diff --git "a/index_v2/SplunkEnterprise/docstore.json" "b/index_v2/SplunkEnterprise/docstore.json"
new file mode 100644--- /dev/null
+++ "b/index_v2/SplunkEnterprise/docstore.json"
@@ -0,0 +1 @@
+{"docstore/metadata": {"755fceaa-f8be-4e0c-82f7-36d891f3a257": {"doc_hash": "9a3ccd41c90ba93aa8d5992aecf1681be03b9cc8b4bfd926112f332dc36d268f"}, "9edd272d-05a9-4bfb-afb5-924aa610c40d": {"doc_hash": "b5f46fbdd9962f6a4b23762140914b5be591287072b08ecbb1a548ced522be3c", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "1b8e8357-b0b8-4c29-a0c1-2224ede28488": {"doc_hash": "6e5d43d380b23673c81463eac23b2304dde481c00685a3e6b5ed8a59a537454d", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2": {"doc_hash": "3a01f5f9dda4adb5da86060ffd2db3f270f6c867c21d60de39127cd9dedf4fb4", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "81444380-7cb4-4706-8f08-02dc8ef9d443": {"doc_hash": "06fcf6688e1ff2e3d9e088b4fc95f210f7459ed23ffb7cb89728a79509b6a880", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "e87beadb-a87a-4450-b26e-6bc11fec887a": {"doc_hash": "8562e69507a0fae970bd399ef78222218216676bdc0dd06a47da04dd3fa21bee", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "f156331b-003f-4068-b430-81ea09cd3acb": {"doc_hash": "f57303f827d859c0a43ab68e23c03a96522cd3bc7e25512b43c916883dfb6547", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e": {"doc_hash": "bcb1cf4dd04dd2e2675f57a9879df4f3da398f3ad55f49f37b28366847f560f1", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "e0807126-e648-46de-b5c2-910e4e173d82": {"doc_hash": "9f7e16960a09893e2324d4096ba4e1428011a6cfd41043b8c981ca098cbfe1f0", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e": {"doc_hash": "8f7b91fca96dbcb9cd8aa847f451fb8d2d7a096d490a9ef8f0e917cfb89d83bc", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5753c053-763a-41fc-881d-6bf57c1d7753": {"doc_hash": "f917180a60c935283aef630983ccec0a5c0619e853d91637314de31f8a8cb158", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5f2c5dca-49fb-4725-ae3e-4c1951067bdd": {"doc_hash": "0a71025786d475b1ec47bcd925dd5d86ed1f94cd8c37ce63b1e5e5a665f9ad14", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "10e4af3c-d44a-4aff-a0dc-63907a78a16d": {"doc_hash": "441969da34e7908e3b27006a5185ea76e429818929f962c8ccb945cf9d77634a", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "d9212f2b-877e-42b3-bc44-cf84c73b8311": {"doc_hash": "a199464ee81d7983addb738dde4d9901422e0852594c9186b97540ebfafed4f6", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5a34023f-6c80-4bc8-a9da-f80343581e69": {"doc_hash": "c5dcc7f7190731aed9269343515feeae2dd8cd432775ec217b6dd70d247c755b", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "7b2071b1-da20-49e8-a91e-a277a4a90d15": {"doc_hash": "13320497298cacc7f0eee4c2783a2057e85c18b4b31cd12349a655da3fe674de", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "02544d89-afa8-46c7-b46f-ef0dcefed681": {"doc_hash": "99eb14e9d43328a450b3649b516ae89706b66fadd30f828efcbc85e4dbc26738", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "4e1099db-41c7-43c0-836f-0d8da4edc74e": {"doc_hash": "807da9332bd4aed47b7989d6d98748739ce92af0130b2fb91fc7442859ee896e", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "f1a0779e-905c-4c66-9f14-c1fd473f6115": {"doc_hash": "d4649770bd92a8cc070e9f070ccbbf88a42159e5d0d6e40a17fc5e0edc7f6d88", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "f8613859-5e96-4bcd-882f-aa600feab1ff": {"doc_hash": "b40670255ccab1222f1e138ee650c19c2f5caf4ed1f81467bca2266880d61fe9", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "ea47314c-19e1-4116-ac9a-9b436f91fd74": {"doc_hash": "0c16c8f8f9b777c311ae578115bf4e9cf13f9326815ebd4c7a5e5eaa617d0a7c", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "652073e8-08c5-49cc-bbc4-ca70d326cd91": {"doc_hash": "8dc239d4aaa49911b6a35c4c4f14ece463b5b5886f8543611fe7f8379cb6dc30", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5bd4e401-4e7b-4124-bba6-800f7b04c425": {"doc_hash": "bbc1e7ab35ed71d7316d75dc3c3270586d37fe8348174c410fbb0a7a5f99bb82", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5b9c6817-960a-4fbb-ada8-c91eaea375f9": {"doc_hash": "755c61df864046890ee6ba72fa5b6ec3dbfcdd56b4daa18affa238ecb8528d9a", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "94bd416e-81de-4df9-9af5-eeec685ecf1c": {"doc_hash": "ea2430a61f147f0482bc2722557ada9a6542c73c2a90d592e5d371ba51cdd4fd", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "3b28057a-a366-494d-86cb-fb4ec55da5c2": {"doc_hash": "6782b93c0072bd8c3b39bbcd98a836f617436740f364f66c5cd463e2f57f8c3a", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "84838ed9-c928-4a9e-acd8-8641b036fa23": {"doc_hash": "b0845aa5a47a4a63d8dd655577ed285f693b438616c36ad1f6ec8dc7039a0e37", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "bc7a6092-63e8-4c2a-8f18-563f5472822b": {"doc_hash": "eb5c01329b842b408a649f71e1fb2c47d7a13d88087660f3dfbaf836a15dd1c2", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "922bc878-0201-49ea-b751-5b4fde16bb6d": {"doc_hash": "95fdf5afbcd46816187252abb65c0456dd2d1635c8a193d21e2c25df3f3b31a3", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "5f6282df-c993-4ad6-ab4e-cc53ae5c1557": {"doc_hash": "544b0206eb9e3efcb7e006886c6a1c6c6e8f12cfffdc25b203625670f8d7d909", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "0294ad83-fd66-4219-9f09-778575cf809c": {"doc_hash": "db0be8266af2ca4fe7491836cde6d9da7460b82b376217756156ac6780f27f5a", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "abb2f36a-947c-41fa-85ef-2275497140fe": {"doc_hash": "ee840677343636c5902048cfe79f91c25ff6b879661aeb29840aa56cff5022c1", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "905ad1ac-118c-467b-8a79-3df2be677e83": {"doc_hash": "ee50c92a72d96c75ca953461207de17ba19bed470f9c97aca2c697970bac4244", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "bee4eada-eeec-40eb-bda2-271f40acfaba": {"doc_hash": "536c42fe6009b44d6d7ab84a8564dc70f09166f790c58bc3f85c35419f566632", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432": {"doc_hash": "58777cb35c43639ffad6960af040712ce76a5f7ec26316efbf6f1d5c2ff09d46", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "37038a26-361a-4824-b412-45da3a50aa13": {"doc_hash": "f6d93dcf36d07bb1baf418d7d76c433e21445f431b05831f8a7fd73bf23c6ef5", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "63f92bda-3680-476a-89b7-240dad4835c4": {"doc_hash": "e1ec4ebf52b530cabee7951aa0a9f7e6f68602e2e453ebd2435cbcd9a27dcea4", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "f565e74a-3b4b-425b-98ec-027ab439c3d9": {"doc_hash": "6af6541350dcf65c2e5226bb4f88115383ab5a9f1ca30ca6d9eb11ea85bae1a9", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "d3a7ae68-5174-4258-8292-0a9451e8b916": {"doc_hash": "ff53d658077735453c5e8e38743b1cc97f6acd1d118765cf043ea60a664fed74", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "07ac6a79-985c-411a-b6c6-5801e689afcf": {"doc_hash": "94bd6ade0f471d3500a72b69388e96963f4cb62499f314a378de256f5b1c8024", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "802e9005-13d7-4173-bc27-09ab95ea375a": {"doc_hash": "d17287aed64d01e3a32e89171f3ff48b8d4d7a81c74f894dcb010a650d2934f1", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "e9416f76-31dd-45d1-88e8-dbefa2b7a04a": {"doc_hash": "1998b3cc8743ec8714d284c480b10c8d6c037e5b8b3cd164eca31ac112602b96", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "d8b2233a-0cbd-4e1e-8f13-144507e0ba90": {"doc_hash": "a690d567ee60fbc7d3d723c1c17bd61d004825b3d28ab586fde6247d1295ba5e", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "df2706de-7a67-4837-9162-5b9e36d1a8ed": {"doc_hash": "0c97ccff5e23b7c1363113e0b8bd46425ca34a32715f29f25a1e152e2ea294f3", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "343f4d90-69d0-4aed-87d9-6c7896f18cdf": {"doc_hash": "ffa47ae23dd27568535f904617b36007ff1f50a4edb8928372086fd082cc3fbf", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "55c04431-65ee-4d04-ad9d-e26261ad8eed": {"doc_hash": "704abd87ab3c5923fb1f6af0185f69c73edf772b47fce798c8462c46207a4e5d", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "9dfaab70-7d70-4e42-86f2-a3c2d961207c": {"doc_hash": "d6def574ccc79b0977275df5761acf0ace0792a24159f43eefb4464573fca9b9", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "fb76762e-5f96-4e30-b458-26837b628208": {"doc_hash": "ae60b94b78453de6bdf23b59a0b8c9a4079c9662ca8c1875c6e33d52d574ed89", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879": {"doc_hash": "b11ad7382a8c445b9915ce741282299f66fc4826e0584732400454463a72ed60", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "da25c223-a805-482a-bb28-b3862f33b028": {"doc_hash": "62d8b85c2cb68313431c1be8e06bf21a4fd0104b2a1fdeb2dae5aa3c6186e7aa", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "ecb9caf5-ef92-4595-affa-0b60ab364b41": {"doc_hash": "e98c66fa1b44fd61b4754085f87c89171c000e1bd94e9975270a239ae938c24b", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "22b17438-5a36-49c6-9fe5-1e599edb22be": {"doc_hash": "28dcdbccc067ee91da7fc98663d8eb38d06510a6f7068598ff7ff6b952b71826", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "062c1b51-1d17-41d4-864d-786a1007ab0e": {"doc_hash": "2180db6ac7b5f338d4fed9a313dd51b9fec3a8d5d3420c7ba1352df918f2ddb4", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "885f2991-1d81-459e-97c2-c2654ff84e24": {"doc_hash": "dea447c8c6ff8ad20202302de072fb6536b263052a24298e347c9d57807e5186", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4": {"doc_hash": "0ab87164061d34a99b14f42ddc359248b4e5dbb2f62ea727b32ad125d91b158b", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "4471364f-327d-492d-b746-8f962831fd94": {"doc_hash": "05e06dcdc962b20842f2655802969b1ebee6f7e1840a8e632f27843d44ea2ede", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "2040909c-b801-4465-a844-89283f6f469f": {"doc_hash": "7395ee02e1b6ac97ee419bb3bd334738f7f6b56968bb3d8990853695278629a1", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "4e6ed601-46ca-40c7-845d-fff5d9f17da9": {"doc_hash": "7e0ae48d4498646f07805376f4d99914de7f7a5b001609e6321a4913ea21eb12", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}, "83d4630e-f291-4ba1-b3d2-d3a21d27ab71": {"doc_hash": "67751af0107663ba5da25f31bb43ab3eea9794a85b74ae9a50276cf29f05e834", "ref_doc_id": "755fceaa-f8be-4e0c-82f7-36d891f3a257"}}, "docstore/data": {"9edd272d-05a9-4bfb-afb5-924aa610c40d": {"__data__": {"text": "Enterprise, Capterra, vikram s., Associate, 5.0, We are using Splunk for log monitoring . It is integrated with Kubernetes and pivot cloud via data bus. By Splunk we get Realtime log application. It provides best visualization of data generated by system. Splunk also provide option to filter data based on data range and time. We can configure email alert for specific issue. Splunk also provide ML model for data. Splunk use simple query to get data ,everyone can easily learn Splunk query., I haven't found any issue yet the only problem with Splunk I have that log in Splunk is scattered . We need to build good query or better logging mechanism at application side.\nEnterprise, Capterra, Verified Reviewer, Health, Wellness and Fitness, 5.0, The versatility is amazing. The same data in logs, such as IIS, can be used for Security, Application performance, and even error handling. This allows us to use one log to help multiple teams. This is just one example., Start up takes someone who has had some training. While searching and output is easy, its the onboarding of custom apps that takes the know how.