TrustRadius
Splunk Cloud is a great solution for SIEMSplunk Cloud is being used by our IT security operation and our DevOps team. It is being used similarly to a SIEM for aggregating log data and running analysis on it for generating alerts. It replaced Sumo Logic which was producing too many poor alerts and was not as robust of a solution. It supports our SOC well, and it makes our security team's job much easier. We are also using it in DevOps as a pilot for APM.,We have no suggestions at this time. It has been a great experience.,10,Reduced the amount of time needed from internal security resources (freed up at least 3 FTEs). Reduced the cost per daily GB ingests of our SIEM by 33%. Allowed us to migrate to a lower cost SOC model.,Sumo Logic,10Data is the new Oil!!Splunk Cloud is being used by our department. It solved many business problem as it delivers Splunk-as-a-Service hosted securely on the public cloud. With this cloud-ready service, one can enjoy all of Splunk Enterprise features without worrying about hosting the infrastructure and without paying the upfront Splunk licensing cost. Splunk Cloud supports all Splunkbase apps including Premium applications (e.g. Enterprise Security, ITSI, etc.) with pre-packaged searches, dashboards, and reports to create the right story from the data with the power of self-serviceability.,With Splunk Cloud you get the advantage of moving from POC to Production in a matter of days rather than in months allowing the Business to gain a lot. Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership) Move from Reactive to Proactive Monitoring Highly secure environment at your finger-tips,Splunk Cloud support is increasing a lot now a days and I see no cons other than the price factor to the other compared products. Overall Splunk Cloud is a very good product all together. I can see that Splunk Cloud can still improve in the form of SLA. Splunk Cloud generally lags behind the available splunk upgrades. They are always one version behind the one available for enterprise.,9,End-end visibility across your departmental silos Strengthen the overall global monitoring posture Move from Reactive to Proactive Monitoring Highly secure environment at your finger-tips Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership),Moogsoft, Elasticsearch, Jenkins and Ansible,Splunk Enterprise, JenkinsPowerful and versatileSplunk is available to all our teams, and usage is spreading. My team uses it for all the applications we manage, and it lets us log all user events in our mobile application and backend services. The reports it enables also really help with visibility and monitoring. For example, we were able to create a dashboard showing the average amount of time it takes to get through a particular flow in the app, the number of units processed per day in our app, error rates, and a lot more.,Powerful query language. Very fast search indexing. Intuitive UI.,The query language is well-documented but has a bit of a learning curve. I wish copy/pasting JSON from the logs were easier without going to the completely raw (condensed) form.,9,It has allowed my team to find answers to support issues quickly. It has given us insight into how our app is doing through custom dashboards. It has simplified logging setup with their easy-to-use API.,8,10,Loggly,Slack, GitHubHeavy Hitter SIEM!We use Splunk to centralize and consume all of our server logs, and various other logs, to monitor for interruptions in service, anomalous activity, and other security-related events. Splunk is primarily used by our DevOps and Security teams. Splunk solved an issue of being able to easily and effectively search hundreds of thousands of log entries in an easy to consume format.,Splunk is extremely versatile and can consume just about any kind of log out there. Splunk's search function is very powerful, and allows for some very complex search criteria. Narrowing and/or expanding search results is as simple as a click of the mouse. There are many different apps/plugins that can be added to Splunk that provide built-in reporting and alerting on certain kinds of events, meaning you don't have to be an expert to use Splunk.,There is a bit of a learning curve to figure out how to initially use it. When SAML is set up, there is no apparent way to log out.,8,The biggest return on investment is how quickly logs are now consumed, and how quickly we can follow events that occur in logs. The number of logs that can be consumed by Splunk is much higher than previous solutions. We have much better visibility into our logs, and are able to spot patterns in events with the built-in graphs and reports.,Datadog,JIRA Software, Atlassian Confluence, Slack, Egencia, ExpensifySplunk Cloud: Find the needle in your haystack of dataSplunk is used by just about every person in our company, from sales, to support, and from dev to operations. It has been adopted at all levels of our organization. We use Splunk to monitor build deployments, support tickets but most especially for operations and finding problems with servers and systems. We have many TVs setup in our Network Operations Center showing various aspects of our infrastructure. Splunk cloud is simply where our data is stored and searched.,Excellent tool for correlating logs from hundreds of servers and digging into events for a specific time period. Based on issues found Splunk allows for simple and complex monitoring to alert when the same event or problem is seen again. Advanced dashboard tools allow for unique and creative perspectives on how to display data in ways relevant to each department in our organization.,Some of their more advanced features, like ITSI, Machine Learning, or Security Analytics, can be very challenging to setup and configure. Splunk Cloud support has been a challenge in the past. They are getting better, but they have had problems responding in a timely manner to issues. These are only some minor observations of things I have had to deal with. In general, Splunk is a solid product that is fantastic to use.,10,We have found out interesting questions relating to our data that has dramatically improved the way our devs write their code. The amount of insight we have into our applications and infrastructure allows us to find problems before they cause issues with our clients. We have the ability to stay ahead of a train wreck while the train is still 20 minutes away. Splunk has allowed us to see things coming before they are problems.,Datadog and AppDynamics,Datadog, AppDynamics, SolarWinds ipMonitorSplunk Cloud, good for cloud-first companies.We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.,Integration with Okta for IAM-related security events and monitoring. Integration with AWS for CloudTrail and CloudWatch logs Integration with Mimecast for email monitoring and integration,Deploying apps require a support ticket and can have a long turnaround time. Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously Custom apps have to be very well written to make it through the approval process.,7,We're already seeing benefits of better visibility. We're creating alerts and integrating with Slack for better DevSecOps,Splunk EnterpriseSplunk Cloud -- A tool that helps monitor and solve problems.Here at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.,Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately. Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters. Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.,The SPL programming language that the queries are built in is not very intuitive. There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring. I would like to see more free training/familiarization information made available.,10,Splunk Cloud has had a positive ROI in helping more efficiently track the cause of Help Desk Tickets. The billing model which is based on the amount of data from logs uploaded doesn't alert if a threshold is approaching. This can have a negative ROI. The training that I have taken while in-depth and focused is pretty expensive.,Unspecified
Splunk Cloud
38 Ratings
Score 8.9 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>TRScore

