Skip to main content
TrustRadius
Splunk IT Service Intelligence (ITSI)

Splunk IT Service Intelligence (ITSI)

Overview

What is Splunk IT Service Intelligence (ITSI)?

Splunk supports IT operations analytics with the Splunk IT Service Intelligence premium offering, a software application available to subscribers to Splunk Cloud or Splunk Enterprise log analytics and SIEM platforms.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Splunk IT Service Intelligence (ITSI)?

Splunk supports IT operations analytics with the Splunk IT Service Intelligence premium offering, a software application available to subscribers to Splunk Cloud or Splunk Enterprise log analytics and SIEM platforms.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.splunk.com/en_us/products/p…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

16 people also want pricing

Alternatives Pricing

What is Moogsoft?

Moogsoft is an IT alert management platform from the San Francisco-headquartered company of the same name with an office in the UK... also comprising the original developers of IBM's acquired Netcool technology.

What is Freshservice?

Freshservice is a cloud-based service desk and IT service management (ITSM) solution that currently serves more than 10,000 SMB, mid-market, and enterprise customers worldwide.

Return to navigation

Product Details

What is Splunk IT Service Intelligence (ITSI)?

ITSI is a premium analytics solution that correlates and applies machine learning to all data for real-time, predictive performance monitoring and one fully integrated IT management solution; this enables teams to prevent incidents before they happen and detect, respond and resolve incidents all from one place.

Splunk IT Service Intelligence (ITSI) Features

  • Supported: Dashboards to monitor service health and KPIs in real-time
  • Supported: Intelligent alerting and automated event clustering
  • Supported: Predictive analytics to prevent incidents 30 minutes in advance

Splunk IT Service Intelligence (ITSI) Integrations

Splunk IT Service Intelligence (ITSI) Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo
Supported CountriesGlobal

Frequently Asked Questions

Splunk supports IT operations analytics with the Splunk IT Service Intelligence premium offering, a software application available to subscribers to Splunk Cloud or Splunk Enterprise log analytics and SIEM platforms.

Dynatrace, Datadog, and Sumo Logic are common alternatives for Splunk IT Service Intelligence (ITSI).

The most common users of Splunk IT Service Intelligence (ITSI) are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(56)

Reviews

(1-25 of 27)

Splunk IT Service Intelligence (ITSI) - Expensive but best in the market

Rating: 10 out of 10
November 04, 2024
JR
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
3 years of experience
Splunk IT Service Intelligence (ITSI) helps us monitoring the performance of the services we are providing to the customer & other organization members. It also helps us in monitoring the performance of the services we offer and troubleshooting the issues which arise. To monitor we have created several dashboards so that we have the real time data and reports as per our requirement.
  • Customized reports
  • Real time data
  • Detail analysis of the data
  • Discovery of new local admin account
  • Detects several attacks
Cons
  • Expensive deployement
  • Various kind of installation
  • Optimizing the search is complex
For large organization where numerous applications and databases runs and have various deployments of security tools and network devices, Splunk IT Service Intelligence (ITSI) is the best tool to monitor the real time data and detecting various kinds of attacks. It also helps in detecting the internal network activities and discovers different kinds of logins which helps in audit as well.

Great way to correlate notable events from existing Splunk datasets as well as external systems

Rating: 10 out of 10
December 04, 2024
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
4 years of experience
We are utilising ITSI to monitor the health of our business operations and IT services. We use a range of KPI approaches to capture business health for stakeholder reporting, as well as lower level IT Ops monitoring of hardware and microservices.
  • Reducing alerting noise
  • Improving visibility of services
  • Great for finding root cause of issues
Cons
  • Should be easier to build notable events with rich data
  • It should be possible to build custom dashboards with standard ITSI UI components
ITSI is great for a range of monitoring applications, not limited to just IT Ops monitoring as some might imagine, it is actually very good at monitoring business objectives, SLAs and other non-stereotypical IT metrics.

ITSI - worth it.

