TrustRadius
Splunk Cloud -- A tool that helps monitor and solve problems.Here at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.,Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately. Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters. Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.,The SPL programming language that the queries are built in is not very intuitive. There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring. I would like to see more free training/familiarization information made available.,10,Splunk Cloud has had a positive ROI in helping more efficiently track the cause of Help Desk Tickets. The billing model which is based on the amount of data from logs uploaded doesn't alert if a threshold is approaching. This can have a negative ROI. The training that I have taken while in-depth and focused is pretty expensive.,Splunk Cloud, good for cloud-first companies.We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.,Integration with Okta for IAM-related security events and monitoring. Integration with AWS for CloudTrail and CloudWatch logs Integration with Mimecast for email monitoring and integration,Deploying apps require a support ticket and can have a long turnaround time. Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously Custom apps have to be very well written to make it through the approval process.,7,We're already seeing benefits of better visibility. We're creating alerts and integrating with Slack for better DevSecOps,Splunk Enterprise
  3. Splunk Cloud Reviews
Unspecified
Splunk Cloud
26 Ratings
Score 8.6 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Splunk Cloud Reviews

Splunk Cloud
26 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.6 out of 101
Show Filters 
Hide Filters 
Filter 26 vetted Splunk Cloud reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Show All Filters
More Filters 
Less Filters 

Reviews (1-2 of 2)

  Vendors can't alter or remove reviews. Here's why.
Jeff Kitchens profile photo
March 22, 2018

Review: "Splunk Cloud -- A tool that helps monitor and solve problems."

Jeff Kitchens
Score 10 out of 10
Vetted Review
Verified User
Review Source
Here at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.
  • Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately.
  • Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters.
  • Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.
  • The SPL programming language that the queries are built in is not very intuitive.
  • There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring.
  • I would like to see more free training/familiarization information made available.
I find that Splunk Cloud is well suited for tracking user logins, Server Reboots, failed login attempts, account lockouts, and sorting these items by host or user. We often trace failed user logins to someone having cached credentials on an endpoint which can result in locked accounts that drive the Help Desk ticket volume up unnecessarily.
Read Jeff Kitchens's full review
Colin Jackson, CISSP, MMIS, GMON profile photo
July 13, 2018

Review: "Splunk Cloud, good for cloud-first companies."

Colin Jackson, CISSP, MMIS, GMON
Score 7 out of 10
Vetted Review
Verified User
Review Source
We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.
  • Integration with Okta for IAM-related security events and monitoring.
  • Integration with AWS for CloudTrail and CloudWatch logs
  • Integration with Mimecast for email monitoring and integration
  • Deploying apps require a support ticket and can have a long turnaround time.
  • Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously
  • Custom apps have to be very well written to make it through the approval process.
If you have a smaller team that can't have a dedicated Splunk admin to manage the indexers, clusters, search heads, etc, Splunk Cloud is good because you have them manage it.
Read Colin Jackson, CISSP, MMIS, GMON's full review

Splunk Cloud Scorecard Summary

Likelihood to Recommend (26)
8.6

Feature Scorecard Summary

Centralized event and log data collection (2)
10.0
Correlation (2)
9.5
Event and log normalization (2)
9.0
Deployment flexibility (2)
9.0
Integration with Identity and Access Management Tools (1)
9
Custom dashboards and views (2)
10.0
Host and network-based intrusion detection (2)
10.0

About Splunk Cloud

Categories:  Security Information and Event Management (SIEM)

Splunk Cloud Technical Details

Operating Systems: Unspecified
Mobile Application:No