Splunk Enterprise - all your logging needs under one roof
March 12, 2019

Splunk Enterprise - all your logging needs under one roof

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise

Splunk is an excellent logging platform, allowing for short and long term log storage with top tier indexing and searching capabilities. We have deployed Splunk to aggregate all logs and act as a central logging platform throughout the company. This helps us solve operational issues by providing a centralized log monitoring platform to be used by our operations group. It also helps solve regulatory issues by being the central logging platform with strict access controls as well as tiered storage and archiving capabilities.
  • Tight access control via a variety of mechanisms to restrict users to specific logs.
  • Solves regulatory controls by providing access control and archival storage capabilities.
  • Provides a quick mechanism to search across multiple logs for issues between systems.
  • Splunk can be expensive since it's based on the amount of logging you do. The capabilities definitely make up for the cost, but there is a high bar to entry.
  • Splunk can be overly confusing for new users. The capabilities are quite vast and sometimes daunting.
  • Splunk has helped our operations personnel to identify issues quickly and helped lead to quicker resolutions of those issues.
  • Splunk has provided a simple mechanism for aggregating log data and providing reports where necessary.
Both Logstash and Greylog are open-source solutions that provide similar capabilities to Splunk. They are excellent products in their own right but tend to follow versus lead. Splunk is definitely a leader in the field.
Splunk is an excellent central logging system. For companies concerned about the cost, you can combine Splunk with an open-source logging engine such as rsyslog and only ingest the logs you need to search. Splunk is an excellent tool for handling web and systems logging and can help quickly identify issues in both.

Splunk Enterprise Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Custom dashboards and workspaces