Splunk Enterprise Erfahrungen

Vorteile

We are using Splunk for log monitoring . It is integrated with Kubernetes and pivot cloud via data bus. By Splunk we get Realtime log application. It provides best visualization of data generated by system. Splunk also provide option to filter data based on data range and time. We can configure email alert for specific issue. Splunk also provide ML model for data. Splunk use simple query to get data ,everyone can easily learn Splunk query.

Nachteile

I haven't found any issue yet the only problem with Splunk I have that log in Splunk is scattered . We need to build good query or better logging mechanism at application side.

Vorteile

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Nachteile

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Vorteile

Makes it easy to identify trends within your environment. Once everything is aggregated it makes it easy for example, to see the knock on events of a network outage throughout the environment.

Nachteile

Web user interface is a bit clunky. Its very polished interface, but in many cases it's style over substance. When I'm debugging an issue I want to be able to drill down into the problem fast, and the shiny interface can be sluggish and slow you down.h

Vorteile

It is a very subtle program, when generating the setup it is not necessary to have a great knowledge of programming to install it, but to solve some configuration errors, when you start what I like the most is that you start from day one to organize your applications, then From that you can easily configure cybersecurity for each program, I particularly like the monitoring of data programs and that the program alerts you with notifications so that you see errors that sometimes jumps in the program.

Nachteile

What I don't like and I see that it is something widespread is that it has very poor support in technical help, I think that the old technical support collaborators have left and people who are not so qualified have arrived to answer the tickets.For my part it is not a big problem since I am a researcher and with the information that is on the splunk website it is enough for me to generate the resolutions of problems.

Vorteile

Data visualization, Analytics skills with AI-powered and can handle data in TB/per day without any interruptions in services. Live dashboards, developing use-cases and their capabilities (correlation).

Nachteile

complex architecture and efficient skills are required, financial is also not feasible for small and medium customers. no inbuilt query builders for beginners to understand the platform.

Vorteile

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Nachteile

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Vorteile

The versatility is amazing. The same data in logs, such as IIS, can be used for Security, Application performance, and even error handling. This allows us to use one log to help multiple teams. This is just one example.

Nachteile

Start up takes someone who has had some training. While searching and output is easy, its the onboarding of custom apps that takes the know how.

In Betracht gezogene Alternativen

Sumo Logic

Gründe für den Wechsel zu Splunk Enterprise

Versatility with custom applications we create in house.

Vorteile

Provides a single location for collecting and analyzing logs. Provides ease of use for non-technical users, but powerful features for security and IT. There is an add-on/app for anything you could imagine.

Nachteile

Some documentation is vague, and when certain things don't work, it can be difficult to find out a solution to the problem.

In Betracht gezogene Alternativen

Sumo Logic

Gründe für den Wechsel zu Splunk Enterprise

We needed a product that we could host ourselves.

Vorteile

The ability to use this software for security operations, data analysis, creating dashboards, generating tickets and everything else

Nachteile

Splunk uses its own SPL, which is not very easy to learn. However, there are lots of documentation that Splunk provides to its customers. There is paid training available which is useful for beginners to learn.

Vorteile

Splunk is very robust with being able to search network traffic, create dashboards and automate reports and alerts. It allows users and admins to solve many problems. Our company has created several alerts for when people on the network download any files that look like they could be a virus, or if they are using illegal software, or trying to login with wrong passwords constantly.

Nachteile

I least like that Splunk is expensive and often requires a significant upfront investment. Additionally, the complexity of the product can be a challenge for new users, as it takes time to learn how to use the product effectively.

Vorteile

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

Nachteile

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge.
The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it
It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

Vorteile

Splunk allows us to see exactly what is going on in production! I work on commerce for a fortune 100 company, and we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time. You will learn that you can place strategic log statements in your code that allows you to identify situations in production and be proactive at solving them. For example, you can log your customer's session cookie ID, and track any given customer's activity on your website via your app logs. It gives you dials and charting capabilities to monitor even the slightest drops in customer activities due to flaws in code or slowing network calls.

Nachteile

PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses.

Vorteile

The system is highly intuitive to use. It is faster than other solutions I've used on the market and has a huge library of 3rd party plugins to get more from the system. It is easy to create scheduled searches, dashboards, reports etc. but there are a number of additional plugins (at an extra cost) to help with security, single pane of glass and metric collection.

