Austin based SolarWinds acquired log management tool Papertrail in April, 2015.
N/A
Splunk Cloud
Score 8.3 out of 10
N/A
A data platform service thats help users search, analyze, visualize and act on data. The service can go live in as little as two days, and with an IT backend managed by Splunk experts, users can focus on acting on data. Search any kind of data in real-time to detect and prevent issues before they happen with access to streaming and machine learning capabilities. Search any kind of data in real-time to detect and prevent issues before they happen with access to the latest streaming and machine…
As a 3rd party endpoint, SolarWinds Papertrail did exactly what it needed to. My hesitation is on the technical aptitude of the colleague receiving the recommendation, as the overall level of command line skill/understanding would have to be high. Web applications are a great solution here, but MOST of them already provide some sort of logging output. The scenario would definitely be in the situation where logging wasn't readily available in the current solution space. IF something like SolarWinds Papertrail was needed, it's probably the de facto thing that I would recommend.
Splunk is excellent when all your data is in one location. Its ability to correlate all that data is intuitive (once the hurdle of learning the query language is overcome). It is also easy to standardize the presentation of information to the company. When data is siloed/standalone, other systems can be cheaper and faster to implement.
This SIEM consolidates multiple data points and offers several features and benefits, creating custom dashboards and managing alert workflows.
Splunk Cloud provides a simple way to have a central monitoring and security solution. Though it does not have a huge learning curve, you should spend some time learning the basics.
Splunk Cloud enables me to create and schedule statistical reports on network use for Management.
It's extremely easy to use. I and new colleagues have never had any issues configuring this tool or setting it up, it works almost out of the box with very simple instructions to follow to configure it to our own environment. I would highly recommend it on that ability alone.
Overall, it is very usable. I would like if recent searches were saved for longer because I always have to refer to my notes when I'm looking for something specific and it's been a few weeks. But that's a small issue, and the actual search and browsing interface is easy to use and powerful.
I honestly have never had the need to use the support team, as we have not run into any issues so far. If we did however, judging from how the tool itself works, I don't doubt that the team would provide excellent support for any issues that we may possibly run into.
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.
CloudWatch, by itself, is terrible at search. CloudWatch Insights works great and has powerful search capabilities, but it's more difficult to set up alerts. Also, because Insights charges per search, you have the potential to accumulate a large bill if you need to do many searches. I like that SolarWinds Papertrail has a known monthly cost.
Splunk Cloud blows Sumo Logic out of the water. The experience is night and day. We went from several highly stressed IT security professionals who were unsure if the data they were getting was valuable, to very happy IT security professionals who can now be more proactive and get all the information they need.
