Avis clients sur Splunk Enterprise

La référence tout simplement

Commentaires : Un des meilleurs outils de journalisations

Avantages :

Nous a permis de faire des dashboards sur le suivi des patching de nos VM sur le Cloud et de l'installation de Crowdstrike. Mais aussi de traquer l'utilisation du NTLM V1 pour le désactiver sur nos serveurs

Inconvénients :

Les query sont un peu long et prennent un peu de temps à etre apprise

Big data is no problem for Splunk Enterprise

Commentaires : Splunk is a powerful and useful monitoring tool. Splunk's efficiency is enhanced by the ability to integrate third-party apps developed in-house. It's also interesting that we can incorporate a customs alert and dashboard. In most situations, it resolves the need to normalize data, allowing for the use of any and all data in business forecasting. It is analyzed for data that can be utilized to optimize spending plans and asset tracking.

Avantages :

Without worrying too much about data type or normalization, Splunk Enterprise can efficiently manage massive amounts of data from numerous sources. Data may be accessed in a flash, and there are a number of options for tailoring and integrating data analysis workflows to create bespoke dashboards or utilizing apps from our other product partners.

Inconvénients :

There isn't much I dislike about splunk, however if we have to be picky, it would be that it's more difficult to maintain as an administrator when splunk is installed on outdated architecture.

The most expensive tool, requiring highly-skilled employees, capable of limitless value

Commentaires : Splunk's SPL is a flexible, straight forward query-language with aspects of SQL, R, Python, and Bash. The fact that an analyst can learn to be an engineer through using the platform provides ease of growth. It is unmatched in its automation to make data actionable, while providing reporting and visualization capabilities.

Avantages :

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Inconvénients :

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Alternatives envisagées : Elastic Stack

Pourquoi passer à Splunk Enterprise : Splunk scales in all aspects except price. Organizations that are serious about security and SIEM tools will see the value in their investment almost immediately. The insights from the analytics and development capabilities are not available in other tools with this level of ease.

Splunk will help get your data seen.

Commentaires : Overall, Splunk is a powerful and flexible data analytics platform that offers users a range of tools and features for collecting, analyzing, and visualizing data. While it may be expensive and require additional resources to run effectively, the platform's search and reporting capabilities make it an excellent choice for organizations that need to process and analyze large volumes of data quickly.

Avantages :

One of the biggest advantages of Splunk is its ability to handle large amounts of data. The platform is designed to handle massive volumes of data, making it an excellent choice for organizations that need to process and analyze large datasets quickly. Splunk's search and reporting capabilities are also incredibly powerful, allowing users to search and analyze data in real-time and visualize results using a range of charts and graphs.

Inconvénients :

One of the potential downsides of Splunk is its cost. The platform can be expensive, particularly for smaller organizations or those with limited budgets. Additionally, the learning curve for Splunk can be steep, particularly for users who are not familiar with data analytics tools. This may require additional training or support to get the most out of the platform.

Spunk Review

Avantages :

It allows me to bring a lot of information into one friendly view. It's a great security audit tool.

Inconvénients :

It has limited functionality. It is a very memory intensive system. It does not integrate with Lennox.

Splunk is a great solution for SIEM and also for monitoring your infrastructure

Commentaires : We needed a way to monitor our internal environment and start to be more proactive with issues, so we started sending all of our logs to Splunk and we we able to get insights we did not know we needed. It is a great solution and they are constantly innovating.

Avantages :

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Inconvénients :

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Alternatives envisagées : Elastic Stack

Pourquoi passer à Splunk Enterprise : Spelunking was simple to setup and the customer service is great. It performed very well and proved to be a valuable assets to run in Production.

Best Siem solution in market.

Commentaires : Overall experience is amazing, we are happy with this software as it can ingest any form of data and generate alerts quite swiftly.

Avantages :

Easy to install agents on servers, it can parse any form of data easily, Splunk can detect anomalies quite easily and the UBEA feature is amazing.

Inconvénients :

The cost of this solution is high, and customer service is bad. Apart from that Splunk SPL language is difficult to learn.

A better business companion when integrated with RPA

Commentaires : Overall, the experience was positive; even with a free trial license, it was much easier, and on the course and certification side, Splunk has a very good collection of videos and materials that help even a novice quickly setup the integration and indexing.

Avantages :

The most useful thing about Splunk is the ease of integration with application. With uipath on-premises it was very much helpful as the business users can monitor the actions of robots through spluink without entering into uipath orchestrator

Inconvénients :

Expression creation for indexing was bit hard as it is not user-friendly to business users if they wanted to create any new fields, also the forwarder was not able to directly connect with uipath cloud so that the logs has to be shifted to intermediate file before uploading into splunk, but that seems not an issue with splunk but more related to uipath cloud

Alternatives envisagées : Microsoft Power BI

Pourquoi passer à Splunk Enterprise : Splunk was much cheaper than power bi and only little effort needed for implantation and the resources cost is also higher for power bi

Aneeded for the industry on the basic to the best role.

Commentaires : It's a great tool and used for many years to come.

