ignio AIOps, from Digitate in Santa Clara, is a solution designed to improve business agility by creating a unified view of the IT estate, connecting business functions to applications and infrastructure. This is combined with behavior profile of systems and applications that is continuously learnt using this blueprint. ignio aims to improve the transparency of complex Enterprise IT landscapes.
N/A
Splunk Enterprise
Score 8.5 out of 10
N/A
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
It's good for issue resolution, user access request automation, standard report generation, health checks, executing self-healing as configured in the attributes. Currently not good at real-time monitoring to trigger an action. Health checks have to be on a scheduled basis.
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
There is a lot more the desktop tool can do. For example, we need to apply an upgrade to get the tool to talk to our infrastructure while employees are working from home. The tool was initially installed with the assumption that the desktops would be in UserLand. Instead after COVID-19 the desktop/laptops have been used for over a year on people's home networks. As of right now, we have to sync when the devices are connected to VPN. Moving forward with the upgrade, we will be getting this data over TLS when they are connected to the untrusted networks.
The concept of ignio AlOps requires OCM efforts within most operational teams. This isn't necessarily the fault of the tool itself, but when implementing ignio, or any AIOps tool, the team will get a lot of pushback as an outside team is centralizing the operational improvements. The tool should have a centralized intake process that will allow the collection, ranking, and management of automation opportunities. ignio AlOps should then simulate the proposed efficiencies from implementing something within the backlog. Right now a lot of local teams are having a hard time getting on the same page as the enterprise teams, and a common methodology for prioritizing (even if overly simplistic) would go a long way to enterprise planning.
These tools are very new and things get added to them all the time. There should be a way for the product's stakeholders and process owners to understand the additional value ignio AlOps is gaining over time.
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
ignio AIOps version upgrades were a heavy lift. Having to learn a new language versus an industry standard language took time. More consideration on overall internal long-term support needs to be determined.
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
We have built a healthy relationship with the vendor support team throughout the implementation phase, all incidents raised were resolved within the SLA without a fail
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.
I am happy with the way team has implemented and shared the product for our organization. However, would like to see it get extended to the other line of business too.
I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.
I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
Splunk is very easy to learn and very useful to any program or business application.
