Enterprise ITSI at Scale. The Thoughts of a Team Lead.
March 18, 2021

Enterprise ITSI at Scale. The Thoughts of a Team Lead.

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk IT Service Intelligence (ITSI)

We currently leverage ITSI across our entire IT organization. It is primarily used for event management and aggregation of events to drive incident creation and self healing automation.

Pros

  • Clean user interface
  • Easy to build new integrations
  • Flexible and can be catered to your specific use case

Cons

  • The terminology takes some getting used to: Aggregation policies, notable events, correlation searches, glass tables. If you're not familiar with ITSI, these terms can be a bit overwhelming and steepens the learning curve.
  • We have had some technical issues with the underlying support when used in a multisite cluster. We've had to build in several points of redundancy to make sure it works as expected.
  • I'd like to see additional types of notable events, like informational events that come in for when an incident is created or when an alert is acknowledged so all of those action steps can be viewed on the episode timeline without affecting the count of events.
  • We've saved quite a bit from legacy monitoring tools like Tivoli/Omnibus from a pure cost perspective
  • We have greatly reduced manual work efforts by building and leveraging self healing integrations for automation tools like Ansible and Bigfix
No tool has the power that the combination of Splunk and ITSI has. You can certainly cover all that ITSI does by combining several tools with custom developed integrations, but the out of the box functionality of Splunk leveraged with ITSI is unparalleled.
I don't think there is a better event management solution on the market especially when you factor in the power of Core Splunk backing it.

Comments

More Reviews of Splunk IT Service Intelligence (ITSI)