Avantages :

Real time use. The ingestion of data and more.

Inconvénients :

Nothing yet.. maybe performance at times.

Alternatives envisagées : IBM Security QRadar

Pourquoi passer à Splunk Enterprise : Better for the industry and real time use. More expensive.

Powerhouse in data management and analysis

Commentaires : A complex but rewarding journey of data exploration and anomaly detection.

Avantages :

Powerful and versatile data mining tool with excellent integration capabilities.

Inconvénients :

Challenging initial setup and learning curve, particularly with query language and high cost.

log Master

Commentaires : Overall i'm happy to use for any malicious activity is happened in the forwarder system its giving immediate alert system

Avantages :

It's giving live alert, triggers, dashboard system based on rules we already set. the dashboard helps to see and virtualize the data.

Inconvénients :

The only concern I feel it consumes the system space due to this my system running slow. without knowledge of Splunk query language, it is difficult to handle.

Splunk an Enterprise Business intelligent user tool

Commentaires : Is a robust and intelligent management tool that enables everyone with user computer knowledge to navigate in real-time, consolidate vast data into a visualized report of dashboard features , reliable and web based, no major equipment required for setup, user need a smartphone or compute to access the platform through the web, you can navigate the system as long as you have computer knowledge without any training required(user friendly) .

Avantages :

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

Inconvénients :

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge. The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

An excellent SIEM at a low cost

Commentaires : We have many programs that measure the performance and quality of the operation, of the production in chevron, I think it is important that they give extra barriers to what we do and splunk is an optimal collaborator so that we can track all these programs and not get intrusions through the network.

Avantages :

It is a very subtle program, when generating the setup it is not necessary to have a great knowledge of programming to install it, but to solve some configuration errors, when you start what I like the most is that you start from day one to organize your applications, then From that you can easily configure cybersecurity for each program, I particularly like the monitoring of data programs and that the program alerts you with notifications so that you see errors that sometimes jumps in the program.

Inconvénients :

What I don't like and I see that it is something widespread is that it has very poor support in technical help, I think that the old technical support collaborators have left and people who are not so qualified have arrived to answer the tickets.For my part it is not a big problem since I am a researcher and with the information that is on the splunk website it is enough for me to generate the resolutions of problems.

Splunk review

Commentaires : Overall, it is a very good monitoring tool for an support team and developers for doing root cause analysis.

Avantages :

Splunk Visually represents the logs mainly from production servers in the web UI . People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query. It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively. we can access all types of logs including XML and JSON. we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues. This tool is boon for production support team in any enterprise company.

Inconvénients :

Licensing cost is quite higher for enterprise usage. Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)

Splunk the best analytic tool

Commentaires : It gives best Return on Investment as analyzing the data and giving proper insights in form of Dashboards and notifying with help of Alerts if any kind of threat running in infrastructure and apart from that Deployment and use is very easy.

Avantages :

There are lot of features which Splunk offers - 1) We can onboard data from any server, device or system using Universal Forwarder 2) Onboarded data are later stored in Indexers and searched further in Search Head for analyzing the internal logs 3) Using the data we can create customizable Dashboards and get proper insights of data and create Alerts to identify any kind of Threat or anomalies running in environment 4) Deployment is very easy on-prem servers 5) We can also use Hybrid Deployment on Cloud as well.

Inconvénients :

1) As it give large amount of features but licensing is too high 2) There are lot of other Open Source software which can be used as alternative of Splunk as Analytic tool because Splunk is paid one.

Splunk helps us to walk in the darkness, for sure in the Prod arena

Commentaires : We are in Autodesk, use it much, as part of the monitoring tool. We like it and would like it to be improved and even more useful

Avantages :

Dashboards feature is amazing, I use it much. Alerts and queries are easy to set up. Mostly it works fast so it's kind of Dev friendly so it's easy to onboard the new guys

Inconvénients :

Alerts should have a better way to manage it. There should be a way to promote alerts to different environments - so we will be able to set the Dev/Stg/Prod Sometimes some things that we want to do take a while searching on the internet for a solution - they might think how to do it better - maybe some examples or better documentation

Best Tool for Monitoring Purposes.

Commentaires : As a user of Splunk, we generally used to monitor the log provided by the server clusters belonging to a tool called API Connect. As the logs are stored in Splunk, we tally the transaction count from API Connect tool and filter the log search in Splunk with a particular search query. We can download the logs of particular time and date of API Connect servers in case of transaction count issues. We create a dashboard for all the individual API's transaction count in terms of total transaction count of all API's. In this way, it makes our work easier to find out which API has the highest transaction count. We even use Splunk to know the state of the machine. Reports generated by the Splunk helps us to find out the API with the highest response time. In this way, Splunk makes our work a lot easier as it is very fast and highly secure.

Avantages :

1) Accepts multiple data formats like CSV, JSON, XML 2) Does the hard work for us i.e converting machine data to a human-readable format. 3) Can create customized alerts to serve our business purpose. 4) Searching on the based on queries is pretty simple. 5) We can create dashboards to analyze and visualize our search results. 6) Can export the log content to our Personal computers. 7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy. 8) Technical support for the Splunk is very quick as they have a dedicated staff for that.

