Splunk IT Service Intelligence (ITSI)
Splunk IT Service Intelligence (ITSI)
We use Splunk IT Service Intelligence to monitor services and do trend predictions. We use it to review the performance in collections of …
We deployed Splunk IT Service Intelligence for our Enterprise Control Center to manage major incidents. We do use it for event analytics …
The Glasstables built-in ITSI is being used by our department. We are building Services/KPIs to build our Glasstables. Glasstables help us …
My organization has used Splunk for many years however my team just started ingesting our data. We started off small and are figuring out
Splunk IT Service Intelligence is the primary tool for assessing the health and stability of our online footprint on a daily basis and …
We use this solution as the main tool for our NOC and love the ability to assign events to an employee for further analysis and play …
One of the IT departments uses ITSI to monitor the services ( IT monitoring and management ), it helps to identify the message flow …
ITSI is a competitive tool that helps with highlighting issues and more importantly where the root cause lies. There is not much of a …
We use Splunk IT Service Intelligence to monitor all our environments. several departments use this awesome application. With this …
We are using Splunk IT Service Intelligence (ITSI) as the centerpiece of our Observability strategy for multiple product lines that …
We use ITSI along with our proprietary Splunk App for business process observability solution iControl to provide deep down details of …
It is the only real-time cloud monitoring platform for infrastructure as per my knowledge, it provides powerful visualization, proactive …
We are using SPLUNK for our end customer as a standard offering for Event Management, Event Analytics and Log Analytics. However, we are …
Splunk is being used by our infrastructure monitoring team to review events from different sets of infrastructure devices such as …
Splunk ITSI is used along with traditional Splunk for a particular product line to augment the existing DevOps and SRE processes. This …
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Splunk IT Service Intelligence (ITSI), and make your voice heard!
Entry-level set up fee?
- No setup fee
For the latest information on pricing, visithttps://www.splunk.com/en_us/software/p…
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
2 people want pricing too
ITSI is a premium analytics solution that correlates and applies machine learning to all data for real-time, predictive performance monitoring and one fully integrated IT management solution; this enables teams to prevent incidents before they happen and detect, respond and resolve incidents all from one place.
- Supported: Dashboards to monitor service health and KPIs in real-time
- Supported: Intelligent alerting and automated event clustering
- Supported: Predictive analytics to prevent incidents 30 minutes in advance
|Deployment Types||On-premise, SaaS|
|Operating Systems||Windows, Linux, Mac|
Splunk supports IT operations analytics with the Splunk IT Service Intelligence premium offering, a software application available to subscribers to Splunk Cloud or Splunk Enterprise log analytics and SIEM platforms.
Reviewers rate Support Rating highest, with a score of 8.7.
The most common users of Splunk IT Service Intelligence (ITSI) are from Enterprises (1,001+ employees) and the Information Technology & Services industry.
Companies can't remove reviews or game the system. Here's why
- build services for each SLA
- Build a service for each data center
- create dependancies so we can view by service or by data center
- The ability to pass in token to searches would make templates more useful
- Seeing all events in one place.
- Provides dashboards, content packs for major technologies
- event correlation algorithms
- KPI settings
- SAML authentication
- KPI based alerting
- Adaptive Thresholding
- Health Scorecard provided by Glasstables
- Validating Adaptive Thresholding
- Integrating Event Analytics with Servicenow
- laying out dashboards to quickly see data
- Providing a trending map to see data over time
- Drilling down to find things you didn't even know you needed
- I'm not sure if it's my organization locking down Splunk or Splunk itself but it would be helpful to get more detailed errors when searching. A way of guiding the correct input to get results.
- Something like SQL IntelliSense - the feature reads internal metadata and lists all of the available objects and their properties, thereby helping people effectively and quickly write SPL.
- Personalization for things like saving reports, datasets, dashboards of others
- Deep dive flexibility
- Integration machine learning
- Bulk entity import
- Adaptive thresholding
- Glass tables
- KPI health scores
- Swim lane insights
- Better training
- Would be nice to be able to add screenshots to note fields for employees working on episodes
- IT service monitoring
- resolve issues from episode review
- real time monitoring and predictive performance dashboards
- Improve Bulk add services capability
- Improve to show the effected services and KPIS on episode review page
- Disable entities not in use in large number
- Out of the box value
- Problem identification
- Root cause analysis
- Better highlight what you can click on and what is static.