\nEnterprise, Capterra, Patrick M., IT Application SR Dev, 3.0, It allows me to bring a lot of information into one friendly view. It's a great security audit tool., It has limited functionality. It is a very memory intensive system. It does not integrate with Lennox.\nEnterprise, Capterra, Muhamed F, RPA Developer, 5.0, The most useful thing about Splunk is the ease of integration with application. With uipath on-premises it was very much helpful as the business users can monitor the actions of robots through spluink without entering into uipath orchestrator, Expression creation for indexing was bit hard as it is not user-friendly to business users if they wanted to create any new fields, also the forwarder was not able to directly connect with uipath cloud so that the logs has to be shifted to intermediate file before uploading into splunk, but that seems not an issue with splunk but more related to uipath cloud\nEnterprise, Capterra, kartik S., information security engineer, 5.0, Easy to install agents on servers, it can parse any form of data easily, Splunk can detect anomalies quite easily and the UBEA feature is amazing., The cost of this solution is high, and customer service is bad. Apart from that Splunk SPL language is difficult to learn.\nEnterprise, Capterra, Ariev D., Software engineer, 5.0, Real time use. The ingestion of data and more., Nothing yet.. maybe performance at times.\nEnterprise, Capterra, No name, nan, 5.0, Security Information and Event management, log analytics, custom dashboards and workspaces, Auto upgrade management and notifications for Add-ons. Leaning more towards config file based implementation instead of UI based implementation\nEnterprise, Capterra, Yann O, Back-end Developer, 4.0, Splunk is very robust with being able to search network traffic, create dashboards and automate reports and alerts. It allows users and admins to solve many problems. Our company has created several alerts for when people on the network download any files that look like they could be a virus, or if they are using illegal software, or trying to login with wrong passwords constantly., I least like that Splunk is expensive and often requires a significant upfront investment. Additionally, the complexity of the product can be a challenge for new users, as it takes time to learn how to use the product effectively.\nEnterprise, Capterra, Stephan v, Cyber Securit Analyst, 5.0, The easy of setup and integration makes this one of my favorites As well as the real time dashboard, Not much i don't like yet, but maybe the interface can do with an update\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Splunk Enterprise's versatility is highly valued by its users, as it is capable of analyzing and managing data from a variety of sources, including machine data, logs, and structured and unstructured data formats. This makes it a valuable tool for organizations with diverse data management needs. In addition, users appreciate the software's efficiency in processing and", "doc_id": "9edd272d-05a9-4bfb-afb5-924aa610c40d", "embedding": null, "doc_hash": "b5f46fbdd9962f6a4b23762140914b5be591287072b08ecbb1a548ced522be3c", "extra_info": null, "node_info": {"start": 0, "end": 4130, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "3": "1b8e8357-b0b8-4c29-a0c1-2224ede28488"}}, "__type__": "1"}, "1b8e8357-b0b8-4c29-a0c1-2224ede28488": {"__data__": {"text": "data management needs. In addition, users appreciate the software's efficiency in processing and analyzing large volumes of data quickly, allowing them to make faster and more informed decisions. This is particularly important for organizations that need to respond to data in real-time, as Splunk Enterprise's speed and efficiency can help them stay ahead of the curve., Splunk Enterprise to be complex and difficult to use, particularly for those who are not familiar with data analysis and management tools. The software has a range of features and capabilities, which can be overwhelming.\nEnterprise, Capterra, Gabe M., IT Administrator, 5.0, Free to use for small 500MB or less daily ingress, quite nice for small use cases and learning - No development work required to deploy and provide value. - Deployment flexibility: client agents are available to use, or clientless configurations for multiple OS platforms. It's also very easy to deploy, not just flexible. its a very simple affair. - Segmentation of logs: You can create separate instances of of logs to aggregate, based on organization needs. And those instances can have their own individual storage policies to optimize consumption of storage resources. - Configuration design: Thoughtful and mature documentation and design of the application regarding enterprise-class scaling on network storage. -POWERFUL tools: The user interface lends itself to learning more about your organization from the logs you collect, through metrics of trends of the logs being gathered. There are also specific modules/add-ons for popular applications to provide more value and event-based monitoring, all without having to develop in-house dashboards and intelligence of those logs. - Customization: You can create your own queries of logs, and event-based alerts. - Web-based GUI that clean is powerful - Sales/Technical Reps are top notch in fielding questions and evaluating environment for deployment. They were extremely helpful in helping our organization develop procedures and scaling our environment for expansion with our existing infrastructure., Price: This product is not free for more than the minimal use. Pricing can be very expensive, relative to open source offerings. That is the trade-off you pay for not having in-house development of open source offerings. As this product is priced based on gigabytes of indexed logs, it is important to understand the scope of licensing necessary for your environment to determine if it is a good fit for your organization. - Watch your saved queries and hardware resources: Users have the ability to create and save queries. Like in database queries, some are more efficient than others. Large inefficient queries can be very resource-intensive. If you notice slowness in day-to-day queries, or navigation in the UI, or resource use in contention, keep an eye on saved queries and user practices.\nEnterprise, Capterra, Verified Reviewer\n, nan, 4.0, We use this as our SIEM. The ability to have the data ingest, visualization, alerting and correlation all in one product is very important to me from a security standpoint. We're cloud-first so having that ability with large cloud providers is important to me (AWS, Okta, GCP, etc), The cost can be a little concerning and htere is a bit of a learning curve when you first get into Splunk. User groups, their forum and pro serv all help with that.\nEnterprise, Capterra, kalaiselvan k., Integration Enginner, 5.0, Splunk Visually represents the logs mainly from production servers in the web UI . People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query. It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively. we can access all types of logs including XML and JSON. we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues. This tool is boon for production support team in any enterprise company., Licensing cost is quite higher for enterprise usage. Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)\nEnterprise, Capterra, Mohammed H., CISO, 4.0, Splunk appsStrength and capabilitiesIntegration", "doc_id": "1b8e8357-b0b8-4c29-a0c1-2224ede28488", "embedding": null, "doc_hash": "6e5d43d380b23673c81463eac23b2304dde481c00685a3e6b5ed8a59a537454d", "extra_info": null, "node_info": {"start": 4047, "end": 8469, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "9edd272d-05a9-4bfb-afb5-924aa610c40d", "3": "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2"}}, "__type__": "1"}, "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2": {"__data__": {"text": "Mohammed H., CISO, 4.0, Splunk appsStrength and capabilitiesIntegration with most solutions, Resource utilizationLimited local partner support\nEnterprise, Capterra, shashank v.\n, Software Trainee, 4.0, 1) Accepts multiple data formats like CSV, JSON, XML 2) Does the hard work for us i.e converting machine data to a human-readable format. 3) Can create customized alerts to serve our business purpose. 4) Searching on the based on queries is pretty simple. 5) We can create dashboards to analyze and visualize our search results. 6) Can export the log content to our Personal computers. 7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy. 8) Technical support for the Splunk is very quick as they have a dedicated staff for that., I did not find any flaws with this software.\nEnterprise, Capterra, Robert F., Management Consulting, Unspecified, 5.0, Splunk is more than a tool or a product, it is a big data platform. Splunk can be used as a simple log aggregator all the way to a Big Data engine to find efficiency in operations of the Internet of Things. Splunk is less about its abilities, and more about your imagination about what you can do with Splunk. That is the beauty of the platform. Splunk shines in providing operational intelligence about systems and processes. Finding out how your systems are operating, how your processes are functioning leads to quick resolution of problems and points to where budgets are best spent., Splunk is deceptively easy to set up and use. But like learning to play chess, you can learn the moves in half an hour, but take a lifetime to master. Splunk quickly provides value, but requires imagination and creativity as well as wide ranging knowledge of systems and processes to move to the next level. Not every organization needs that kind of talent to get a great return from Splunk, but the companies who compete and win will.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Fast consolidation of disparate logs in an easy to search way for troubleshooting. I can find problems within my organization very quickly. Sales team was very responsive in getting me a trial license to estimate my needs., Set up takes some time and planning. The Licensing scheme can be pretty expensive and until you've got it up and running it can be hard to estimate how much license you need.\nEnterprise, Capterra, Chintan M., Technical Specialist, 5.0, Easy to use tool -Simple graphical interface which makes it easy for a new user to understand the features easily -Real time data analysis can be carried out, When we try to search for data which is more than 30 days old, then sometimes we see slowness\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, When you need to store, correlate, and search large amounts of data, especially System Log data, there is no tool that even comes close to Splunk. It's power and flexibility is amazing.,  Very expensive. Difficult to implement until all moving parts are understood. Steep learning curve for beginners.