TrustRadius: an HG Insights company

Splunk Cloud Platform Professional, Scientific, and Technical Services Reviews & Insights

Score7.9 out of 10

137 Reviews and Ratings

Get a Demo

Community insights

TrustRadius Insights for Splunk Cloud are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Effective SIEM Solution: Users have found Splunk Cloud to be a simple and effective solution for consolidating multiple data points and managing alert workflows. Several reviewers have mentioned that it has helped them streamline their security operations and improve incident response.

User-Friendly Interface: The user-friendly interface of Splunk Cloud has been praised by many users, with some describing it as intuitive and easy to navigate. This allows users to easily create custom dashboards for everyday monitoring of multiple parameters without the need for extensive training or technical expertise.

Powerful Search Capabilities: Many reviewers have highlighted Splunk Cloud's powerful query language and fast search indexing capabilities. This enables quick and accurate searching through large volumes of information, such as Windows Server Logs, making it easier for users to find the insights they need in a timely manner.

Reviews

5 Reviews
Professional, Scientific, and Technical Services

Splunk Cloud - king of log ingest

Rating: 8 out of 10
Incentivized

Use Cases and Deployment Scope

Log aggregation, enterprise security - alerts and detections off of log events for corporate infrastructure. Correlation searches off of specific events, application troubleshooting, and any other details that you can find in our log sources.

Using Splunk Cloud simplifies the solution as we do not have to maintain and manage infrastructure.

Pros

  • Log ingest / parsing
  • role based access to specific logs
  • log event searching
  • alerts and dashboards

Cons

  • Filter of incoming logs from cloud sources - needs drastically improved UI
  • Mission Control - nice concept, not there in implementation

Likelihood to Recommend

Best platform for ingesting, parsing, and searching for logs. Other recent promises of new functionality that is not ready yet.
VU
Verified User
Director (Information Technology & Services company, 5001-10,000 employees)
Vetted Review
Splunk Cloud Platform
4 years of experience

Splunk Cloud is a great solution for SIEM

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Splunk Cloud is being used by our IT security operation and our DevOps team. It is being used similarly to a SIEM for aggregating log data and running analysis on it for generating alerts. It replaced Sumo Logic which was producing too many poor alerts and was not as robust of a solution. It supports our SOC well, and it makes our security team's job much easier. We are also using it in DevOps as a pilot for APM.

Cons

  • We have no suggestions at this time. It has been a great experience.

Likelihood to Recommend

Splunk Cloud has been great for our security environment and helping us becoming more proactive at addressing security concerns. For us, it has great transparency in terms of cost and allows for good scalability as we right-size our environment. It is great for developing easy to follow dashboards that you can share across your user environment.
JS
Joseph Sweet
Strategic Sourcing Manager at Shearman & Sterling, LLP (Law Practice, 1001-5000 employees)
Vetted Review
Splunk Cloud Platform
1 year of experience
View profile

Data is the new Oil!!

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

Splunk Cloud is being used by our department. It solved many business problem as it delivers Splunk-as-a-Service hosted securely on the public cloud. With this cloud-ready service, one can enjoy all of Splunk Enterprise features without worrying about hosting the infrastructure and without paying the upfront Splunk licensing cost. Splunk Cloud supports all Splunkbase apps including Premium applications (e.g. Enterprise Security, ITSI, etc.) with pre-packaged searches, dashboards, and reports to create the right story from the data with the power of self-serviceability.

Pros

  • With Splunk Cloud you get the advantage of moving from POC to Production in a matter of days rather than in months allowing the Business to gain a lot.
  • Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership)
  • Move from Reactive to Proactive Monitoring
  • Highly secure environment at your finger-tips

Cons

  • Splunk Cloud support is increasing a lot now a days and I see no cons other than the price factor to the other compared products. Overall Splunk Cloud is a very good product all together.
  • I can see that Splunk Cloud can still improve in the form of SLA.
  • Splunk Cloud generally lags behind the available splunk upgrades. They are always one version behind the one available for enterprise.

Likelihood to Recommend

Very well suited for many business use cases where security, performance, and support are the top-most priority, along with the normal use case of Splunk. One would get very good support if the company is using Splunk Cloud and can solve many business problems like seamlessly allowing end users to store, search, analyze and visualize data from different sources of one’s business or IT infrastructure. Splunk Cloud follows the state-of-the-art cloud ready deployment strategies in line with continuous integration/deployment pipeline which is designed for high availability, efficient change management, and robust architecture.

One shouldn't use Splunk Cloud for learning or testing purpose. Such things can be done or fulfilled by Splunk Enterprise as well and would be way cheaper then Splunk Cloud.
MB
Manan Bhatt
Sr. SRE in Engineering at Crest Data Systems (Computer & Network Security, 201-500 employees)
Vetted Review
Splunk Cloud Platform
3 years of experience
View profile

Splunk Cloud, good for cloud-first companies.

Rating: 6 out of 10
Incentivized

Use Cases and Deployment Scope

We recently implemented it in our organization, mainly for security monitoring and to provide visibility into our cloud infrastructure and various providers. We are bringing in data to better identify anomalies, events of interest, and indicators of compromise.

Pros

  • Integration with Okta for IAM-related security events and monitoring.
  • Integration with AWS for CloudTrail and CloudWatch logs
  • Integration with Mimecast for email monitoring and integration

Cons

  • Deploying apps require a support ticket and can have a long turnaround time.
  • Making changes to conf files requires a ticket and if it's not through an approved process, then Puppet will reset it to what it was previously
  • Custom apps have to be very well written to make it through the approval process.

Likelihood to Recommend

If you have a smaller team that can't have a dedicated Splunk admin to manage the indexers, clusters, search heads, etc, Splunk Cloud is good because you have them manage it.
VU
Verified User
Engineer in Information Technology (Information Technology and Services company, 1001-5000 employees)
Vetted Review
Splunk Cloud Platform
1 year of experience

Splunk Cloud -- A tool that helps monitor and solve problems.

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Here at CCMSI, we use Splunk Cloud to monitor Active Directory Events. It is primarily used by the IT Systems Team. It has proven to be invaluable to find misconfiguration, excessive usage, improper procedures, and security events. The tool allows me to give Management the information they ask for in a graphical way that shows trends, spikes, and overall usage.

Pros

  • Splunk Cloud allows me to search the volumes of information help in Windows Server Logs quickly and accurately.
  • Splunk Cloud allows me to create Dashboards for everyday monitoring of multiple parameters.
  • Splunk Cloud allows me to create and schedule reports for Management on network usage and statistics.

Cons

  • The SPL programming language that the queries are built in is not very intuitive.
  • There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring.
  • I would like to see more free training/familiarization information made available.

Likelihood to Recommend

I find that Splunk Cloud is well suited for tracking user logins, Server Reboots, failed login attempts, account lockouts, and sorting these items by host or user. We often trace failed user logins to someone having cached credentials on an endpoint which can result in locked accounts that drive the Help Desk ticket volume up unnecessarily.
JK
Jeff Kitchens
Technical Project Analyst III in Information Technology at CCMSI (Information Technology and Services, 1001-5000 employees)
Vetted Review
Splunk Cloud Platform
1 year of experience
View profile