- Close to real time monitoring
- Non breaking events
- Better resources
- Easier es3 integration
- More buttercup
- Modeling low-level machine, device, and network metrics into high-level ecosystem services
- Powerful adaptive thresholds for detecting Service and KPI anomalous behavior
- Powerful toolbox for canned and customized event analytics pipeline providing true AI operations
- Direct access to (integration with) all of the numerous and varied Splunk ecosystem data sources and types
- Better integrations with "infrastructure as code" workflows via tools like Terraform
- More support for adaptive thresholding with numerous and changing dynamic entities
- Better ability to surface details of unhappy or anomalous KPIs and entities that contributed to episode production
- Episode creation.
- Deep dive view for RCA.
- Dynamic thresholding.
- Out of box modules to identify KPI's from RAW Data.
- Easy integration with Incident Management Tool.
- Keeping Service Tree Models up to date needs lots of work.
- Modules to discover service dependency from Standard CMDB such as ServiceNow & others.
- System friendly in terms of hardware needs for large-scale deployments.
- Deploy your own analytics in threat detection.
- Architecture is scalable.
- Health score calculation.
- Should support Saas UEBA.
- Pricing should be bundled and not on the number of employees.
- A security model could be added to the UI.
- Event analytics.
- Logs monitoring.
- Architecture for remote DMZs.
- Out of the box adapters.
- Predictive alarms and data.
- Powerful AI engine.
- Data collection methods.
- Ease of administration.
- Distributed architecture.
- Monitoring capabilities within in itself.
- AIOPS forecasting.
- Correlate events and errors across micro services.
- Identify and notify in case of anomalous and suspicious web requests.
- Help with data visualization.
- Need more documentation.
- Dashboards sharing can be more intuitive.
- User intuitive interface.
- A large array of options and customizations available for IT teams.
- Report extraction for different scenarios.
- Auto event detection and logging.
- In built mechanism for calculation of health scores of applications and deployments.
- Support for third-party tools and extensions needs improvement.
- Cost is somewhat higher.
- Works well with different data import formats such as csv and .data.
- Ties together various areas of IT which were previously siloed
- Able to deep dive to assist with root-cause analysis
- KPI alerting to keep on top of our services
- Recent update removed easy sizing for glass tables
- ITSI visualizes the dependency topology and layers in data
- ITSI grabs data from many disparate sources and creates an integrated view
- ITSI provides real-time insights by showing a timelines of metrics layered across various transactions
- ITSI really needs a robust splunk log ingestion infrastructure at its core
- ITSI requires a great engineering team to build out the automated discovery and topology
- Unless you use an API to build the topology, the view can quickly become static
- Clean user interface
- Easy to build new integrations
- Flexible and can be catered to your specific use case
- The terminology takes some getting used to: Aggregation policies, notable events, correlation searches, glass tables. If you're not familiar with ITSI, these terms can be a bit overwhelming and steepens the learning curve.
- We have had some technical issues with the underlying support when used in a multisite cluster. We've had to build in several points of redundancy to make sure it works as expected.
- I'd like to see additional types of notable events, like informational events that come in for when an incident is created or when an alert is acknowledged so all of those action steps can be viewed on the episode timeline without affecting the count of events.
- Monitor hundreds of IT services by continuously tracking thousands of KPIs in a scalable way.
- Quickly identify problem areas by a combination of default visualizations and ability to create custom dashboards.
- Extremely configurable to effectively monitor nearly any KPI imaginable from Splunk.
- The extreme flexibility also makes it highly complex. Expert Splunk users are required to make full use of it.
- Documentation is insufficient and does not cover advanced use cases that ITSI is capable of supporting.
- Depending on how ITSI is configured, it can place heavy load on Splunk infrastructure. ITSI performance can be optimized in many ways but they are not always obvious.
- ITSI Events/Alerts (AKA Episode Review) has flexibility in it but still not as flexible as desired. However this can be compensated by directly querying ITSI's result data in Splunk.
- Show KPIs for each service.
- Show aggregated health scores.
- Increase transparency across large disparate organizations.
- Multiple ways to ingest the same data can be confusing (events vs. metrics).
- Glass tables can be a conflicting priority against normal Splunk dashboards.
- Proper setup for alerting requires content packs that could be included with the product directly.
- A separate license for ITSI on top of Splunk may make purchasing decisions difficult to justify.