainly as a user it does exactly what I need it to do with no overhead and confusing interfaces.