ITSI Enables Rapid Incident Resolution at Scale
March 20, 2021

ITSI Enables Rapid Incident Resolution at Scale

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk IT Service Intelligence (ITSI)

We use Splunk IT [Service Intelligence (ITSI)] to help reduce the reliance on institutional knowledge and put real-time actionable information in the hands of technicians troubleshooting a production problem. ITSI will help us to ensure that our recent hires are able to identify root causes to an ongoing incident as quickly as our more seasoned team members. ITSI allows us to layer information from various sources into a single pane of glass view of our entire topology.
  • ITSI visualizes the dependency topology and layers in data
  • ITSI grabs data from many disparate sources and creates an integrated view
  • ITSI provides real-time insights by showing a timelines of metrics layered across various transactions
  • ITSI really needs a robust splunk log ingestion infrastructure at its core
  • ITSI requires a great engineering team to build out the automated discovery and topology
  • Unless you use an API to build the topology, the view can quickly become static
  • ITSI has helped to deploy AIOPS at scale
  • ITSI helps to reduce noise by group alerts based on topology
  • ITSI helps reduce the time it takes to identify root cause
Other products like Dynatrace and Stack State require there to be an agent installed on all hosts to provide topological views. [Splunk IT Service Intelligence] (ITSI) allows the user to either manually define the topology, or setup a job to do it automatically based APIs, etc. I think depending on the use case this could either be a good thing or a bad thing. It's definitely something to consider when your consider ITSI vs other competitors.
[Splunk IT Service Intelligence (ITSI)] is well suited when you have a system that you want to visualize, and then layer in information from many different sources. This will allows ITSI to intelligently create alerts based on the system as a whole vs the individual components. In some cases, a simple splunk dashboard would really suffice over using ITSI. Teams deploying ITSI should really understand the use cases and consider using simple dashboards where they make sense, and use ITSI for topological views.