Rating: 8 out of 10
September 09, 2023
PL
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
2 years of experience
Splunk ITSI is being used to mitigate hardware resource issues before they become a problem and troubleshoot issues for our teams.
  • Asset group overview.
  • Detailed metrics.
  • Customization to meet customer requirements.
Cons
  • Easier navigation for new users.
  • KPI responses.
  • Deconflicting multiple entity IDs.
ITSI is best suited for an environment with 100 or more devices or in any domain where monitoring critical devices is a must. The ability to customize KPIs and create alert actions is imperative.

Splunk IT Service Intelligence Review

Rating: 10 out of 10
September 08, 2023
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
The Glasstables built-in ITSI is being used by our department. We are building Services/KPIs to build our Glasstables. Glasstables help us with monitoring our Services and alert us for any service degradation or issues. We are using it for IT monitoring and management, event analytics and management, and Service insights and monitoring
  • KPI based alerting
  • Adaptive Thresholding
  • Health Scorecard provided by Glasstables
Cons
  • Validating Adaptive Thresholding
  • Integrating Event Analytics with Servicenow
ITSI is well suited to know the health of the services. Based on the health of the Glasstables, we are able to make the business impact statement for the business users.

Solo system to integrated view with Splunk ITSI

Rating: 8 out of 10
July 20, 2023
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
4 years of experience
Splunk ITSI is powerful tool for infrastructure monitoring, event management and mature AIOps platform. We use Splunk for monitoring and utilize contents packs available OOB for free. Business was able to get good insight to service view and availability over time at real time.
  • Out of box content packs with dashboards
  • Easy integration with other platform from ingestion to alerting
  • Event count reduction and correlation
Cons
  • Auto service mapping and relationship
  • Patching schedule and maintenance missing re-occurring window.
  • Multi tenant or role based access for ITSI
With multi vendor tools for monitoring, itsi helped us being all events centrally and manage incident creation from one place

Splunk ITSI in Practice

Rating: 9 out of 10
April 05, 2022
TK
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
3 years of experience
We are using Splunk IT Service Intelligence (ITSI) as the centerpiece of our Observability strategy for multiple product lines that provide interactive television services. It helps us to ensure the proper functionality of our services and the surrounding ecosystem as well as reducing mean time to service restoration when outages occur. Our Splunk ITSI system observes telemetry from our data center and clouds infrastructures as well as telemetry collected from our customer media consumption endpoint software on set-top boxes, IPTV streamers, mobile devices and web browsers.
  • Modeling low-level machine, device, and network metrics into high-level ecosystem services
  • Powerful adaptive thresholds for detecting Service and KPI anomalous behavior
  • Powerful toolbox for canned and customized event analytics pipeline providing true AI operations
  • Direct access to (integration with) all of the numerous and varied Splunk ecosystem data sources and types
Cons
  • Better integrations with "infrastructure as code" workflows via tools like Terraform
  • More support for adaptive thresholding with numerous and changing dynamic entities
  • Better ability to surface details of unhappy or anomalous KPIs and entities that contributed to episode production
Splunk ITSI is a great tool (and toolbox) for combining together numerous and varied monitoring regimes to bring more holistic analysis and reduce alert fatigue. By leveraging the Splunk ITSI service and KPI modeling regime, ecosystem telemetry can be turned into a more reliable, clearer, high-level perspective on the current state of your components and services.

Splunk ITSI for customer confidence

Rating: 10 out of 10
June 20, 2022
WS
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
3 years of experience
We use Splunk IT Service Intelligence to monitor services and do trend predictions. We use it to review the performance in collections of workstations as we start to deploy new software packages.
  • build services for each SLA
  • Build a service for each data center
  • create dependancies so we can view by service or by data center
Cons
  • The ability to pass in token to searches would make templates more useful
IT is well suited to monitor a specific service or a specific KPI but not well suited to do the same things across the enterprise without a lot of time-consuming work on each service