Splunk Cloud Reviews

Splunk Cloud
38 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101

Do you work for this company?

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-7 of 7)

Companies can't remove reviews or game the system. Here's why.
Joseph Sweet profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Cloud is being used by our IT security operation and our DevOps team. It is being used similarly to a SIEM for aggregating log data and running analysis on it for generating alerts. It replaced Sumo Logic which was producing too many poor alerts and was not as robust of a solution. It supports our SOC well, and it makes our security team's job much easier. We are also using it in DevOps as a pilot for APM.
Splunk Cloud has been great for our security environment and helping us becoming more proactive at addressing security concerns. For us, it has great transparency in terms of cost and allows for good scalability as we right-size our environment. It is great for developing easy to follow dashboards that you can share across your user environment.
Read Joseph Sweet's full review
Manan Bhatt profile photo
August 16, 2019

Data is the new Oil!!

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk Cloud is being used by our department. It solved many business problem as it delivers Splunk-as-a-Service hosted securely on the public cloud. With this cloud-ready service, one can enjoy all of Splunk Enterprise features without worrying about hosting the infrastructure and without paying the upfront Splunk licensing cost. Splunk Cloud supports all Splunkbase apps including Premium applications (e.g. Enterprise Security, ITSI, etc.) with pre-packaged searches, dashboards, and reports to create the right story from the data with the power of self-serviceability.
  • With Splunk Cloud you get the advantage of moving from POC to Production in a matter of days rather than in months allowing the Business to gain a lot.
  • Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership)
  • Move from Reactive to Proactive Monitoring
  • Highly secure environment at your finger-tips
  • Splunk Cloud support is increasing a lot now a days and I see no cons other than the price factor to the other compared products. Overall Splunk Cloud is a very good product all together.
  • I can see that Splunk Cloud can still improve in the form of SLA.
  • Splunk Cloud generally lags behind the available Splunk upgrades. They are always one version behind the one available for enterprise.
Very well suited for many business use cases where security, performance, and support are the top-most priority, along with the normal use case of Splunk. One would get very good support if the company is using Splunk Cloud and can solve many business problems like seamlessly allowing end users to store, search, analyze and visualize data from different sources of one’s business or IT infrastructure. Splunk Cloud follows the state-of-the-art cloud ready deployment strategies in line with continuous integration/deployment pipeline which is designed for high availability, efficient change management, and robust architecture.

One shouldn't use Splunk Cloud for learning or testing purpose. Such things can be done or fulfilled by Splunk Enterprise as well and would be way cheaper then Splunk Cloud.
Read Manan Bhatt's full review
Kevin Smith profile photo
August 16, 2019

Powerful and versatile

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is available to all our teams, and usage is spreading. My team uses it for all the applications we manage, and it lets us log all user events in our mobile application and backend services. The reports it enables also really help with visibility and monitoring. For example, we were able to create a dashboard showing the average amount of time it takes to get through a particular flow in the app, the number of units processed per day in our app, error rates, and a lot more.
  • Powerful query language.
  • Very fast search indexing.
  • Intuitive UI.
  • The query language is well-documented but has a bit of a learning curve.
  • I wish copy/pasting JSON from the logs were easier without going to the completely raw (condensed) form.
Splunk is great for logging and aggregating information across many sources. We are able to attach unique ids to the requests from our mobile app and trace their execution through our backend services. It is also very powerful for creating dashboards and other insights based on our log data. I would even use it for just a single application, just
for the search capabilities.
Read Kevin Smith's full review
Chase Palmer, CISSP profile photo
June 21, 2019

Heavy Hitter SIEM!