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Splunk integrates with almost all popular enterprise software products including VMware, AWS, Azure, etc. Most customers use it primarily to do log analysis but it can also perform data analytics for business reporting. The UI is very straightforward and enables you to quickly search through large datasets using SPL. We were able to quickly locate the source of the issues by using Splunk to triangulate logs from several different components. There is a Splunk Cloud version with a free trial if you are aiming to do some integration work and testing. Finally, like all monitoring tools, Splunk offers AI and machine learning for even better predictive analytics., Splunk is expensive and probably not for smaller startup companies. The pricing is tiered and is subscription-based so if you start to ingest a lot of data, look out. It can eat into most of your IT budget and Splunk by itself doesn't handle all the Day 2 operations that are needed.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Splunk is great for monitoring, logging, and analyzing the large volume of data", "doc_id": "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2", "embedding": null, "doc_hash": "3a01f5f9dda4adb5da86060ffd2db3f270f6c867c21d60de39127cd9dedf4fb4", "extra_info": null, "node_info": {"start": 8490, "end": 12657, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "1b8e8357-b0b8-4c29-a0c1-2224ede28488", "3": "81444380-7cb4-4706-8f08-02dc8ef9d443"}}, "__type__": "1"}, "81444380-7cb4-4706-8f08-02dc8ef9d443": {"__data__": {"text": "Splunk is great for monitoring, logging, and analyzing the large volume of data on the servers. Our support teams use Splunk to collect data/logs from the servers and troubleshoot product related issues. We introduced Splunk few years ago in our organization and it helped improve our defect/issue analysis and problem solving abilities, While Splunk is not too complex, it also requires a certain level of skillset to decipher the information. It may take a while to figure things out if you are a new user, or someone with limited technical knowledge\nEnterprise, Capterra, Shalinee S, nan, 5.0, We are using this tool for monitoring our services log. It is easy to monitor the data using this. For each service, you can configure which log file should be shown on the UI(web). On UI, it provides lot of features like finding pattern in logs, doing analysis and generating reports and much more., Learning is slow. Initially, it takes time to understand the reports and pattern it finds out of the log. But it's worth learning it.\nEnterprise, Capterra, Irfan S., Developer, 5.0,  The best part of it is its UI which has very responsive page and can drag couple of days logs. Best in its performance and versions are being upgraded at regular intervals and its best in delivering the outcomes as required, nan\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, I work at Fintech company and we use Splunk for checking error logs and tracking anything that goes wrong within the system. I like Splunk as it gives exact line number which is breaking the code which makes easier to debug., The index should be accurate otherwise viewing logs is not easy.\nEnterprise, Capterra, Janne M, Technical Product Manager, 5.0, Splunk is first of all reliable from stability and information security perspective, which is a must. Second, it has one of the most advanced feature sets in analyzing, manipulation, anomaly detecting and processing log data residing in its database. Even AI/ML options are on the table, and it's possible to start implementing AI/ML with Splunk immediately., For certain types of use, licensing structure can hit you in your face relatively quickly.\nEnterprise, Capterra, Davis M., Principal Security Researcher, 4.0, Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes., Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.\nEnterprise, Capterra, shabbir s., security analyst, 5.0, Data visualization, Analytics skills with AI-powered and can handle data in TB/per day without any interruptions in services. Live dashboards, developing use-cases and their capabilities (correlation)., complex architecture and efficient skills are required, financial is also not feasible for small and medium customers. no inbuilt query builders for beginners to understand the platform.\nEnterprise, Capterra, THOMAS Z., Management Reporting and Business Analyst, 5.0, It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack., The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a", "doc_id": "81444380-7cb4-4706-8f08-02dc8ef9d443", "embedding": null, "doc_hash": "06fcf6688e1ff2e3d9e088b4fc95f210f7459ed23ffb7cb89728a79509b6a880", "extra_info": null, "node_info": {"start": 12655, "end": 17028, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2", "3": "e87beadb-a87a-4450-b26e-6bc11fec887a"}}, "__type__": "1"}, "e87beadb-a87a-4450-b26e-6bc11fec887a": {"__data__": {"text": "has depreciated against the major trading foreign currency.so the Forex pricing is a challenge. The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used\nEnterprise, Capterra, Idaly M., Project Manager, 5.0, I really like the platform, the data collection is ideal and the reports are detailed, it is the most appropriate SIEM service to monitor our IT infrastructure, it is an ideal software to take preventive measures, it is easy to customize the dashboards, the monitoring is constant and it gives us security in real time, the alerts are accurate and it helps us understand what is happening and fix it before it becomes serious., It is a somewhat expensive service but with more powerful features than other free SIEM systems, and it is a bit complex to set up and use for inexperienced users, so a lot of help should be sought from experienced staff and support team at first.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.,  Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.\nEnterprise, Capterra, Verified Reviewer, Oil & Energy, 5.0, It is a very subtle program, when generating the setup it is not necessary to have a great knowledge of programming to install it, but to solve some configuration errors, when you start what I like the most is that you start from day one to organize your applications, then From that you can easily configure cybersecurity for each program, I particularly like the monitoring of data programs and that the program alerts you with notifications so that you see errors that sometimes jumps in the program., What I don't like and I see that it is something widespread is that it has very poor support in technical help, I think that the old technical support collaborators have left and people who are not so qualified have arrived to answer the tickets.For my part it is not a big problem since I am a researcher and with the information that is on the splunk website it is enough for me to generate the resolutions of problems.\nEnterprise, Capterra, Avinash S., Principal - Program Management, 5.0, The ablitity to configure and tweak the use cases. Building Intelligence into forensics. The AI feature is gud but needs more enhancements., The log management needs to be efficient , If the auditing logs is enabled then a huge influx of logs are pumed into splunk but no meaningful meaning can be derived.\nEnterprise, Capterra, Amit G., Solution Architect, 5.0, Splunk Enterprise is best tool to analyze the data based on different visualization. It help us to lookup distributed logs for micro-services . It enables field based lookup. For complex logging, we can use search query using expression. We can create multiple reports/charts for visualization such as a pie or bar chart for our data. Best feature what i like , We can visualize our search results and share them with others using dashboard panels. If Already have a dashboard, we can add a new panel from a report, clone from another dashboard, or add a prebuilt panel. Fully customization available. Interfaces is very flexible. We export it in different formats, or refresh it to visualize the newest data. Online Support is available through different community, Search query builder is fully based on technical. for Non technical users, its really difficult to lookup logs. Sometimes, error thrown by query builder is more difficult to understand. Deep Learning is required to use splunk for production data. For Large application installation, it need to manage more.\nEnterprise, Capterra, devaun f., software consultant, 5.0, Splunk allows us to see exactly what is going on in", "doc_id": "e87beadb-a87a-4450-b26e-6bc11fec887a", "embedding": null, "doc_hash": "8562e69507a0fae970bd399ef78222218216676bdc0dd06a47da04dd3fa21bee", "extra_info": null, "node_info": {"start": 17024, "end": 21378, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "81444380-7cb4-4706-8f08-02dc8ef9d443", "3": "f156331b-003f-4068-b430-81ea09cd3acb"}}, "__type__": "1"}, "f156331b-003f-4068-b430-81ea09cd3acb": {"__data__": {"text": "5.0, Splunk allows us to see exactly what is going on in production! I work on commerce for a fortune 100 company, and we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time. You will learn that you can place strategic log statements in your code that allows you to identify situations in production and be proactive at solving them. For example, you can log your customer's session cookie ID, and track any given customer's activity on your website via your app logs. It gives you dials and charting capabilities to monitor even the slightest drops in customer activities due to flaws in code or slowing network calls., PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses.\nEnterprise, Capterra, Nana Kwame M., Teaching Assistant, 4.0, Splunk Enterprise offers real-time data analysis tools makes it possible for my institution to see and take immediate action against security risks, performance difficulties, and other operational concerns.,  Splunk Enterprise is really expensive and it is a huge part in our annual budget because we require add-ons.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Splunk comes with lot of in-built templates for each and every feature like log visualisation, dashboarding, traces,etc This makes the developers life lot easier. I can't think of any other logging tool that is snappy as well as accurate. I love the fact how easily I can plug it in my docker-compose to push container logs.,  Even though, it offers numerous features for different needs, each feature has its own learning curve. For instance log visualisation needs querying skills, which may be in natural language but it takes bit of time to get familiar.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Se cercare un SIEM stabile, affidabile e con cui monitorare costantemente i vostri sistemi Splunk \u00e8 la soluzione giusta per voi. Nella soluzione cloud SaaS consente di gestire un elevatissimo numero di log. Ha un architettura complessa che consente la ridondanza e la gestione dei carichi di lavoro tramite bilanciamento. Permette una molteplicit\u00e0 di analisi che consentono all'analista di sicurezza di investigare a qualsiasi livello ci\u00f2 che accade ed \u00e8 accaduto. Il linguaggio SPL con il quale \u00e8 possibile analizzare i dati \u00e8 molto potente e versatile, A volte l'installazione su determinati sistemi operativi prevede un processo piuttosto complicato soprattutto se si ha intenzione di rispettare il principio del least priviledge e non installare il software con permessi di amministratore. Su determinati sistemi operativi come AIX e determinate versioni di Linux non \u00e8 disponibile l'agent ma il solo inoltro dei log al cloud Splunk tramite protocollo syslog\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Provides a single location for collecting and analyzing logs. Provides ease of use for non-technical users, but powerful features for security and IT. There is an add-on/app for anything you could imagine., Some documentation is vague, and when certain things don't work, it can be difficult to find out a solution to the problem.