1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Cloud Reviews
  4. User Review of Splunk Cloud
Splunk Cloud - Excellent product with steep learning curve
Updated June 23, 2022

Splunk Cloud - Excellent product with steep learning curve

Fraser Clark | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Cloud

Splunk Cloud is used by the IT department for the majority of the devices that can produce logs. It was initially purchased as a syslog aggregate but has evolved into much more than that now. It addresses the question of log retention and security investigation. It will eventually be expanded to be used across the wider business.
  • Searching through logs/data
  • Data ingestion
  • Documentation for add-ons and apps
  • Support for Splunk Cloud
  • Helped us identify potential security breaches
  • Able to investigate issues thoroughly
All the products in this category do log aggregation very well, however the winning factor was that we have experience with Splunk already and this has proved invaluable as Splunk has a steep learning curve. Especially the Splunk administration part of the tool as that is a very complex area if you wish to get into it.
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.

Do you think Splunk Cloud delivers good value for the price?

Yes

Are you happy with Splunk Cloud's feature set?

Yes

Did Splunk Cloud live up to sales and marketing promises?

Yes

Did implementation of Splunk Cloud go as expected?

Yes

Would you buy Splunk Cloud again?

Yes

Splunk Cloud is suited for organisations that have a lot of data from many different data sources and you would like them to be in one tool. It's excellent for splitting data and searching through the different indexes of data.
If you only have one data source (syslog from network devices for example) I would say it is less appropriate and would be overkill.

Splunk Cloud Feature Ratings

Security Information and Event Management (SIEM)
10.0
Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
10
Deployment flexibility
10
Integration with Identity and Access Management Tools
10
Custom dashboards and workspaces
10
Host and network-based intrusion detection
10