Splunk Cloud, good for cloud-first companies.
Updated July 19, 2021

Splunk Cloud, good for cloud-first companies.

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Cloud

We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.
  • Integration with Okta for IAM-related security events and monitoring.
  • Integration with AWS for CloudTrail and CloudWatch logs
  • Integration with Mimecast for email monitoring and integration
  • Deploying apps require a support ticket and can have a long turnaround time.
  • Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously
  • Custom apps have to be very well written to make it through the approval process.
  • We're already seeing benefits of better visibility. We're creating alerts and integrating with Slack for better DevSecOps
Depends on company org and structure, but it's a good solution.
If you have a smaller team that can't have a dedicated Splunk admin to manage the indexers, clusters, search heads, etc, Splunk Cloud is good because you have them manage it.

Splunk Cloud Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Custom dashboards and workspaces
Host and network-based intrusion detection