\nEnterprise, Capterra, Sachin S., Devops engineer, 5.0, Splunk offers various features whether you need to setup monitoring on your server, application logs based on logs ingestion set alerts so that teams got notified on real time and take actions accordingly. In this way, it helps to monitor application which are mission critical. You can make dashboards in Splunk where you can configure various components such indexes, data inputs and schedule reports as well. To achieve additional functionalities we can install third party apps as well such as AWS Add on for cloud watch log ingestion., From Admin perspective,", "doc_id": "f156331b-003f-4068-b430-81ea09cd3acb", "embedding": null, "doc_hash": "f57303f827d859c0a43ab68e23c03a96522cd3bc7e25512b43c916883dfb6547", "extra_info": null, "node_info": {"start": 21406, "end": 25238, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "e87beadb-a87a-4450-b26e-6bc11fec887a", "3": "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e"}}, "__type__": "1"}, "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e": {"__data__": {"text": "such as AWS Add on for cloud watch log ingestion., From Admin perspective, I found user access management a little difficult. The roles of access management becomes complicated because some time the config files for that didn't came very handy. Other then that I think all in all Splunk provides fulfill all of the requirements.\nEnterprise, Capterra, Divyang S, Web Developer, 5.0, Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn. Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process. Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it., There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does. Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.\nEnterprise, Capterra, Fabiano A, Consulente IT, 5.0, Aggregare pi\u00f9 log \u00e8 fondamentale quando c'\u00e8 un flusso elevato di log. Lo trovo eccellente e rapido. Riesce a scalare senza problemi effettuando le ricerche in maniera intelligente per trovare prima i risultati. La sezione delle Dashboard \u00e8 la cosa pi\u00f9 interessante perch\u00e9 pu\u00f2 mettere insieme diversi grafici consentendo di personalizzare l'interfaccia grafica con input e bottoni., Con una grossa mole di dati e effettuando ricerche nel tempo (es 30 gg) pu\u00f2 metterci veramente tanto ma trovo che nel complesso si comporta egregiamente e ovviamente dipende da server su cui viene installato.\nEnterprise, Capterra, Chetan G., Analyst, 4.0, There are lot of features which Splunk offers - 1) We can onboard data from any server, device or system using Universal Forwarder 2) Onboarded data are later stored in Indexers and searched further in Search Head for analyzing the internal logs 3) Using the data we can create customizable Dashboards and get proper insights of data and create Alerts to identify any kind of Threat or anomalies running in environment 4) Deployment is very easy on-prem servers 5) We can also use Hybrid Deployment on Cloud as well., 1) As it give large amount of features but licensing is too high 2) There are lot of other Open Source software which can be used as alternative of Splunk as Analytic tool because Splunk is paid one.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, The ability to use this software for security operations, data analysis, creating dashboards, generating tickets and everything else, Splunk uses its own SPL, which is not very easy to learn. However, there are lots of documentation that Splunk provides to its customers. There is paid training available which is useful for beginners to learn.\nEnterprise, Capterra, David B., Production Support Clan Manager, 5.0, The system is highly intuitive to use. It is faster than other solutions I've used on the market and has a huge library of 3rd party plugins to get more from the system. It is easy to create scheduled searches, dashboards, reports etc. but there are a number of additional plugins (at an extra cost) to help with security, single pane of glass and metric collection., It offers challenges for a decentralized working model. Where Splunk is centrally managed, it is easy to ensure that best practices are maintained. Where the system is opened up for an entire department to utilize and on-board their logs, it becomes more difficult. However, with some creative thinking and good process, this issue can be overcome.\nEnterprise, Capterra, Frank M., Retireds, 5.0, Several of our applications are distributed across multiple systems. It is the same software running on each server but doing the same job for different", "doc_id": "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e", "embedding": null, "doc_hash": "bcb1cf4dd04dd2e2675f57a9879df4f3da398f3ad55f49f37b28366847f560f1", "extra_info": null, "node_info": {"start": 25222, "end": 29176, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "f156331b-003f-4068-b430-81ea09cd3acb", "3": "e0807126-e648-46de-b5c2-910e4e173d82"}}, "__type__": "1"}, "e0807126-e648-46de-b5c2-910e4e173d82": {"__data__": {"text": "multiple systems. It is the same software running on each server but doing the same job for different users. Each server would generate its own log files. When things went wrong, we used Splunk to be able to see what was going on on each server. Click a few buttons and you get two logs from two different servers listed together coordinated by time. But that leads you to discover that the issue came from a separate upstream or downstream server, then bring in those logs too . . . all coordinated by time. Don't get me wrong, the IT guys love these tools for their own enterprise reasons, but as a server stack developer, this was a resource I used OFTEN.,  I never fully grokked their SQL like language. I could do basic things daily without issue. However, I often had to hit the documentation to do anything more than a simple \"find this\" query.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Its been a while since I started using Splunk Enterprise. I love its ability to cumulate data and logs from multiple sources and correlate them to help find incidents and their root cause. It consolidates logs and manages them form a central place. It is a great tool for log analysis as it segregates data and provides in depth profiling. Splunk enterprise also automates alerts and indexes on logs received., It has a complex architecture making the learning curve quite steep\nEnterprise, Capterra, Or M., Sr. Software Eng, 4.0, Dashboards feature is amazing, I use it much. Alerts and queries are easy to set up. Mostly it works fast so it's kind of Dev friendly so it's easy to onboard the new guys, Alerts should have a better way to manage it. There should be a way to promote alerts to different environments - so we will be able to set the Dev/Stg/Prod Sometimes some things that we want to do take a while searching on the internet for a solution - they might think how to do it better - maybe some examples or better documentation\nEnterprise, Capterra, Alberto M S., CISO, 5.0, Splunk nos ha permitido fortalecer nuestras capacidades de visibilidad sobre una amplia variedad de eventos (de ciberseguridad y funcionales), dada su flexibilidad nativa para consumir, correlacionar y alertar a partir de distintas fuentes. Con ello, hemos podido detectar y reaccionar oportunamente ante aquellos eventos que representan posibles amenazas para nuestros objetivos., Algunas funcionalidades requieren componentes adicionales.\nEnterprise, Capterra, mitchelle c, Software engineer, 5.0, Through its robust log analysis and ability to collect data from different sources, we can easily perform analysis on various data and predict any future operational hazards. Splunk enterprise efficiently monitors our log activities and and gives results to any queries at faster speed than most SIEM tools., nan\nEnterprise, Capterra, Alex A., Security Analyst, 5.0, It is an easy to use solution, the implementation is a bit more difficult., So far, this is a good solution that I use every day.\nEnterprise, Capterra, Mark T., Network Admin, 5.0, We use this tool primarily as a repository for syslog messages for infrastructure. It allows us to quickly analyze the logs and patterns to determine issues based on patterns. In addition it alerts very well from text based trigger alerts. These features are very easy to use and dependable., I do not have any cons for this software. Mainly as a user it does exactly what I need it to do with no overhead and confusing interfaces.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, I think Splunk is first and best software in the field, easy to use, does what it had promised,, pricing could be better, they could be more flexible, support is a bit slow\nEnterprise, Capterra, Surabhi M.\n, Software Developer, 4.0, Best tracking and data analysis tool which help to monitor and manage the server and system component in very effective way. Real time Visualization helps to take the quick decision so that desired", "doc_id": "e0807126-e648-46de-b5c2-910e4e173d82", "embedding": null, "doc_hash": "9f7e16960a09893e2324d4096ba4e1428011a6cfd41043b8c981ca098cbfe1f0", "extra_info": null, "node_info": {"start": 29155, "end": 33108, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e", "3": "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e"}}, "__type__": "1"}, "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e": {"__data__": {"text": "in very effective way. Real time Visualization helps to take the quick decision so that desired action can be taken to avoid failure.Best data collection in the forms of log and which helps to define the best set of automation jobs to fix the issue., There are few components or observation like,1. most of the time observes the slowness in the performance.2. Sometime observe the delay in the issue or updated log reflection on the portal. 3. Need more storage to manage and maintain the lo g which impact organizational costing and budget.\nEnterprise, Capterra, neha v., Software Engineer, 5.0,  Integrates with almost all the software seamlessly..where there is a software application that produces log, splunk can be easily integrated. Gives very powerful insights into the logs Alerts can be setup on the logs, and notifications sent out which is great again for managing the health of your application, The query language, though powerful, has a learning curve. Particularly as one goes towards complex queries. If it could be made closer to natural language, it would be so much smoother to learn. Hope that will happen sometime in future.\nEnterprise, Capterra, Rob P., CEO, 4.0, We have been using splunk for over 5 years now. nothing beats splunk in the market place. The only concern we have the pricing and the resource to support it. it's just too expensive, Too expensive and it's too hard to manage. You have to find a very qualified and very expensive resource to support it.