Nachteile

It offers challenges for a decentralized working model. Where Splunk is centrally managed, it is easy to ensure that best practices are maintained. Where the system is opened up for an entire department to utilize and on-board their logs, it becomes more difficult. However, with some creative thinking and good process, this issue can be overcome.

Vorteile

Splunk appsStrength and capabilitiesIntegration with most solutions

Nachteile

Resource utilizationLimited local partner support

Vorteile

1) Accepts multiple data formats like CSV, JSON, XML
2) Does the hard work for us i.e converting machine data to a human-readable format.
3) Can create customized alerts to serve our business purpose.
4) Searching on the based on queries is pretty simple.
5) We can create dashboards to analyze and visualize our search results.
6) Can export the log content to our Personal computers.
7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy.
8) Technical support for the Splunk is very quick as they have a dedicated staff for that.

Nachteile

I did not find any flaws with this software.

Vorteile

Splunk is more than a tool or a product, it is a big data platform. Splunk can be used as a simple log aggregator all the way to a Big Data engine to find efficiency in operations of the Internet of Things. Splunk is less about its abilities, and more about your imagination about what you can do with Splunk. That is the beauty of the platform. Splunk shines in providing operational intelligence about systems and processes. Finding out how your systems are operating, how your processes are functioning leads to quick resolution of problems and points to where budgets are best spent.

Nachteile

Splunk is deceptively easy to set up and use. But like learning to play chess, you can learn the moves in half an hour, but take a lifetime to master. Splunk quickly provides value, but requires imagination and creativity as well as wide ranging knowledge of systems and processes to move to the next level. Not every organization needs that kind of talent to get a great return from Splunk, but the companies who compete and win will.

Vorteile

Integrates with almost all the software seamlessly..where there is a software application that produces log, splunk can be easily integrated.
Gives very powerful insights into the logs
Alerts can be setup on the logs, and notifications sent out which is great again for managing the health of your application

Nachteile

The query language, though powerful, has a learning curve. Particularly as one goes towards complex queries. If it could be made closer to natural language, it would be so much smoother to learn. Hope that will happen sometime in future.

Vorteile

We have been using splunk for over 5 years now. nothing beats splunk in the market place. The only concern we have the pricing and the resource to support it. it's just too expensive

Nachteile

Too expensive and it's too hard to manage. You have to find a very qualified and very expensive resource to support it.

Vorteile

If you need real-time grokking into your infrastructure, look no further than Splunk. I love love love the dashboards. It’s easy to tell a story with your data, and the live search is so FAST!

Nachteile

SPL is a little hard to get used to, but once you get the hang of it, it’s not so bad. I recommend downloading their community edition for some great examples of queries and dashboards.

Vorteile

Ease of use, you can extract any kind of information using commands provided by the software vendor. The other good thing about this software is the easy implentation on the servers, and the configuration is basic.

Nachteile

For people that are not used to use command lines, it might be a liitle bit difficult on the beggining.

Vorteile

Splunk Light is ideal for independent on-premise organization.
Augment endpoint logging.
Can find and store logs from a wide range of resources.
Customization of dashboards.
Making applications dependent on your requirements.

Nachteile

Complex generally design.
Long execution time.
The instrument needs to incorporate AI to comprehend the framework logs and alarming ought to be founded on the auto learning.

Vorteile

The best thing about this software is i love its UI part and its dashboard where it provides the logs of all the enterprise application every business which has large amount of the transactions being held are required to maintain this tool and its logging and search frequency are very much loved and dash board has very colourful UI and easily understandable

Nachteile

There is no least about this software but we are looking for some more enhanced featured like optimisation and all

Vorteile

We are using this tool for monitoring our services log. It is easy to monitor the data using this. For each service, you can configure which log file should be shown on the UI(web). On UI, it provides lot of features like finding pattern in logs, doing analysis and generating reports and much more.

Nachteile

Learning is slow. Initially, it takes time to understand the reports and pattern it finds out of the log. But it's worth learning it.

Vorteile

The best part of it is its UI which has very responsive page and can drag couple of days logs. Best in its performance and versions are being upgraded at regular intervals and its best in delivering the outcomes as required

Vorteile

I work at Fintech company and we use Splunk for checking error logs and tracking anything that goes wrong within the system. I like Splunk as it gives exact line number which is breaking the code which makes easier to debug.

Nachteile

The index should be accurate otherwise viewing logs is not easy.