Austin based SolarWinds acquired log management tool Papertrail in April, 2015.
N/A
Splunk Cloud Platform
Score 8.3 out of 10
N/A
Splunk Cloud Platform is a data platform service thats help users search, analyze, visualize and act on data. The service can go live in as little as two days, and with an IT backend managed by Splunk experts.
As a 3rd party endpoint, SolarWinds Papertrail did exactly what it needed to. My hesitation is on the technical aptitude of the colleague receiving the recommendation, as the overall level of command line skill/understanding would have to be high. Web applications are a great solution here, but MOST of them already provide some sort of logging output. The scenario would definitely be in the situation where logging wasn't readily available in the current solution space. IF something like SolarWinds Papertrail was needed, it's probably the de facto thing that I would recommend.
Splunk is excellent when all your data is in one location. Its ability to correlate all that data is intuitive (once the hurdle of learning the query language is overcome). It is also easy to standardize the presentation of information to the company. When data is siloed/standalone, other systems can be cheaper and faster to implement.
This SIEM consolidates multiple data points and offers several features and benefits, creating custom dashboards and managing alert workflows.
Splunk Cloud provides a simple way to have a central monitoring and security solution. Though it does not have a huge learning curve, you should spend some time learning the basics.
Splunk Cloud enables me to create and schedule statistical reports on network use for Management.
It's extremely easy to use. I and new colleagues have never had any issues configuring this tool or setting it up, it works almost out of the box with very simple instructions to follow to configure it to our own environment. I would highly recommend it on that ability alone.
I honestly have never had the need to use the support team, as we have not run into any issues so far. If we did however, judging from how the tool itself works, I don't doubt that the team would provide excellent support for any issues that we may possibly run into.
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.
CloudWatch, by itself, is terrible at search. CloudWatch Insights works great and has powerful search capabilities, but it's more difficult to set up alerts. Also, because Insights charges per search, you have the potential to accumulate a large bill if you need to do many searches. I like that SolarWinds Papertrail has a known monthly cost.
Search Processing Language really is a game changer for writing easy-to-understand and maintainable queries on your data base logs. Once understood, setting up and validating a query can be done in no time- which leaves us the option to focus on more monitoring and improved services. We have no other tools that utilizes data this efficiently