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, I'm not sure from where to start in this case. We use splunk for many things but mostly to analyze the traffic on the network / firewalls. It provides us with a nice overview of what's going on. It makes it very easy to spot spikes on the network and it will provide you also with deep analyzes. For us it's an indispensable tool, probably the best tool we have., To search for something is not always easy, however there are a lot of forums online, so finding help is not that difficult.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, If you need real-time grokking into your infrastructure, look no further than Splunk. I love love love the dashboards. It's easy to tell a story with your data, and the live search is so FAST!, SPL is a little hard to get used to, but once you get the hang of it, it's not so bad. I recommend downloading their community edition for some great examples of queries and dashboards.\nEnterprise, Capterra, Mark M, Software QA Engineer , 5.0, Splunk can give you extreme insights into how your systems and software are functioning. Not only is the search very flexible and powerful, the customizable dashboards give a status report at a glance into trends, problems and performance. You can also set up email alerts when errors occur limiting the need to have Splunk opened on your machine all the time., Splunk has a learning curve. They have extensive documentation but it isn't intuitive and some features are buried pretty deep. We have an onsite expert who holds bimonthly meetings to answer questions in a group forum.\nEnterprise, Capterra, Biswajit M., Production Engineer, 4.0, First of all you don't need to login to your servers. Just configure splunk forwarder on all of your server and have peace of mind. During outages you dont have to panic and just rely on Splunk and be sure that you will have your root cause visible in splunk.,  Kernel huge page issues, Search head clustering, Index clusetering. These features are as good as costly too. For SHC and IC it does need all same config hosts.\nEnterprise, Capterra, Mahipal Singh B., Software Engineer, 5.0, Real Time monitoring is the best feature which we like most about this software. It helps to send the notification or alerts if they are something wrong is going on in the server. So, team member can quickly resolve the issue., As of now, i don't have anything which i don't like about this software.\nEnterprise, Capterra, Parth P, DevOps Engineer, 4.0, Splunk Light is ideal for independent on-premise organization.", "doc_id": "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e", "embedding": null, "doc_hash": "8f7b91fca96dbcb9cd8aa847f451fb8d2d7a096d490a9ef8f0e917cfb89d83bc", "extra_info": null, "node_info": {"start": 33113, "end": 37179, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "e0807126-e648-46de-b5c2-910e4e173d82", "3": "5753c053-763a-41fc-881d-6bf57c1d7753"}}, "__type__": "1"}, "5753c053-763a-41fc-881d-6bf57c1d7753": {"__data__": {"text": "4.0, Splunk Light is ideal for independent on-premise organization. Augment endpoint logging. Can find and store logs from a wide range of resources. Customization of dashboards. Making applications dependent on your requirements., Complex generally design. Long execution time. The instrument needs to incorporate AI to comprehend the framework logs and alarming ought to be founded on the auto learning.\nEnterprise, Capterra, Andr\u00e9 L, System Administrator, 5.0, Ease of use, you can extract any kind of information using commands provided by the software vendor. The other good thing about this software is the easy implentation on the servers, and the configuration is basic., For people that are not used to use command lines, it might be a liitle bit difficult on the beggining.\nEnterprise, Capterra, Lina M., Senior Software Developer, 4.0, Advanced security analytics to quickly detect malicious threats within our networks and devices with rapid response and effective alert prioritization to accelerate investigation.,  Great integration to collect multiple data easily and in built-threat intelligence that helps to accelerate our investigations. Full of incredible features, there is nothing to dislike.\nEnterprise, Capterra, shaik a.\n, Associate Software Engineer, 5.0, The best thing about this software is i love its UI part and its dashboard where it provides the logs of all the enterprise application every business which has large amount of the transactions being held are required to maintain this tool and its logging and search frequency are very much loved and dash board has very colourful UI and easily understandable, There is no least about this software but we are looking for some more enhanced featured like optimisation and all\nEnterprise, Capterra, Edward H., Lead Infrastructure Engineer, 5.0, The ability to set up queries and get data back quickly is invaluable, Learning to structure queries is a bit of a challenge in the beginning\nEnterprise, Capterra, stephanie b, Software engineer, 5.0, The tool can collect all sorts of data from diffuse sources and preform advanced analytics on it. It has powerful monitoring capabilities useful in threat identification and maintaining the health of our IT infrastructure. Splunk enterprise helps us to foresee, trends through machine learning which has been a crucial to making informed business decisions., Training new users is tough, the learning curve is very steep and it gets overwhelming for them. The installation and configuration process is very long and needs a lot of time.\nEnterprise, Capterra, Mauricio B, Software Support lll, 5.0, As Dashboards s\u00e3o incr\u00edveis e precisas. Podemos criar utilizando a interface do programa ou por Comandos muito parecidos com Pl SQL., Nada a declarar, o software atende a todas as necessidades.Nada a declarar, o software atende a todas as necessidades.\nEnterprise, Capterra, mattt j., Pre-Implementation Onboarding Coordinator, 5.0, The server logs are all stored in the same location and you can easy subdivide them by application. So different servers or processes or whatever can be in different buckets. This makes troubleshooting easier., Sometimes depending on far back you are trying to go the product can be a little sluggish. Beyond that nothing.\nEnterprise, Capterra, Joevanne V., IT Security Engineer, 5.0, Splunk integrates with many different solutions. They also have pre written apps that contain pre written dashboards and other features. It can inherit logs from many products with just several clicks., Pricing model is outdated and can get really pricey really fast. It's very simple to over your daily license.\nEnterprise, Capterra, Andrea O., Office Manager, 4.5, Splunk is a great enterprise-class tool for log analysis and troubleshooting of IT systems. Its graphics capabilities allow you to easily see trends that would otherwise go unnoticed. With a single click, you can retrieve information dating back months ago. Splunk is able to handle any type of input file and this allowed us to get very rapid prototyping cycles. Compared to the competition, it has integrated AD authentication, which fits in", "doc_id": "5753c053-763a-41fc-881d-6bf57c1d7753", "embedding": null, "doc_hash": "f917180a60c935283aef630983ccec0a5c0619e853d91637314de31f8a8cb158", "extra_info": null, "node_info": {"start": 37201, "end": 41354, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e", "3": "5f2c5dca-49fb-4725-ae3e-4c1951067bdd"}}, "__type__": "1"}, "5f2c5dca-49fb-4725-ae3e-4c1951067bdd": {"__data__": {"text": "cycles. Compared to the competition, it has integrated AD authentication, which fits in perfectly with our corporate security. The software is very fast, even on second-tier hardware., The license fee is a little too high. Some sections of the support site contain outdated information. Since the Splunk syntax has changed over the years, it's quite easy to find information that is no longer relevant. The \"basic\" charting options are somewhat limited, and the \"advanced graphic\" syntax requires a charting guru.\nEnterprise, Capterra, vikas k, SAP BASIS HANA Consultant, 5.0, Sofware is really excellent and best suited for small and large scale business who would like their systems, interfaces, server space and database health check to be performed., Sometimes the Splunk alerts creates multiple tickets in ITSM tool during issue. Hence it may result in spending sometime for closure of open incidents.\nEnterprise, Capterra, Carlo T, IT Manager, 4.0, The software includes various configuration possibilities to organize and aggregate the logs of different systems. Very useful tool for monitoring IT infrastructure activities., At the moment we have found no negative aspects.\nEnterprise, Capterra, Christian R.\n, Software Engineer, 5.0, User friendly and an awesome dashboard to manage your logs and analyze your apps., It can be a little expensive but it's worth.\nEnterprise, Capterra, Virat T., Sr Security Manager, 5.0, Easy to use tool with use in IT as well as security. Further business users can be trained easily as well., Have not found one yet since I started using 4 years ago.\nEnterprise, Capterra, Satish C, Assistant Consultant, 5.0, log analysis, text patterns, statistics and graphing, Too much of programming, not easy for laymans to write queries.\nEnterprise, Capterra, Damon D, Engineering Manager, 4.0, As a software engineer, Splunk helps me debug issues in my microservice applications. The Splunk forwarders are efficient and quickly collect logging from multiple server instances. The timestamp resolution is precise making it easier to track down race conditions. The reporting and pivot tables are powerful ways to visualize frequency of api calls once you learn the syntax., Splunk forwarders that collect the data from applications can sometimes hang and need to be restarted. The amount of traffic that can be collected has maximum caps based on your subscription.\nEnterprise, Capterra, Gaurav M., team Lead, 4.0, Various insights are derived from otherwise neglected system and process logs. Library of functions is readily available to read the logs , perform string operations and scan the file. Information can be represented using numerous charts , bars and graphs. Very useful in production monitoring and alerting using email option,  I feel debugging is difficult. drop down or drag and drop functions should be made available because it's difficult to keep track and remember syntax of functions and it's usage.\nEnterprise, Capterra, Jean F., CTO, 5.0, All in one solution to collect logs, analysis, diagnose and report. The application has a nice console where it shows all the necessary information with some very nice graphics and information., Free for 500M/day but a bit expensive if you need to collect more, or have the need to have more users logging in.\nEnterprise, Capterra, harmandeep singh s., Graduate Assistant, 5.0, 1.Ease of use 2.support ad-hoc query and then analytic. 3. defining field extractor is simple and you can use it to search again. 4. It's a powerful ecosystem, 1., it's slow and maybe make system unresponsive when you search data over long time range, or large amounts of data 2. there are too much CPU cost when index too much items on Windows machine. 3. price becomes high as you scale.