Splunk Enterprise Reviews and Ratings

Use Cases and Deployment Scope

In my organisation, we use Splunk for log monitoring, alerting and specific search in our application logs. For Us, We've set some alerts for error and exception msg for our application log so that we could get alerts for any issues and resolve those.Also while debugging the INCs, we use Splunk to search for specific error msg for our services. We are using Splunk at very broad level and almost we have Splunk setup for 480+ application services.

Likelihood to Recommend

If you have application where you want to setup alerts of specific error or exception message to get notified or your applications are more customer centric and any missing data is crucial, honestly you need Splunk to help you in debugging and identifying the root cause, u can setup multiple indexes and monitor all your services to ensure no data or msg are getting missed due to any exceptions or error and if it gets you will get it through Splunk and it will be helpful in RCA and fixing the issue. If you want just monitoring then AppD is sufficient, u don't need Splunk.

Use Cases and Deployment Scope

Splunk Engerprise is used to collect various security logs but for our organization we usually send account login information to Splunk Enterprise to gather analytics of how many people logged in, unsuccessful logins, and also account logouts. Daily reports are generated and are presented at our daily team meetings for management.

Likelihood to Recommend

Splunk Enterprise is well suited for large enterprise solutions for a company with many systems and endpoints to dump large amounts of security logs. Splunk Enterprise has plenty of storage to keep the logs of security events well over 30 days and has the ability to generate reports of user login and lockouts.

Use Cases and Deployment Scope

Splunk Enterprise is used for overall machine log collection, transform the data for better analysis and then use them for various analytical capabilities like dashboarding, monitoring, alerting and reporting.

Data is collected from various sources and is transformed to get a overall operational visibility and quantify key metrices like availability, latency, throughput and identify patterns in application, infrastructure and network logs. The overall visibility helps us to easily identify common issues, proactively capture points of failures, identify network attacks and resolve issues quickly to improve customer satisfaction. It also gives us a chance to improve our services by identifying areas which can be optimized by refactoring code, updating configs or move to better underlying technologies.

Likelihood to Recommend

Splunk Enterprise is a goto tool for anyone working with multiple sources of machine data. I really like how logs are pre-parsed to highlight all required fields and more can be extracted if required. We dont have to write complex code to extract json or xml data which is a real pain area in some of the similar softwares. Dashboards can be scheduled on email to stakeholders as daily reports and can also be exported and imported as XML.

We can also create macros which are small code blocks which can be resused at multiple places.

Use Cases and Deployment Scope

Primarily used for logging and track application error events.

Splunk is super good in terms of search and how fast results are populated with easy to use queries. There's a great deal of community support to find whatever required setup the org needs to achieve results.

Likelihood to Recommend

Log reporting

Error troubleshooting

<div>Dashboards</div><div>Alerting and integration to messaging apps.</div>

Use Cases and Deployment Scope

Splunk technology is used for business and web analytics, application management, compliance, and security. It correlates, captures, and indexes real-time data, from which it creates alerts, dashboards, graphs, reports, and visualizations.

Likelihood to Recommend

it offers robust log management and aggregation capabilities, efficiently handling and retaining logs for extended periods.Optimizing searches to improve speed can be tricky and impractical.

Challenges exist in managing data onboarding and integration, especially when dealing with diverse and numerous data sources

Use Cases and Deployment Scope

Splunk enterpirse serves as a central hub for machine-generated data across entire organization. It is deployed on-premise, allowing us to ingest, index and manage data from thousands of sources. we primarily use Splunk for multiple purposes like - 1) centralized loggin and monitoring. 2) searching and analysis. 3) proactive alaering and visualization. Splunk is critial for solving major business challenges related to visibiliy, efficiency and risk management. like -Lack of operational visibility. - Slow incident response and troubleshooting. - Ineffective threat detection.

Likelihood to Recommend

Scenarios where Splunk is well suited - 1) Security information and event management is and industry-leading SIEM solution. one of the use case for this is -A global financial org needs to monitor threats after breach and maintain audit trails for regulatory compliance.

Scenarios where Splunk is less appropriate - Startups and small business with limited budgets. - Long term, low-access data archival.

Use Cases and Deployment Scope

I have used Splunk for log ingestion, indexing, snoop alerting, searching, and troubleshooting production issues. Understand API response times to find bottlenecks and improve performance. It is a great product for tying logs from various microservices, as long as they follow a similar pattern and have a unique ID to tie them together.

Likelihood to Recommend

Log ingestion, indexing. Much needed while troubleshooting issues. Performance improvements, API throughput monitoring. Continuous monitoring via Splunk snoop alerting. Integration with enterprise ITSM.

Use Cases and Deployment Scope

Splunk Enterprise is basically used for log management in our organisation. All the unix server,windows server, backups, db and other asset logs are written into Splunk Enterprise. These logs are mostly used for troubleshooting, audit purposes and sometimes to figure out the trend of particular occurance. In one of the case I have seen that feed is sent to Splunk Enterprise and then tickets are being created from that feed, which is one of unique use case I have seen

Likelihood to Recommend

In log management i have experienced that Splunk Enterprise is very very useful. Most of auditors are relying on Splunk Enterprise for various evidences Based upon market trends and increasing popularity of Splunk Enterprise in financial institutions it is very good tool for log Management, troubleshooting, data analytics and trend to create various reports.

Use Cases and Deployment Scope

We use Splunk Enterprise for event bus where teams communicate to each other via Pub/Sub. Its topic conventions are making it easier for us to use wildcard subscriptions, filter on specific events etc. Having exclusive and non-exclusive queues are also a nice separation to spread the load or helping to keep the order depending on which you choose.

Likelihood to Recommend

Splunk is well suited if you want to be robust but not 100% correct. It is fast and convenient.

However if you like to pass messages including users payment details etc. I definitely suggest something else where you as consumer can decide what to do with messages. To me it is a bit weird that publishers can set whether a message can go to DLQ or not.

Use Cases and Deployment Scope

Splunk Enterprise is our main tool for data analytics, observability and monitoring. Our company produces petabytes of data, so splunk provides an awesome tool to not only monitor the logs that are produced by our services bit also to create dashboards for monitoring and alerting. We regularly create alerts using splunk queries and use them to find out of there is something wrong with our products. It addresses the following business problems:Loss of revenue, by means of making sure we are not giving customers degraded experience. Data driven decision making: Allows business analysts to analyze splunk dashboards and make sure that they can do appropriate analysis and take appropriate decisions for revenue growth.

Likelihood to Recommend

I will give it 9. And its best suited for large organizations with high stakes and lot of data. Which precisely need near complex, real-time monitoring, and alerting. Especially in places where some errors, if left unattended can cause customer and revenue loss. It is useful where cost is secondary to having the capability of this sort of monitoring.

It may be less suitable for startups which dont have a lot of data, and are cost sensitive. It is also not very suitable if we dont have requirement for precision dashboarding and monitoring.