Opiniones de Splunk Enterprise

Splunk nos ha permitido fortalecer nuestras capacidades de visibilidad sobre una amplia variedad de eventos (de ciberseguridad y funcionales), dada su flexibilidad nativa para consumir, correlacionar y alertar a partir de distintas fuentes. Con ello, hemos podido detectar y reaccionar oportunamente ante aquellos eventos que representan posibles amenazas para nuestros objetivos.

Algunas funcionalidades requieren componentes adicionales.

es una herramienta de facin configuracion e implementacion, aparte de ser intuitiva.

hay veces que se traba la interfas cuando se sastura el equipo.

Capas de procesar gran volumen de datos a partir de múltiples fuentes, rápido y eficaz en el análisis . Nos ha permitido mejorar y fortalecer todos nuestros procesos internos de la empresa y optimizar nuestros objetivos

Es un software bastante caro y no para pequeñas empresas, a no ser que te dediques a ello. Puede requetir implementar algunos complementos adicionales.

Easy to install agents on servers, it can parse any form of data easily, Splunk can detect anomalies quite easily and the UBEA feature is amazing.

The cost of this solution is high, and customer service is bad. Apart from that Splunk SPL language is difficult to learn.

- Ability to search logs across processes and services
- Ability to develop dashboards to Monitor critical metrics
- Ability to set up alerts based on threshold values

- Need to regex well in order to use the tool to its full ability
- Ability to extract values out of the log statements could be simpler
- Alerts usually end up being over alerting or false alerts.

The product has a ton of Features. Everything what you Need when working with logs is already implemented

Due to the rich set of capabilities regarding, searching, transforming and vizualzing data it‘s sometimes quite tricky to find all necessary query commands

Real time use. The ingestion of data and more.

Nothing yet.. maybe performance at times.

Security Information and Event management, log analytics, custom dashboards and workspaces

Auto upgrade management and notifications for Add-ons. Leaning more towards config file based implementation instead of UI based implementation

The easy of setup and integration makes this one of my favorites As well as the real time dashboard

Not much i don't like yet, but maybe the interface can do with an update

Splunk Enterprise's versatility is highly valued by its users, as it is capable of analyzing and managing data from a variety of sources, including machine data, logs, and structured and unstructured data formats. This makes it a valuable tool for organizations with diverse data management needs. In addition, users appreciate the software's efficiency in processing and analyzing large volumes of data quickly, allowing them to make faster and more informed decisions. This is particularly important for organizations that need to respond to data in real-time, as Splunk Enterprise's speed and efficiency can help them stay ahead of the curve.

Splunk Enterprise to be complex and difficult to use, particularly for those who are not familiar with data analysis and management tools. The software has a range of features and capabilities, which can be overwhelming.

The search feature allows for quick searching of signatures for new KBs

It feels very clunky to set up, explained by the whole certification track just for using splunk..

Splunk Enterprise offers real-time data analysis tools makes it possible for my institution to see and take immediate action against security risks, performance difficulties, and other operational concerns.

Splunk Enterprise is really expensive and it is a huge part in our annual budget because we require add-ons.

Splunk Visually represents the logs mainly from production servers in the web UI .

People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query.

It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively.

we can access all types of logs including XML and JSON.

we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues.

This tool is boon for production support team in any enterprise company.

Licensing cost is quite higher for enterprise usage.

Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)

Splunk is more than a tool or a product, it is a big data platform. Splunk can be used as a simple log aggregator all the way to a Big Data engine to find efficiency in operations of the Internet of Things. Splunk is less about its abilities, and more about your imagination about what you can do with Splunk. That is the beauty of the platform. Splunk shines in providing operational intelligence about systems and processes. Finding out how your systems are operating, how your processes are functioning leads to quick resolution of problems and points to where budgets are best spent.

Splunk is deceptively easy to set up and use. But like learning to play chess, you can learn the moves in half an hour, but take a lifetime to master. Splunk quickly provides value, but requires imagination and creativity as well as wide ranging knowledge of systems and processes to move to the next level. Not every organization needs that kind of talent to get a great return from Splunk, but the companies who compete and win will.

Integrates with almost all the software seamlessly..where there is a software application that produces log, splunk can be easily integrated.
Gives very powerful insights into the logs
Alerts can be setup on the logs, and notifications sent out which is great again for managing the health of your application

The query language, though powerful, has a learning curve. Particularly as one goes towards complex queries. If it could be made closer to natural language, it would be so much smoother to learn. Hope that will happen sometime in future.

We have been using splunk for over 5 years now. nothing beats splunk in the market place. The only concern we have the pricing and the resource to support it. it's just too expensive

Too expensive and it's too hard to manage. You have to find a very qualified and very expensive resource to support it.

Powerful and versatile data mining tool with excellent integration capabilities.

Challenging initial setup and learning curve, particularly with query language and high cost.

When you need to store, correlate, and search large amounts of data, especially System Log data, there is no tool that even comes close to Splunk. It's power and flexibility is amazing.

Very expensive. Difficult to implement until all moving parts are understood. Steep learning curve for beginners.