\nEnterprise, Capterra, Yaniv V, Director, Quality & Processes, 4.0, Splunk has excellent abilities to search and data-mine your logs. In addition, you can build dashboards on top of aggregated data in order to save precious time each time you want to have a look at your system's performance without querying from scratch., There are times in which the service experienced performance", "doc_id": "5f2c5dca-49fb-4725-ae3e-4c1951067bdd", "embedding": null, "doc_hash": "0a71025786d475b1ec47bcd925dd5d86ed1f94cd8c37ce63b1e5e5a665f9ad14", "extra_info": null, "node_info": {"start": 41339, "end": 45487, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5753c053-763a-41fc-881d-6bf57c1d7753", "3": "10e4af3c-d44a-4aff-a0dc-63907a78a16d"}}, "__type__": "1"}, "10e4af3c-d44a-4aff-a0dc-63907a78a16d": {"__data__": {"text": "system's performance without querying from scratch., There are times in which the service experienced performance issues. Sometimes they were so severe which meant you're \"blind\" since you can't access your logs.\nEnterprise, Capterra, James C., CEO, 5.0, This software puts all your logs and events in one centralized location making managing logs easier to manage., When they first started they had awesome plans and options but it has changed since the beginning. Still great\nEnterprise, Capterra, Mubasshir Ali R., Merchant Technical Support Analyst, 5.0, A very effective log analyzer and the part I love most is the infrastructure monitoring. A proactive monitor and alert generator for our Critical Production Environment., If SPLUNK enable SQL alongwith its own SPL so the generic users would have been able to work more better.\nEnterprise, Capterra, Srinivas M., Software Engineer, 5.0, Splunk makes log aggregation and log search extremely easy for micro service model architecture. UI feels easy to navigate and the query language is quite simply to learn, Sometimes log ingestion takes a lot of time , depending upon the method we use to ingest the data. Enterprise version vs on site is also an interesting choice\nEnterprise, Capterra, Nirdesh P., Senior Associate, 5.0, Can create charts / Graphs / Table for quick results, At times it becomes slow, when I use my splunk in multiple windows (i use around 6-7 splunk windows at a time)\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, troubleshooting IT problems made it easier and faster, search speed can be slow sometimes based on your query\nEnterprise, Capterra, Chris L, Sr. UNIX Systems Admin, 5.0, Many prebuilt log analysis modules. Competitive advantage over DIY solutions. Easy to setup and administer., Your costs can be high in larger installs.\nEnterprise, Capterra, Verified Reviewer\n, nan, 3.0, Makes it easy to identify trends within your environment. Once everything is aggregated it makes it easy for example, to see the knock on events of a network outage throughout the environment., Web user interface is a bit clunky. Its very polished interface, but in many cases it's style over substance. When I'm debugging an issue I want to be able to drill down into the problem fast, and the shiny interface can be sluggish and slow you down.h\nEnterprise, Capterra, Rakesh M., Manager, 4.0, The charts and visualizations that you can create in general have a good look and it has the minimum functionalities expected as a user (export, filtering, search, etc), I spent some time trying to understand the interface and functionalities but once I started to load some data and use the search I was able to see the capabilities of the product., Splunk is easy to start going but difficult to master with so many features. The query language has many analytical features that requires some learning curve\nEnterprise, Capterra, Verified Reviewer, Human Resources Unit Manager, 5.0, Splunk is a software that should be taken as an example, it is cheaper than its counterparts, which makes it extremely attractive.,  I did not feel a general lack of it because I used it for price performance, but I would be happy if more language support comes.\nEnterprise, Capterra, Karen V, Software Engineer, 4.0, I worked with a team member to integrate McAfee Endpoint Security with Splunk Enterprise so that virus scanning logs could be easily monitored. Integration was extremely smooth, and the data was nicely visualized on Splunk. There was very little delay in the virus detection logs being updated on Splunk as we performed several tests for virus scanning. As a user, it was very easy to navigate and I greatly enjoyed the usage of filters for filtering specific events that occurred., It's a great product for boosting your security posture, however the cost of the tool and additional storage was a bit steep. It was also a bit difficult to create filters for the logs, which was a necessity for our end user.\nEnterprise, Capterra, Joe E., Engineer, 5.0, After going through the free online training I was able to get this product up and running to consume Linux audit", "doc_id": "10e4af3c-d44a-4aff-a0dc-63907a78a16d", "embedding": null, "doc_hash": "441969da34e7908e3b27006a5185ea76e429818929f962c8ccb945cf9d77634a", "extra_info": null, "node_info": {"start": 45464, "end": 49602, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5f2c5dca-49fb-4725-ae3e-4c1951067bdd", "3": "d9212f2b-877e-42b3-bc44-cf84c73b8311"}}, "__type__": "1"}, "d9212f2b-877e-42b3-bc44-cf84c73b8311": {"__data__": {"text": "the free online training I was able to get this product up and running to consume Linux audit logs. Writing SPL wasn't too difficult, at least for basic scenarios. The regular expression generator is especially helpful!, The configuration resides across many different levels (default, local, and then again within the apps). Having levels of configuration is a bit of a nightmare to manage.\nEnterprise, Capterra, Faraan Q., Software Developer, 5.0,  Love the ease of being able to log various performance statistics for our applications whether it's documenting response times or any failures, Some things like figuring out the ways plunk structures it's queries for search is difficult. Seems like documentation is not very straightforward\nEnterprise, Capterra, Verified Reviewer\n, IT, 5.0,  I like that it's incredibly easy to create reports and dashboards. You don't have to even know the schema of the database it's hooked up to because splunk will guide you through the creation. I've used lots of report building software and Splunk blew me out of the water., I wished it would take SQL queries when I first started using it but I got used to their query structure quickly.\nEnterprise, Capterra, Rafael P., Administrator, 5.0, A very high-class product. Integration with other systems is great. The system can analyze a lot of information from many systems at the same time., Very good product with almost no drawbacks. I believe that the manufacturer may reduce the restrictions for the free version\nEnterprise, Capterra, Harish G., senior software developer, 4.0, ) Querying the logs with ease. 2) Statistics on the logs gives you greater insight into whats happening with your system. 3) Group error logs by type, by server.. etc. 4) Professional interface., does what it says, no question about that but learning how to query took some time in the beginning. so, a small learning curve there.\nEnterprise, Capterra, Ryan M., Sr. Linux Systems Engineer, 5.0, It very easy to jump in and learn. Installation, configuration, and administration is very easy. Use of the product such as Search/Dashboard can seem daunting at first but is actually very simple. Splunk has very good documentation and community support. I am always able to find answers to my questions by using Splunk Answers and/or the IRC channel., Licensing and pricing in general. Managing the license usage can be annoying and paying for more can be costly. There have been quite a few times where small issues with our log intensive systems have caused license violations. Scenarios like this are usually avoidable with small changes to the Splunk configuration but it can be tedious.\nEnterprise, Capterra, ArunSanthoshKumar A., Senior Staff Engineer, 4.0, INgestion of the huge volume of the data. q, Reporting commands on volume data and training documentation on the reporting.\nEnterprise, Capterra, Naveen C.\n, Senior consultant, 5.0, We use splunk to monitor the health of applications in the test and production environments. It allows to create queries to see the specific event., Pricing of the license is high especially when the number of users is more and also support from splunk is inadequate when there is a issue\nEnterprise, Capterra, Abhay T., Cyber Security Analyst, 4.0, A log forwarder tool which you can use free upto 500MB. No Development work required to provide value. You can create your own queries and event based alerts., The software is very powerful but to use those feature you will have to buy the license then you can get all those feature that it has.\nEnterprise, Capterra, Ajinkya K., Engineer, 4.5, Building a query is very easy. It's easy to understand the interface, graphs are good and can be easily exported. The dashboards are very useful., I am not sure if I am using the latest version, but the version I use sometimes would expand the text area where the query is written hard to tell if the search is still on or done. Also, sometimes it takes very long for a query to finish execution. I understand it depends on the query itself and also the amount of data, but the tool aims at getting", "doc_id": "d9212f2b-877e-42b3-bc44-cf84c73b8311", "embedding": null, "doc_hash": "a199464ee81d7983addb738dde4d9901422e0852594c9186b97540ebfafed4f6", "extra_info": null, "node_info": {"start": 49626, "end": 53734, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "10e4af3c-d44a-4aff-a0dc-63907a78a16d", "3": "5a34023f-6c80-4bc8-a9da-f80343581e69"}}, "__type__": "1"}, "5a34023f-6c80-4bc8-a9da-f80343581e69": {"__data__": {"text": "on the query itself and also the amount of data, but the tool aims at getting quicker result for a high volume of data.\nEnterprise, Capterra, Vincent L., Technical Delivery Manager, 5.0, Nous a permis de faire des dashboards sur le suivi des patching de nos VM sur le Cloud et de l'installation de Crowdstrike. Mais aussi de traquer l'utilisation du NTLM V1 pour le d\u00e9sactiver sur nos serveurs, Les query sont un peu long et prennent un peu de temps \u00e0 etre apprise\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, I love how easy it is to use and to find my data. The search engine is so fast and intuitive., This is a powerful tool and it can prepare very detailed graphs and charts. The con is that it takes more training and time to perfect your skills to create these graphs.\nEnterprise, Capterra, Jay b, Network Security Specialist, 5.0, The ease of initial setup along with the app market for add ons makes this a great product. Couple this with their support and it is so simple and great to use.,  A little overwhelming how much is out there for thi\nEnterprise, Capterra, Nico S., Director IT, 4.0, Great threat analysis combined wit log analysis and deep search pattern, Hard to configure. You need to be an expert.\nEnterprise, Capterra, Rachana P., student, 5.0, Ease of functionality and combining it with open source technologies provide a lot of features., Nothing that i dont like as of now. I think its pretty good since its easy to understand.