Splunk IT Service Intelligence Gets the Job Done Well

Rating: 10 out of 10
June 16, 2022
TP
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
5 years of experience
Splunk IT Service Intelligence is the primary tool for assessing the health and stability of our online footprint on a daily basis and especially during the peak holiday sales season. It is integral to monitoring web servers, applications, databases, and more. Now we are expanding into AI Ops.
  • Deep dive flexibility
  • Integration machine learning
  • Bulk entity import
  • Adaptive thresholding
Cons
  • Multitenant
Splunk IT Service Intelligence is especially well suited to bringing architectural diagrams to life. The deep dive functionality allows links to built-in kpi views or to other glass tables or dashboards making it simple to zoom in to focus on trouble spots or zoom out for a high level view of your critical services. Adaptive thresholds and integration of MLTK allow for intelligent alerting and integration with Splunk SOAR turns those alerts into actions.

A Real AI-ML Enabled Platform

Rating: 10 out of 10
September 11, 2021
NK
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
7 years of experience
Splunk is being used by our infrastructure monitoring team to review events from different sets of infrastructure devices such as Networks, Servers, Storage, Databases and Security devices. Splunk is helping out our IT team by collecting the events from multiple data sources and aggregating all of them in a single glass pane.
  • Powerful AI engine.
  • Correlation.
  • Data collection methods.
Cons
  • Ease of administration.
  • Distributed architecture.
  • Monitoring capabilities within in itself.
  • AIOPS forecasting.
Splunk IT Service Intelligence (ITSI) is well suited for environments that have multiple data sources and need visibility in their activities like health status and need to be streamlined in a common stream of data events. Splunk ITSI is less appropriate if you wish to use this as an elementary layer tool.

Making our Customer IT Experiences Next-Gen via ITSI

Rating: 8 out of 10
April 05, 2022
VR
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
6 years of experience
We use ITSI along with our proprietary Splunk App for business process observability solution iControl to provide deep down details of business SLA breaches related to IT-related outages ITSI helps us to tie together business insights with IT world in near-real-time and save precious time in finding call to action and precious time to find causes of outages.
  • Episode creation.
  • Deep dive view for RCA.
  • Dynamic thresholding.
  • Out of box modules to identify KPI's from RAW Data.
  • Easy integration with Incident Management Tool.
Cons
  • Keeping Service Tree Models up to date needs lots of work.
  • Modules to discover service dependency from Standard CMDB such as ServiceNow & others.
  • System friendly in terms of hardware needs for large-scale deployments.
ITSI is very effective in generating insights from raw data & can quickly provide insights into complex problems with its out of box deep-dive views.

Business Service Monitoring & service dependency is another area where ITSI effortlessly provides framework to map & monitor it.

Surely needs boost in performance section where it runs into frequent problems sighting hardware sizing problems as an excuse. It is happening from far too long across multiple customers.

Splunk ITSI review

Rating: 7 out of 10
March 09, 2022
AM
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
It is the only real-time cloud monitoring platform for infrastructure as per my knowledge, it provides powerful visualization, proactive alerting of the organization. Splunk IT Service Intelligence (ITSI) has helped us greatly reduce the response time on critical incidents if not help us proactively detect one.
  • Deploy your own analytics in threat detection.
  • Architecture is scalable.
  • Health score calculation.
Cons
  • Should support Saas UEBA.
  • Pricing should be bundled and not on the number of employees.
  • A security model could be added to the UI.
ITSI is intuitive and presents a big selection of offerings for IT. ITSI offers various monitoring and event logging options which is very useful for the organization.