Inconvénients :

I did not find any flaws with this software.

One of the best monitoring solutions for different platform.

Avantages :

Best tracking and data analysis tool which help to monitor and manage the server and system component in very effective way. Real time Visualization helps to take the quick decision so that desired action can be taken to avoid failure.Best data collection in the forms of log and which helps to define the best set of automation jobs to fix the issue.

Inconvénients :

There are few components or observation like,1. most of the time observes the slowness in the performance.2. Sometime observe the delay in the issue or updated log reflection on the portal. 3. Need more storage to manage and maintain the lo g which impact organizational costing and budget.

A tool that every sys admin needs to have

Avantages :

I'm not sure from where to start in this case. We use splunk for many things but mostly to analyze the traffic on the network / firewalls. It provides us with a nice overview of what's going on. It makes it very easy to spot spikes on the network and it will provide you also with deep analyzes. For us it's an indispensable tool, probably the best tool we have.

Inconvénients :

To search for something is not always easy, however there are a lot of forums online, so finding help is not that difficult.

Excellent logging and troubleshooting tool

Commentaires : As a software quality assurance engineer, I love that I can setup a single dashboard where I can then view the same data from any lane I select from a dropdown. If I see a problem in the Test lane, I can quickly check all of the other lanes for the same issue by simply changing the dropdown value.

Avantages :

Splunk can give you extreme insights into how your systems and software are functioning. Not only is the search very flexible and powerful, the customizable dashboards give a status report at a glance into trends, problems and performance. You can also set up email alerts when errors occur limiting the need to have Splunk opened on your machine all the time.

Inconvénients :

Splunk has a learning curve. They have extensive documentation but it isn't intuitive and some features are buried pretty deep. We have an onsite expert who holds bimonthly meetings to answer questions in a group forum.

Very reliable and powerful resource

Commentaires : On business side we have a lot of logs, informations provided for a very different resources, the most beautiful thing about Splunk is to consolidate everything on just one place, and the ease to extract this information make Splunk the most powerful resource to gather and extract data from every resource that you have logs, even if you are using Windows or Linux, Splunk covers both.

Avantages :

Ease of use, you can extract any kind of information using commands provided by the software vendor. The other good thing about this software is the easy implentation on the servers, and the configuration is basic.

Inconvénients :

For people that are not used to use command lines, it might be a liitle bit difficult on the beggining.

Premium but pricey log management and analytics tool

Commentaires : Having a enterprise-ready centralized logging tool is critical for production success.

Avantages :

Splunk integrates with almost all popular enterprise software products including VMware, AWS, Azure, etc. Most customers use it primarily to do log analysis but it can also perform data analytics for business reporting. The UI is very straightforward and enables you to quickly search through large datasets using SPL. We were able to quickly locate the source of the issues by using Splunk to triangulate logs from several different components. There is a Splunk Cloud version with a free trial if you are aiming to do some integration work and testing. Finally, like all monitoring tools, Splunk offers AI and machine learning for even better predictive analytics.

Inconvénients :

Splunk is expensive and probably not for smaller startup companies. The pricing is tiered and is subscription-based so if you start to ingest a lot of data, look out. It can eat into most of your IT budget and Splunk by itself doesn't handle all the Day 2 operations that are needed.

Helpful tool for troubleshooting and analyzing data/logs

Commentaires : The overall experience has been good. Splunk definitely helped improve our troubleshooting capabilities.

Avantages :

Splunk is great for monitoring, logging, and analyzing the large volume of data on the servers. Our support teams use Splunk to collect data/logs from the servers and troubleshoot product related issues. We introduced Splunk few years ago in our organization and it helped improve our defect/issue analysis and problem solving abilities

Inconvénients :

While Splunk is not too complex, it also requires a certain level of skillset to decipher the information. It may take a while to figure things out if you are a new user, or someone with limited technical knowledge

Splunk Enterprise Review

Commentaires : Good overall experience. It’s an expensive product and there is a learning curve, but it’s an amazing ing product once you are accustomed to using it

Avantages :

The ability to set up queries and get data back quickly is invaluable

Inconvénients :

Learning to structure queries is a bit of a challenge in the beginning

An excellent tool fol log analysis

Avantages :

Splunk is a great enterprise-class tool for log analysis and troubleshooting of IT systems. Its graphics capabilities allow you to easily see trends that would otherwise go unnoticed. With a single click, you can retrieve information dating back months ago. Splunk is able to handle any type of input file and this allowed us to get very rapid prototyping cycles. Compared to the competition, it has integrated AD authentication, which fits in perfectly with our corporate security. The software is very fast, even on second-tier hardware.

Inconvénients :

The license fee is a little too high. Some sections of the support site contain outdated information. Since the Splunk syntax has changed over the years, it's quite easy to find information that is no longer relevant. The "basic" charting options are somewhat limited, and the "advanced graphic" syntax requires a charting guru.