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0, The amount of information and data that you can organize with splunk is it's best feature.,  It will take some time getting used to how create dashboards and reports so that can pull the relevant data out of splunk.\nEnterprise, Capterra, Verified Reviewer\n, nan, 4.0, Integrating spunk with other tools it is one of the best feature which splunk has. we can pull logs by integrating with other tools., Writing a query in splunk is difficult. it should customize the query for users.\nEnterprise, Capterra, Gaurav Y.\n, nan, 5.0, Main purpose of this tool for us is to monitor the logs of our application. And I can say, it is very good at this. Finding the stats, pattern out of log is very easy. You can run multiple queries job on a single application log. You can monitor job running on your logs like you can kill them, can stop particular job. It's support of sql like queries on logs is just amazing., This is a great tool, there is no disadvantage of this product but just mention you need a bit of learning to use it's all the functionality.\nEnterprise, Capterra, Nav R, Software Engineer, 3.0, Ability to search logs across processes and services - Ability to develop dashboards to Monitor critical metrics - Ability to set up alerts based on threshold values, Need to regex well in order to use the tool to its full ability - Ability to extract values out of the log statements could be simpler - Alerts usually end up being over alerting or false alerts.\nEnterprise, Capterra, Callum S., NOC engineer, 4.0, The statistics you can gather from this are very helpful in determine underlying problems within a series of devices, It requires a lot of knowledge to make the most out of it, regex is virtually essential for making the most of splunk\nEnterprise, Capterra, Vince C, IT Systems Analyst, 5.0, They have a robust platform that I have used for monitoring and analytics. There are a lot of options and customization available when using it., Because there is so much customization and options available, it can be complicated to learn.\nEnterprise, Capterra, Pradip R., Principal IT Business Systems Analyst, 5.0, Splunk is great in terms of the speed of fetching records and also very useful UI elements which helps to analyze the record faster. The tool is so user friendly that anyone can start working on the tool easily and so much capabilities that experts can also bring a lot of values after segregating the records., The technical", "doc_id": "5a34023f-6c80-4bc8-a9da-f80343581e69", "embedding": null, "doc_hash": "c5dcc7f7190731aed9269343515feeae2dd8cd432775ec217b6dd70d247c755b", "extra_info": null, "node_info": {"start": 53749, "end": 57712, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "d9212f2b-877e-42b3-bc44-cf84c73b8311", "3": "7b2071b1-da20-49e8-a91e-a277a4a90d15"}}, "__type__": "1"}, "7b2071b1-da20-49e8-a91e-a277a4a90d15": {"__data__": {"text": "that experts can also bring a lot of values after segregating the records., The technical team is okay to see the records in the JSON format. But sometimes the functional users ae not comfortable with the JSON data. They need technical assistance.\nEnterprise, Capterra, Gregory D., Service Desk Manager, 5.0, Splunk is a great way to teach tech folks about logging and how technology in the IOT world communicate. Indexing and parsing make reading code so simple and easy to identify faults., Would be nice if there were different user roles so a novice would not be overwhelmed with so much at once.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0, We first started using Splunk as a log analysis tool like many companies do but we're not getting into a number of other use cases based on how powerful and robust the tool can be for our business. They have a lot of good apps on their marketplace and the visualizations make information for less tech savvy users readily available., Starting this tool up and really getting it working takes some time, research and resources just based on the vast number of solutions it can provide. Like other tools that we use, it requires us to have good focus during planning to make sure we're not trying to do too much and instead focus on a few use cases to start.\nEnterprise, Capterra, Trang N.\n, Senior Test Engineer, 5.0, Splunk has very strong query language event complex commands like Join, subquery or aggregate which much the same with SQL query with good report UI to display result. Set Splunk system is easy with install Splunk server and its agent in every node then configure logs location to collect. It provides many built-in Apps to collect logs from other popular tools such as AWS, Salesforce, Kafka..., Splunk query language is quite hard to learn for new user and its query error is too generic for troubleshooting.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, We use Splunk to parse and catalog our system and audit logs for propiertary software we use in house. The file sizes are compact and the search is very thorough., The interface is somewhat clunky and a little hard to navigate.\nEnterprise, Capterra, Anuruddha R., Systems Engineer, 4.0, Splunk can handle huge data set and grab specific information from a data set,  It is costly but it provides great value for the money.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, What I most like about Splunk is that it assists me in creating dashboards for my teams and other teams to verify the validity of our incoming and outbound network traffic., Learning the syntax searches about it seems to very difficult and there aren't really any training guides or help on their website that I've found that assist very well with it.\nEnterprise, Capterra, Michael F., Principal Developer, 5.0, Consolidation! All logs are consolidated in one place, which makes searching and analytics better., The search features are complicated. I end up needing help every time I have to search through the logs. You need a dedicated support team.\nEnterprise, Capterra, Gumercindo B., Software Engineer, 5.0, Assurance tool for critical monitoring process, Missing helpers about configuring reports and queries\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Ease of querying logs, user friendly front end, user can create automated alerts for receiving information on current state of the data, Sometimes, becomes slow when trying to query historical data\nEnterprise, Capterra, Sunil L., Operations Manager SAP, 5.0,  This tool provides holistic overview of network and infra reports which supports RCA analysis., Too many time consuming but has detailed overview.\nEnterprise, Capterra, \u00d6zer M., Logistic Manager, 5.0, It will make it easier for you to analyze data because you can highlight the content you want to follow.,  I didn't have a bad experience. simple and useful software.\nEnterprise, Capterra, James W, IS Security Administrator, 5.0, The ability to set up alerts and reports based on logs that come in from almost anywhere and anything in our network.,  In can", "doc_id": "7b2071b1-da20-49e8-a91e-a277a4a90d15", "embedding": null, "doc_hash": "13320497298cacc7f0eee4c2783a2057e85c18b4b31cd12349a655da3fe674de", "extra_info": null, "node_info": {"start": 57700, "end": 61791, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5a34023f-6c80-4bc8-a9da-f80343581e69", "3": "02544d89-afa8-46c7-b46f-ef0dcefed681"}}, "__type__": "1"}, "02544d89-afa8-46c7-b46f-ef0dcefed681": {"__data__": {"text": "based on logs that come in from almost anywhere and anything in our network.,  In can be a bit of a bear to get set up but that is the case with almost any enterprise level software like this.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0,  It can do a lot once you figure things out-- you can run a really professional software on this platform and make it look nice as well., Super hard to get the hang of for a beginner. Don't use this if you've had no experience with computer software or coding before. Also, some of the products on the \"free trial version\" aren't available on Splunk Enterprise, which doesn't make sense, because Splunk Enterprise is more expensive?\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, GREAT ability to scale Good price Easy to set up, Can give more information than you know what to do with Learning curve\nEnterprise, Capterra, Pratik C., Technology lead, 4.0, Best tool for application event trend analysis, Effective report of logs, Useful for new users , support analyst, To generate report need some automation. Has to write query using parameters, For end users it is difficult to configure.\nEnterprise, Capterra, Matt L., IT Manager, 5.0, Price is a bit high but you get that with Splunk. The good thing is that Splunk always is trying to be competitive so this may change.It is able to be expanded easily and quickly. It is polished and designed very well. Allows my team to inspect issues quickly and pull from many different sources in our enterprise., Price is a bit high but you get that with Splunk. The good thing is that Splunk always is trying to be competitive so this may change.\nEnterprise, Capterra, Ben W., Information Systems Analyst, 4.0, There are TONS of capabilities. The software can handle a lot of data and is able to produce query results in a short amount of time., The software is difficult to use (I didn't have to set it up) and the query structure and syntax is very clumsy and non-intuitive.\nEnterprise, Capterra, Ronnie B, Lead Software Engineer, 4.0, With Splunk Enterprise, it is easy to investigate, detect and remediate threats on devices and endpoints on our network., It was full of technical overheads when we were customizing Splunk Enterprise features.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0,  I get daily reports with trending issues and potential bugs that allow me to quickly see what issues need to be addressed before they become problems. The aggregated data logging also allows me to get the additional data I need to identify the root causes of problems and share that with other team members, Sometimes it can be difficult to filter down to the level of data I need.\nEnterprise, Capterra, Bill C., Consultant, 4.0, It dominates the industry in SIEM.... People would love to hate it... it's critical in terms of looking at your logs and seeing if something is not right and you have hackers or unwanted people on your system. It's the industry leader and has all the cool features., The price.. it's expensive and you have vendor lock-in... All my clients hate it for the price, but love it for its features and leading R&D.\nEnterprise, Capterra, Rashmi, UI , 5.0, I think it's great tool to see the logs of your application with advance query search. Splunk support lots stat mechanism, also you can start multiple stats jobs on your location. It is just fabulous thing., I have been using this for last one and half year but can say a single negative point of this too.\nEnterprise, Capterra, Jeffrey M., Software Security Analyst, 5.0, Theres a certification path to using Splunk. Extremently easy to set up reports within minutes which add good value to the company. Reviewing data has been beneficial at both network and server level. Its made Devops lives easy in such a way that all teams can pull relevant information beneficial to them., There are alternatives available which make Splunk a hard sell for organizations.