Event and Log Analytics Beast

Rating: 10 out of 10
September 12, 2021
RY
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
7 years of experience
We are using SPLUNK for our end customer as a standard offering for Event Management, Event Analytics and Log Analytics. However, we are now expanding the usage of SPLUNK for predictive intelligence using its AI-ML capabilities.
SPLUNK is used by mainly NOC, Command Center Team, sometimes Monitoring Administration, Ticket Handling team also uses the same for root cause analysis.
  • Event analytics.
  • Logs monitoring.
  • AIOps.
Cons
  • Architecture for remote DMZs.
  • Out of the box adapters.
  • Predictive alarms and data.
Although Splunk has the capability to fit in any domain of IT for monitoring and management. Still writing down below few most possible domains where it can be used -

1. Network Monitoring
2. Infra Systems Monitoring
3. Databases Monitoring
4. Hardware Management
5. Storage Events Monitoring via Logs.
6. Integration with ITSM platform
7. Automation Use Cases

Splunk ITSI - Best tool for Business Agility

Rating: 9 out of 10
August 31, 2021
SP
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
Splunk ITSI is being used by our clients across different projects and IT teams to manage the critical issues being reported by different application teams and timely resolution of those issues in order to ensure a smooth user experience for the end-users. Different IT teams are able to work on the different issues based on the defined priorities and parameters.
  • User intuitive interface.
  • A large array of options and customizations available for IT teams.
  • Report extraction for different scenarios.
  • Auto event detection and logging.
  • In built mechanism for calculation of health scores of applications and deployments.
Cons
  • Support for third-party tools and extensions needs improvement.
  • Cost is somewhat higher.
Splunk ITSI is one of the best event management and monitoring solutions available for medium to large-sized enterprises. It has an excellent dashboard that provides in-depth analysis for all the monitoring and events.

AIOps for MicroServices Application

Rating: 9 out of 10
August 31, 2021
SK
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
2 years of experience
Splunk ITSI is used along with traditional Splunk for a particular product line to augment the existing DevOps and SRE processes. This AIOps solution is used to intelligently parse logs and check for events to ensure high service uptime in the microservice architecture.
  • Correlate events and errors across micro services.
  • Identify and notify in case of anomalous and suspicious web requests.
  • Help with data visualization.
Cons
  • Need more documentation.
  • Dashboards sharing can be more intuitive.
It's the next step which is AIOps post establishment of SRE and DevOps practices.

Splunk ITSI FTW

Rating: 9 out of 10
August 02, 2020
MM
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
2 years of experience
Splunk ITS Service Intelligence is used to consolidate alerts from various IT tools. Along with other logs and performance data, it is used by infrastructure operations, application developers, DevOps and other stakeholders to quickly see service health of applications and the IT infrastructure components. It helps eliminate data silos and having to reach out to individual teams managing point solutions.
  • Show KPIs for each service.
  • Show aggregated health scores.
  • Increase transparency across large disparate organizations.
Cons
  • Multiple ways to ingest the same data can be confusing (events vs. metrics).
  • Glass tables can be a conflicting priority against normal Splunk dashboards.
  • Proper setup for alerting requires content packs that could be included with the product directly.
  • A separate license for ITSI on top of Splunk may make purchasing decisions difficult to justify.
Some teams get excited when looking at ITSI service models and envision modeling the entire infrastructure. What gets lost in translation is breaking it down to services, and also ITSI is not a replacement for an APM solution. So using a proper APM solution to drive quick insights into specific transactions, then feeding that data to Splunk/ITSI is a better bet.

Splunk IT Service Intelligence review

Rating: 8 out of 10
February 23, 2020
SD
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
We tried to use Splunk IT Service Intelligence to create a single pane of glass to monitor the health of our Splunk infrastructure. It works well and displays us the end to end view of our Splunk IT Service Intelligence infrastructure. It had been used within our team only today; however, it is a plan to demonstrate this to another team.
  • Detecting outliers
  • Detecting abnormal behavior
Cons
Splunk IT Service Intelligence is a good solution when you have to correlate multiple sources of events together and generate a single pane of glass. Users can observe directly from the dashboard if there were anything went wrong, and then easily drill down to the issue. However, Splunk IT Service Intelligence can be useless if you do not care about the "noise" that you are excluding from the analysis. You can easily miss something important.

