TrustRadius
SplunkHeavy Hitter SIEM!2019-06-22T02:53:29.189ZWe use Splunk to centralize and consume all of our server logs, and various other logs, to monitor for interruptions in service, anomalous activity, and other security-related events. Splunk is primarily used by our DevOps and Security teams. Splunk solved an issue of being able to easily and effectively search hundreds of thousands of log entries in an easy to consume format.,Splunk is extremely versatile and can consume just about any kind of log out there.
Splunk's search function is very powerful, and allows for some very complex search criteria. Narrowing and/or expanding search results is as simple as a click of the mouse.
There are many different apps/plugins that can be added to Splunk that provide built-in reporting and alerting on certain kinds of events, meaning you don't have to be an expert to use Splunk.,There is a bit of a learning curve to figure out how to initially use it.
When SAML is set up, there is no apparent way to log out.,8,The biggest return on investment is how quickly logs are now consumed, and how quickly we can follow events that occur in logs.
The number of logs that can be consumed by Splunk is much higher than previous solutions.
We have much better visibility into our logs, and are able to spot patterns in events with the built-in graphs and reports.,Datadog,JIRA Software, Atlassian Confluence, Slack, Egencia, ExpensifyChase Palmer, CISSPSplunk Cloud: Find the needle in your haystack of data2019-03-15T01:30:42.080ZSplunk is used by just about every person in our company, from sales, to support, and from dev to operations. It has been adopted at all levels of our organization. We use Splunk to monitor build deployments, support tickets but most especially for operations and finding problems with servers and systems. We have many TVs setup in our Network Operations Center showing various aspects of our infrastructure. Splunk cloud is simply where our data is stored and searched.,Excellent tool for correlating logs from hundreds of servers and digging into events for a specific time period.
Based on issues found Splunk allows for simple and complex monitoring to alert when the same event or problem is seen again.
Advanced dashboard tools allow for unique and creative perspectives on how to display data in ways relevant to each department in our organization.,Some of their more advanced features, like ITSI, Machine Learning, or Security Analytics, can be very challenging to setup and configure.
Splunk Cloud support has been a challenge in the past. They are getting better, but they have had problems responding in a timely manner to issues.
These are only some minor observations of things I have had to deal with. In general, Splunk is a solid product that is fantastic to use.,10,We have found out interesting questions relating to our data that has dramatically improved the way our devs write their code.
The amount of insight we have into our applications and infrastructure allows us to find problems before they cause issues with our clients.
We have the ability to stay ahead of a train wreck while the train is still 20 minutes away. Splunk has allowed us to see things coming before they are problems.,Datadog and AppDynamics,Datadog, AppDynamics, SolarWinds ipMonitorVerified UserSplunk Cloud -- A tool that helps monitor and solve problems.2018-03-22T17:59:31.890ZHere at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.,Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately.
Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters.
Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.,The SPL programming language that the queries are built in is not very intuitive.
There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring.
I would like to see more free training/familiarization information made available.,10,Splunk Cloud has had a positive ROI in helping more efficiently track the cause of Help Desk Tickets.
The billing model which is based on the amount of data from logs uploaded doesn't alert if a threshold is approaching. This can have a negative ROI.
The training that I have taken while in-depth and focused is pretty expensive.,Jeff KitchensSplunk Cloud, good for cloud-first companies.2018-07-13T19:57:28.251ZWe recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.,Integration with Okta for IAM-related security events and monitoring.
Integration with AWS for CloudTrail and CloudWatch logs
Integration with Mimecast for email monitoring and integration,Deploying apps require a support ticket and can have a long turnaround time.
Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously
Custom apps have to be very well written to make it through the approval process.,7,We're already seeing benefits of better visibility. We're creating alerts and integrating with Slack for better DevSecOps,Splunk EnterpriseColin Jackson, CISSP, MMIS, GMON
Unspecified
Splunk Cloud
32 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
