IBM AIOps Insights vs. Splunk Enterprise vs. Splunk IT Service Intelligence (ITSI)

It's ideal for large IT infrastructures that have access to huge amounts of data and to proactively identify issues before they occur. It can automate repetitive tasks and responses, which helps with early resolution. It is not suitable for smaller setups with less data as it leads to a huge cost burden on the business.

Incentivized

It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.

Incentivized

Splunk ITSI is a great tool (and toolbox) for combining together numerous and varied monitoring regimes to bring more holistic analysis and reduce alert fatigue. By leveraging the Splunk ITSI service and KPI modeling regime, ecosystem telemetry can be turned into a more reliable, clearer, high-level perspective on the current state of your components and services.

• Problem identification with the help of data and events much before they happen ensures smooth operations.
• Incident resolution: Provide real-time contextual information on the root cause of the issue and highlight historical data for similar events.
• Can automate routine tasks associated with incident management, which ultimately saves time.

Incentivized

• It is very useful in creating custom rules for analyzing system logs and display relevant information. The query language is very easy to learn.
• We can create custom UI to visualize the output of our data. The interface is very flexible. It also allows the sharing of rules among users.
• There is an open online community to help others. Stackoverflow also has a splunk community. These resources make it more convenient to learn.

Incentivized

• Monitor hundreds of IT services by continuously tracking thousands of KPIs in a scalable way.
• Quickly identify problem areas by a combination of default visualizations and ability to create custom dashboards.
• Extremely configurable to effectively monitor nearly any KPI imaginable from Splunk.

Incentivized

• It has limited integration capability, especially for mainframe.

Incentivized

• Splunk light limits number of users to 5. Wish there was a flexible license, where one could add more users.
• Splunk light does not let you add > few realtime alerts. Wish there was a flexible license, where one could add as many realtime alerts as wanted.
• Better insight into daily ingestion values

Incentivized

• ITSI really needs a robust splunk log ingestion infrastructure at its core
• ITSI requires a great engineering team to build out the automated discovery and topology
• Unless you use an API to build the topology, the view can quickly become static

Incentivized

We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.

We have replaced our monitoring platform with Splunk & ITSI, and with the success, it's seen at our organization thus far we would be hard-pressed to pivot to another tool. Frankly, our business partners and application teams love Splunk & ITSI.

You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.

Incentivized

Splunk IT Service Intelligence (ITSI) is a platform with extended functionality and provides various functionalities which can be utilized to improve the efficiency and accuracy in analyzing the data and detecting the attacks.

When properly setup and configured, Splunk is extremely reliable.

Incentivized

Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.

Incentivized

During POC, pre-planning, and implementation, we have had interactions with numerous folks at Splunk. Everyone from sales & engineering to markets analysts to specific IT component SMEs, and a small professional services engagement to get started. They have all been exceptionally helpful and go above and beyond the call of duty. They actively reach out to ensure success is being realized and find ways to help proactively, instead of having to simply open support cases with the vendor.

The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.

Smooth without too many major issues.

Incentivized

- Breadth of service—Event and incident management, Automation capabilities, root cause analysis—IBM's brand image As I was not involved in the purchasing decision, I am not aware of all the reasons why this product was selected.

Incentivized

I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.

Incentivized

Splunk has raised itself as a platform not just as a tool unlike other products in the market. If I talk about Moogsoft it also has similar capabilities but Splunk ITSI has more visibility and its GUI is making a different impact on the users. ServiceNow and Splunk are equally capable products however Splunk seems to have more tech-savvy people tools than ServiceNow.

Incentivized

Splunk can scale in to the petabyte per day range which of course is awesome

• Reduce downtime and improve service availability.
• Enhance productivity.
• Reduce cost and decision making.

Incentivized

• I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
• Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
• Splunk is very easy to learn and very useful to any program or business application.

Incentivized

• Splunk ITSI has reduced the number of alerts exposed to our Network Operations Center by 100x while increasing the context around outages.
• Splunk ITSI has increased the accuracy of our incident detection by leveraging the Event Analytics system to weigh the behavior of the many characteristics of each component together instead of independently.
• Splunk ITSI has reduced our incident MTTR (mean time to restore) by detecting issues faster, presenting them more clearly, and surfacing the salient details about the underlying issue.