A very quick implementation and quick returns

Rating: 7 out of 10
June 20, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
We deployed Splunk IT Service Intelligence for our Enterprise Control Center to manage major incidents. We do use it for event analytics and service monitoring.
  • Seeing all events in one place.
  • Provides dashboards, content packs for major technologies
  • event correlation algorithms
Cons
  • Episodes
  • KPI settings
  • SAML authentication
If the operating environment is simple with well-known tools and technologies using Splunk IT Service Intelligence is simpler. However, if the environment is complex with many homegrown tools, scripts, and multiple partners the data normalization and creation of glass tables can be challenging. If application service monitoring is to be used application support is essential as Splunk IT Service Intelligence itself has no means to understand flows, logic, and relationships.

Base User who inspires to be a Power User

Rating: 10 out of 10
June 20, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
My organization has used Splunk for many years however my team just started ingesting our data. We started off small and are figuring out what Splunk can do. Once you have the correct search results, the power is incredible. We can see how many calls come into our network, what errors are occurring and where exactly they are. In fact, for the first time, we used our dashboard (which hasn't been made public to the rest of the organization yet) to troubleshoot a possible outage. The on-call person opened the dashboard, and we knew right away it wasn't our team’s issue. The time we saved by not manually pulling calls from SQL, looking for errors within those calls, and simply digging through our network to find where the issue was occurring allowed the on-call person to immediately open a ticket with a vendor. We were able to show when the issue started, where the issue was, and defer to the vendor even though they had not seen the issue. If we can find this with the little data we are ingesting, just imagine what we can do with more. The possibilities are endless!
  • laying out dashboards to quickly see data
  • Providing a trending map to see data over time
  • Drilling down to find things you didn't even know you needed
Cons
  • I'm not sure if it's my organization locking down Splunk or Splunk itself but it would be helpful to get more detailed errors when searching. A way of guiding the correct input to get results.
  • Something like SQL IntelliSense - the feature reads internal metadata and lists all of the available objects and their properties, thereby helping people effectively and quickly write SPL.
  • Personalization for things like saving reports, datasets, dashboards of others
Splunk IT Service Intelligence is great for visualizing data and creating dashboards, and reports. Drilling down through the data is easy and shows things you may not have thought to look for. Seeing the data laid out in this fashion makes it easy and quick to get what you want. If you’re not well versed in SPL you maybe have difficulty finding what you need in a hurry.

Used the product

Rating: 10 out of 10
June 16, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
2 years of experience
We use this solution as the main tool for our NOC and love the ability to assign events to an employee for further analysis and play booking. It takes a lot of elbow grease to set up and it doesn’t seem to be an offering that Splunk pours its innovative efforts into.
  • Glass tables
  • KPI health scores
  • Swim lane insights
Cons
  • Better training
  • Would be nice to be able to add screenshots to note fields for employees working on episodes
For uses where you need to be able to monitor the health of your technology and out-of-the-box products aren’t perfectly suited to your use cases. Highly customizable to be able to use data that might be very specific to your company.

ITSI Valuable asset of Splunk

Rating: 6 out of 10
June 15, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
3 years of experience
One of the IT departments uses ITSI to monitor the services ( IT monitoring and management ), it helps to identify the message flow errors, HTTP errors, SQL services, and OS later services. Transaction response time glass table monitoring using several services and underlying KPIs. It's being used for IT monitoring & management.
  • IT service monitoring
  • resolve issues from episode review
  • real time monitoring and predictive performance dashboards
Cons
  • Improve Bulk add services capability
  • Improve to show the effected services and KPIS on episode review page
  • Disable entities not in use in large number
Monitoring major business services and episode review puts an individual to acknowledge issues and resolve them asap, a proactive monitoring tool for logging in the chain and early detection of incidents response and finally ITSI solves the needs of the organization and able to adapt and learn to different scenarios in the IT environment through past episode reviews. Could focus more on AIOPs

