3 out of 5.0, Reviewed Oct 18, 2016
bad custoer support and service; difficult excalation and support paths; low lovel of engagement with the vendor since sale
Must hold vendor accountable; relationship deteriates quickly
capabilites - future vision of the company, features
customer support, lack of functionality in the cloud, consistent customer relatons throughout the engagement
Pressure the vendor for better support and a more interactive role at the beginning of the project; better POC process for better product evaluation
Splunk Cloud is the issue; cannot control our own destiny and implement our desired features and capabilities
Unacceptable response time, custoer relationship development, and engagement from the vendor. Literally, could not be worse
5 out of 5.0, Reviewed Oct 7, 2016
Great level of support! Local engineers and customer base are extremely supportive.
Cloud deployments are restrictive due to their SOC-2 controls. I wish they gave us more flexibility if we did not rely on their controls.
Plan for the unplanned - establish a procedure for onboarding and documenting new data sources.
Cloud support is great, however they can be rigid with deploying new applications, limiting your ability to drive value from the system.
4 out of 5.0, Reviewed Jun 15, 2016
Great product for what's designed to do. A bit learning curve for staff who ever used the Splunk search language.
beware of the learning curve.
very powerful tool for all aspect of IT.
license can be expensive.
explain customers what do data modeling really meant.
Have more IT groups outside of cyber involved at the beginning of the project. Take a deep dive on data modeling concept before committing ES.
3 out of 5.0, Reviewed Jun 15, 2016
The tool is working alright from the log gathering perspective. Splunk, however, is not a do-it-yourself piece of open source software. It requires technical configuration such as editing configuration files, indexing data, writing regular expression. It also requires a learning curve to understand where data is coming from and how Splunk will see them. Good feedback from Splunk includes: easy to search for data (i.e. type the string/parameter of info that you're looking for (e.g. a username), select a time range, and click the 'green - go' butter. Log entries pertained to a username displayed, while the query continues to run in the background if you selected a wider time range. Additionally, the log searching is fairly fast and it can return the requested data in a speedy manner.
Taking time to learn Splunk to maximize your investment if you're planning to use the Splunk logs extensively.
easy to search for data and output result is fairly fast.
Getting the dashboards views into traditional reports is hard in Splunk. You can generate PDF from the simple screen reports. However, complex reports, to satisfy auditor request is not easy to attain. Alerting is not a strong feature for Splunk. Alerts can only be generated based on standards Splunk queries, so any relationship between alerts or dependencies will be either difficult/impossible to express in Splunk's alerting system.
Splunk is pushing hard on applications as they understand that applications are key to the future of their product. Our security group noted that the applications in Splunkbase fill some, but not all, of the gap between the command line techie-friendly searches you get out-of-the-box and what network managers have come to expect from modern applications.
Implement a centralized logging mechanism that is easy to configure and is scalable to fit the growing data demand.
Splunk log collecting is good.
support is good and there is vast amount of knowledge on common questions and issues via the Splunk website.
Splunk is easy to complete with the initial implementation; however, while your company is trying to extend beyond the normal, it requires time, resources, investment, and monitoring. Many hidden issues need to be considered and well plan. Your company should work with professional services to determine architecture design that fits with your environment. Support is very good and there is large amount of knowledge and FAQ posted on Splunk's web site.
5 out of 5.0, Reviewed Jun 15, 2016
Great product and vendor support from Splunk.
Easily customizable machine learning capability and can be used for other functions such as Business data analysis.
Select a different partner for the implementation or work directly with Splunk.
5 out of 5.0, Reviewed Jun 13, 2016
Splunk is great because of its flexibility. Many products have pre-defined views, where with Splunk, the sky is the limit.
Flexibility of data flowing into Splunk.
Licensing costs too high.
We should have engaged a third-party, instead of Splunk professional services. Our third party implementers have been very knowledgeable.
4 out of 5.0, Reviewed Apr 26, 2016
Pre-sales experience very positive. Innovative and engaged account team. Onboarding process for cloud offering smooth and efficient. Professional services engagement held a few surprises - on-prem requirements that were not identified in planning meetings. Functionally the product is solid and the account team engaged.
Catalog your sources and have finite goals for the initial deployment.
Functionally rich and extensible to many areas of operational monitoring.
Charged less? Worth hoping for.
Other than to have provisioned the on-prem servers we eventually learned we'd need, not much.
Up and running in 3 weeks.
5 out of 5.0, Reviewed Dec 3, 2015
Splunk seems to be working very nicely and we are meeting all targets. Only problem is that the user experience is slow.
Look at it as a tool that can be used for multiple purpose.
The UI is brilliant.
Slow response time.
Speed up the response time.
Looked at it from a much wider usage point of view. The original project was a small one, should have looked at it from an enterprise point of view.
3 out of 5.0, Reviewed Oct 6, 2015
The product was very difficult to implement and configure. We brought Splunk engineers on-site multiple times, with poor results. We finally hired 3rd party engineers who were experts with Splunk technology and they were able to get our system up and running. Splunk requires much training and time.
Make sure you have the resources to dedicate to log monitoring after the product is in place.
I like the concept of centralized log management. I also like Splunk's approach to it. The product can be used for business problems as well. I don't think we will ever get there in our environment though.
I wish the vendor was more responsive and helpful with configuring the system. That was very problematic.
If we could start over, we would look at managed services for this. In fact, I expect us to consider this in the near future as we just do not have the resources to monitor the logs today.
The deployment was dismal.
4 out of 5.0, Reviewed Oct 6, 2015
There were team members already familiar with the solution. That made the implementation easier.
Understand your environment. Invest time estimating the logs being generated.
Ability to customize dashboards.
Be more accurate estimating the amount of log generated in a daily basis. That would give us a better sense of the total ownership cost.