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to centralize and consume all of our server logs, and various other logs, to monitor for interruptions in service, anomalous activity, and other security-related events. Splunk is primarily used by our DevOps and Security teams. Splunk solved an issue of being able to easily and effectively search hundreds of thousands of log entries in an easy to consume format.
  • Splunk is extremely versatile and can consume just about any kind of log out there.
  • Splunk's search function is very powerful, and allows for some very complex search criteria. Narrowing and/or expanding search results is as simple as a click of the mouse.
  • There are many different apps/plugins that can be added to Splunk that provide built-in reporting and alerting on certain kinds of events, meaning you don't have to be an expert to use Splunk.
  • There is a bit of a learning curve to figure out how to initially use it.
  • When SAML is set up, there is no apparent way to log out.
Splunk is not cheap, so Splunk only makes sense for businesses where there are hundreds of thousands of logs a minute, or where manual processes or open source alternatives can't keep up. You will need to have a dedicated person or two in order to configure and manage Splunk on a very regular business, otherwise, you won't be able to reap the full benefits that Splunk can offer.
Read Chase Palmer, CISSP's full review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is used by just about every person in our company, from sales, to support, and from dev to operations. It has been adopted at all levels of our organization. We use Splunk to monitor build deployments, support tickets but most especially for operations and finding problems with servers and systems. We have many TVs setup in our Network Operations Center showing various aspects of our infrastructure. Splunk cloud is simply where our data is stored and searched.
  • Excellent tool for correlating logs from hundreds of servers and digging into events for a specific time period.
  • Based on issues found Splunk allows for simple and complex monitoring to alert when the same event or problem is seen again.
  • Advanced dashboard tools allow for unique and creative perspectives on how to display data in ways relevant to each department in our organization.
  • Some of their more advanced features, like ITSI, Machine Learning, or Security Analytics, can be very challenging to setup and configure.
  • Splunk Cloud support has been a challenge in the past. They are getting better, but they have had problems responding in a timely manner to issues.
  • These are only some minor observations of things I have had to deal with. In general, Splunk is a solid product that is fantastic to use.
Looking for the needle in the haystack is what Splunk excels at. When you have 300 servers all producing logs you need to look at it can be a very daunting task. Splunk allows you to add all of these logs into a central repository to search across all systems. It also helps you find how many times an error is happening and how widespread it is very quickly. I have yet to find an area where Splunk cannot help with searching and obtaining meaningful data from servers and network equipment.
Read this authenticated review
Colin Jackson, CISSP, MMIS, GMON profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source
We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.
  • Integration with Okta for IAM-related security events and monitoring.
  • Integration with AWS for CloudTrail and CloudWatch logs
  • Integration with Mimecast for email monitoring and integration
  • Deploying apps require a support ticket and can have a long turnaround time.
  • Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously
  • Custom apps have to be very well written to make it through the approval process.
If you have a smaller team that can't have a dedicated Splunk admin to manage the indexers, clusters, search heads, etc, Splunk Cloud is good because you have them manage it.
Read Colin Jackson, CISSP, MMIS, GMON's full review
Jeff Kitchens profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Here at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.
  • Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately.
  • Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters.
  • Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.
  • The SPL programming language that the queries are built in is not very intuitive.
  • There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring.
  • I would like to see more free training/familiarization information made available.
I find that Splunk Cloud is well suited for tracking user logins, Server Reboots, failed login attempts, account lockouts, and sorting these items by host or user. We often trace failed user logins to someone having cached credentials on an endpoint which can result in locked accounts that drive the Help Desk ticket volume up unnecessarily.
Read Jeff Kitchens's full review

Feature Scorecard Summary

Centralized event and log data collection (7)
10.0
Correlation (7)
9.4
Event and log normalization (7)
9.3
Deployment flexibility (7)
9.1
Integration with Identity and Access Management Tools (5)
8.6
Custom dashboards and views (7)
10.0
Host and network-based intrusion detection (6)
8.8

About Splunk Cloud

Splunk Cloud Technical Details

Operating Systems: Unspecified
Mobile Application:No