ITSI provides the value in IT monitoring

Rating: 8 out of 10
June 15, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
ITSI is a competitive tool that helps with highlighting issues and more importantly where the root cause lies. There is not much of a learning curve to get value out of ITSI, especially compared to the competitors out there. Spunks user groups are also a big help for quick responses.
  • Out of the box value
  • Problem identification
  • Root cause analysis
Cons
  • Better highlight what you can click on and what is static.
It can show end-to-end visibility into your infrastructure all in one view. Not having to go to specific and separate devices or logs is invaluable in keeping services flowing (i.e great uptime.) Splunk as a whole can cover all of its infrastructure services security etc and this is just a niche or specific tool in the toolset)

My review for you

Rating: 8 out of 10
June 15, 2022
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
4 years of experience
We use Splunk IT Service Intelligence to monitor all our environments. several departments use this awesome application. With this application, we are able to limit downtime as much as possible by having a team be able to respond quickly to any outage that could occur. I think that the product is very useful for our company.
  • Close to real time monitoring
  • Stability
  • Non breaking events
Cons
  • Better resources
  • Easier es3 integration
  • More buttercup
I think it's well suited to be used in any sort of monitoring environment where you would need to have a stable solution to organize the data that you're bringing in from other places such as SolarWinds. Areas I think that would not be a great use case would be anywhere that could possibly be less than ready for it.

All your performance metrics in one place

Rating: 9 out of 10
August 30, 2021
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
5 years of experience
Splunk IT Service Intelligence is used by development teams I work with to monitor their systems by ingesting performance data from other applications and providing output that can be read and archived in easily accessible formats. It keeps them aware of any performance anomalies during high traffic and peak events.
  • Works well with different data import formats such as csv and .data.
Splunk ITSI is great for analyzing performance and data collection for external systems to keep them all in one place.

ITSI Enables Rapid Incident Resolution at Scale

Rating: 8 out of 10
March 20, 2021
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
1 year of experience
We use Splunk IT [Service Intelligence (ITSI)] to help reduce the reliance on institutional knowledge and put real-time actionable information in the hands of technicians troubleshooting a production problem. ITSI will help us to ensure that our recent hires are able to identify root causes to an ongoing incident as quickly as our more seasoned team members. ITSI allows us to layer information from various sources into a single pane of glass view of our entire topology.
  • ITSI visualizes the dependency topology and layers in data
  • ITSI grabs data from many disparate sources and creates an integrated view
  • ITSI provides real-time insights by showing a timelines of metrics layered across various transactions
Cons
  • ITSI really needs a robust splunk log ingestion infrastructure at its core
  • ITSI requires a great engineering team to build out the automated discovery and topology
  • Unless you use an API to build the topology, the view can quickly become static
[Splunk IT Service Intelligence (ITSI)] is well suited when you have a system that you want to visualize, and then layer in information from many different sources. This will allows ITSI to intelligently create alerts based on the system as a whole vs the individual components. In some cases, a simple splunk dashboard would really suffice over using ITSI. Teams deploying ITSI should really understand the use cases and consider using simple dashboards where they make sense, and use ITSI for topological views.

Enterprise ITSI at Scale. The Thoughts of a Team Lead.

Rating: 8 out of 10
March 18, 2021
Vetted Review
Verified User
Splunk IT Service Intelligence (ITSI)
3 years of experience
We currently leverage ITSI across our entire IT organization. It is primarily used for event management and aggregation of events to drive incident creation and self healing automation.
  • Clean user interface
  • Easy to build new integrations
  • Flexible and can be catered to your specific use case
Cons
  • The terminology takes some getting used to: Aggregation policies, notable events, correlation searches, glass tables. If you're not familiar with ITSI, these terms can be a bit overwhelming and steepens the learning curve.
  • We have had some technical issues with the underlying support when used in a multisite cluster. We've had to build in several points of redundancy to make sure it works as expected.
  • I'd like to see additional types of notable events, like informational events that come in for when an incident is created or when an alert is acknowledged so all of those action steps can be viewed on the episode timeline without affecting the count of events.
I don't think there is a better event management solution on the market especially when you factor in the power of Core Splunk backing it.
Return to navigation