Splunk ITSI FTW
Overall Satisfaction with Splunk IT Service Intelligence (ITSI)
Splunk ITS Service Intelligence is used to consolidate alerts from various IT tools. Along with other logs and performance data, it is used by infrastructure operations, application developers, DevOps and other stakeholders to quickly see service health of applications and the IT infrastructure components. It helps eliminate data silos and having to reach out to individual teams managing point solutions.
Pros
- Show KPIs for each service.
- Show aggregated health scores.
- Increase transparency across large disparate organizations.
Cons
- Multiple ways to ingest the same data can be confusing (events vs. metrics).
- Glass tables can be a conflicting priority against normal Splunk dashboards.
- Proper setup for alerting requires content packs that could be included with the product directly.
- A separate license for ITSI on top of Splunk may make purchasing decisions difficult to justify.
- Eliminated >$500,000 in other software licensing.
- Expected to be able to sunset additional point solution tools in favor of using ITSI.
- Outage triage time is already being reduced, even while still instrumenting the product.
We selected ITSI to replace TrueSight as a legacy manager of managers. Used in tandem with the perks of core Splunk and access to logs, metrics, and performance data all in one location, it allows teams to pivot to keeping an eye on rolled-up service health and expose that to the larger IT audience.
Do you think Splunk IT Service Intelligence (ITSI) delivers good value for the price?
Yes
Are you happy with Splunk IT Service Intelligence (ITSI)'s feature set?
Yes
Did Splunk IT Service Intelligence (ITSI) live up to sales and marketing promises?
Yes
Did implementation of Splunk IT Service Intelligence (ITSI) go as expected?
Yes
Would you buy Splunk IT Service Intelligence (ITSI) again?
Yes
Using Splunk IT Service Intelligence (ITSI)
75 - IT Operations (including server, network, storage, virtualization), application owners, app/dev, and DevOps.
4 - Splunk, Linux, python, general IT knowledge
- Expose degraded services to other teams.
- Consolidate alerts from 3rd party tools.
- Reduce noise by correlating alerts.
- Decompose API services into individual calls affecting applications & view health.
- Build glass tables to show VPN users.
- ITSI has turned into a sort of rallying cry, teams are more excited to work together on this platform.
- Continue to build out services.
- Use glass tables more effectively.
- Keep identifying KPIs that should be alerting.
- Continue to correlate disparate alerts.
Evaluating Splunk IT Service Intelligence (ITSI) and Competitors
Yes - We replace BMC TrueSight to improve dashboarding of metrics and expose alerts to other teams instead of just having events fire an alert to a specific team. The visualizations of service scores are a vast improvement over looking at lists of events. We also replace EMC ViPR for storage monitoring because Splunk can provide better dashboards with less cost.
- Price
- Product Features
- Vendor Reputation
We compared product features among AIOps vendors and ITSI felt like it had the most promise. Others simply felt like "TrueSight 2.0".
No, we were very thorough in our vendor evaluations, demonstrations, and POCs.
Comments
Please log in to join the conversation