If i have put a word it would say "Fantastic". The functionalities Splunk provides eases team to manage/monitor their IT infrastructure and internal application you will be well aware about the performance of your applications. Setup alerting and take necessary actions in stipulated time to overcome all the issues which may affect your application performance.

Splunk offers various features whether you need to setup monitoring on your server, application logs based on logs ingestion set alerts so that teams got notified on real time and take actions accordingly. In this way, it helps to monitor application which are mission critical. You can make dashboards in Splunk where you can configure various components such indexes, data inputs and schedule reports as well. To achieve additional functionalities we can install third party apps as well such as AWS Add on for cloud watch log ingestion.

From Admin perspective, I found user access management a little difficult. The roles of access management becomes complicated because some time the config files for that didn't came very handy. Other then that I think all in all Splunk provides fulfill all of the requirements.

Splunk's SPL is a flexible, straight forward query-language with aspects of SQL, R, Python, and Bash. The fact that an analyst can learn to be an engineer through using the platform provides ease of growth. It is unmatched in its automation to make data actionable, while providing reporting and visualization capabilities.

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Easily identifying trends between systems Helps identifying problems

Makes it easy to identify trends within your environment. Once everything is aggregated it makes it easy for example, to see the knock on events of a network outage throughout the environment.

Web user interface is a bit clunky. Its very polished interface, but in many cases it's style over substance. When I'm debugging an issue I want to be able to drill down into the problem fast, and the shiny interface can be sluggish and slow you down.h

Best tracking and data analysis tool which help to monitor and manage the server and system component in very effective way. Real time Visualization helps to take the quick decision so that desired action can be taken to avoid failure.Best data collection in the forms of log and which helps to define the best set of automation jobs to fix the issue.

There are few components or observation like,1. most of the time observes the slowness in the performance.2. Sometime observe the delay in the issue or updated log reflection on the portal. 3. Need more storage to manage and maintain the lo g which impact organizational costing and budget.