\nEnterprise, Capterra, Sourav H., Developer, 5.0, The simplified user interface which presents logs in a readable format. Also it's ability to quickly identify integration", "doc_id": "02544d89-afa8-46c7-b46f-ef0dcefed681", "embedding": null, "doc_hash": "99eb14e9d43328a450b3649b516ae89706b66fadd30f828efcbc85e4dbc26738", "extra_info": null, "node_info": {"start": 61798, "end": 65905, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "7b2071b1-da20-49e8-a91e-a277a4a90d15", "3": "4e1099db-41c7-43c0-836f-0d8da4edc74e"}}, "__type__": "1"}, "4e1099db-41c7-43c0-836f-0d8da4edc74e": {"__data__": {"text": "presents logs in a readable format. Also it's ability to quickly identify integration issues, A mechanism to hide system generated logs that are unimportant would be great\nEnterprise, Capterra, Rishabh D., Information Security Analyst, 4.0, Splunk Enterprise offers a variety of different functionalities from security to log management. It can be a tool that can do it all.,  The learning curve is a bit high and the training resources available do help but can be constantly out of date.\nEnterprise, Capterra, Verified Reviewer\n, nan, 4.0, 1. Awesome data crawling and retrieval 2. Great search repository formed 3. Excellent visualization charts created 4. Graphs, dashboards, charts and various options supported aiding in effective business decisions, 1. A bit expensive to use but worth it with the features it provides 2. Secure but analytics options can be further enhanced\nEnterprise, Capterra, Dilraj S, Sr. Software Developer, 4.0, Splunk provides a very flexible solution for helping you gather huge amount of data and then setting up alerts and configuring reports which helps you in converting data into an actionable insight.,  UI/UX is really good but sometimes queries for gathering data can have steep learing curve on the Splunk.\nEnterprise, Capterra, Charlie G., SE Mgr., 4.0, It's ability to query massive data sets., Fairly steep learning curve in regards to query syntax and options.\nEnterprise, Capterra, Gaurav K., student, 5.0, Hadoop analysis is good for Fixed size dataset. Splunk product captures, indexes real-time data in a searchable repository from which it can generate graphs, reports, and visualizations which are very easy and helpful to understand the data., I think there are no features which I do not like. I think during clustering I faced some problems thats it.\nEnterprise, Capterra, Cedeno A.\n, .NET Software Engineer, 4.0, Block security threats on endpoints. It enhances applications development., The price is high but the results are remarkable.\nEnterprise, Capterra, Davesh M, Junior DevOps Engineer, 5.0, Complexity of queries to discover very specific correlations, date and time range accuracy, beautiful graphing capabilities, Can be extremely slow when searching over log dense applications, indexers can quickly get overwhelmed leading to missing data\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Nice interface, and pretty easy to use once you get the hang it. In my experience its been pretty fast to pull up my searches even when there are thousands of results. It's a really powerful tool.,  I've used it daily the past months and haven't come across anything I finding deterring. Getting connected is sometimes a pain, but I think that's on my end haha.\nEnterprise, Capterra, John P., Engineer, 4.0, There are tons of apps available in the marketplace and ability to collect many different log formats, Splunk is easy to start going but difficult to master with so many features. The query language has many analytical features that requires some learning curve\nEnterprise, Capterra, Michael O., IT Manager, 4.0, Verry handy usage Fast query and result scalable Big Data No SQL good community, License is at little bit too expensive. Professional Service at Europe is not very well stuffed.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, I liked the interface, we were able to setup some addons for vmware and cisco ISE. We primarily used it for tracking where bad password attempts were coming from., The pricing is pretty darn steep. My company pays by volume of ingestion by gigabyte and that can add up pretty quickly.\nEnterprise, Capterra, Guillermo R., Security Analyst, 4.0, Very easy GUI that can be familiar just in a few days, Gathering data in simple stepts makes everything much easier.,  The docs about the product sometimes are confusing, and to learn more on google is harder because there is not much material like for example cisco, palo alto, etc.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, you can import all the", "doc_id": "4e1099db-41c7-43c0-836f-0d8da4edc74e", "embedding": null, "doc_hash": "807da9332bd4aed47b7989d6d98748739ce92af0130b2fb91fc7442859ee896e", "extra_info": null, "node_info": {"start": 65902, "end": 69914, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "02544d89-afa8-46c7-b46f-ef0dcefed681", "3": "f1a0779e-905c-4c66-9f14-c1fd473f6115"}}, "__type__": "1"}, "f1a0779e-905c-4c66-9f14-c1fd473f6115": {"__data__": {"text": "Capterra, Verified Reviewer, nan, 5.0, you can import all the data without parsing it., I never thought it. Almost all features look good. The disadvantage of the high price.\nEnterprise, Capterra, Dominic R., Systems Architect, 5.0, Hugh library of add-ons that have been pre-built by others saves you significant time - Large community (and events like Splunk Live) to help and keep you engaged - Refined interface compared to some of the free competitors, You'll like the tool so much that you'll want to throw all kinds of data into it and the cost will grow substantially! - Only pricing is by data volume, no options to pay by host, source, etc.\nEnterprise, Capterra, Artem G., Dev, 4.0, It is an excellent way to search for anything in your logs and even monitor them!, It requires some skills to configure it right, especially the distributed version.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Nice, user understandable graphs. You can analyze system logs using Splunk to identify issues with the system. It is also used to identify patterns in the performance., Can not run offline. Does not provide results via email. Need the training to get expert writing search strings using regular expressions. Large queries are a bit slow.\nEnterprise, Capterra, Gargi S., student, 4.0, It allows me to seamlessly collect and visualize all my data. Provides a greater level of insights which were not visible in custom solutions before using Splunk, Sometimes it can be overwhelming to understand all the feature sets, it is not so clearly defined, it might help to have the documentation handy before using.\nEnterprise, Capterra, Ryan S., IT Manager, 5.0, I really like the overall feel of Splunk, it integrates with many other products very well. Even has independent add-ons for Cisco and Microsoft Products., Pricing of Spunk can get very expensive. I have experience with the windows version of splunk and sometimes it can be difficult to troubleshoot.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0, While Microsoft didnt provide a centralized log monitoring for enterprise machines, Splunk filled the gap. It is good one stop console to monitor logs on your every server.,  Reports can be more user friendly and descriptive.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0, I really liked how easy splunk made it to search vast amounts of data in a short amount of time. The dashboards were pretty useful as well., Splunk is very expensive to deploy on premise. This can be a limiting factor for customers that do not want to host sensitive data in the cloud.\nEnterprise, Capterra, Edd P, Senior Analyst, 5.0, Very useful for combining log files from multiple sources and setting up predefined reports to check for errors., Free version of splunk light doesn't allow automatic notification by email of log errors. However as I have paid nothing I can't complain too much!\nEnterprise, Capterra, Verified Reviewer\n, nan, 4.0, Great application for log collection and correlation of the logs, easy for searching and working with. Support is more user based and support is helpful for issues., Not the full product, due to being free. Can be confusing if you don't use the free training offered from Splunk.\nEnterprise, Capterra, Rachael T., Network Administrator, 4.0, Splunk makes it easy to troubleshooting client connectivity. It also helps me understand if a client is continually roaming to other APs.,  I wish that it was a little more cost effective. In some ways, Splunk has so many options that it can be confusing to know how to get the information you're looking for.\nEnterprise, Capterra, Sujeet S, Technology Architect, 5.0, Its ability to process large chunks of data and transform the data to information of interest.,  Its regex builder for field extraction needs improvement.\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, The best part about Splunk is that it is incredibly flexible. Any type of log can be aggregated and its awesome to build correlation. Any thing you want to know from your data can be found with", "doc_id": "f1a0779e-905c-4c66-9f14-c1fd473f6115", "embedding": null, "doc_hash": "d4649770bd92a8cc070e9f070ccbbf88a42159e5d0d6e40a17fc5e0edc7f6d88", "extra_info": null, "node_info": {"start": 69936, "end": 73991, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "4e1099db-41c7-43c0-836f-0d8da4edc74e", "3": "f8613859-5e96-4bcd-882f-aa600feab1ff"}}, "__type__": "1"}, "f8613859-5e96-4bcd-882f-aa600feab1ff": {"__data__": {"text": "awesome to build correlation. Any thing you want to know from your data can be found with Splunk., The ability of Splunk comes at a cost, literally. There is a free edition but if you are using it in an enterprise environment, especially if there is more than one department uses it, it will be pricey. However given the functionality its still a good value for many enterprises.\nEnterprise, Capterra, Md Muhibbul C., Software Developer, 5.0, Extensive support for creating dashboard, ability to write queries to capture application logs and support to automate alert system along with Service Now incident creation., Sometimes cause issue to create false alert or miss alert because of the difference of fraction of seconds in data.\nEnterprise, Capterra, GOBINATH G., Software developer, 5.0, Splunk gives data analytics on the application usage. And it is great tool to monitor software applications, Users need to learn SPL search processing language\nEnterprise, Capterra, Stefano g., Innovation & Data sources Manager, 5.0, The time to delivery from data to analytic dashboard for IT and for business, The fact that it's time-series data oriented and that is not a general purpose application\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, I like the speed and ease to search contents., i think cost is a factor for some organizations\nEnterprise, Capterra, Jyostna S., Principal associate, 5.0, easy queries - Robust -Never fails -Resilient - easy to use and alert configurations based on the resultants and error queries, nan\nEnterprise, Capterra, Manish M., Primary/Secondary Education, Unspecified, 5.0, It's a very good tool to analyze real-time data. It also generates graphs, reports, visualizations based on the data. Product is easy to use and understand. Installation is also not that difficult., As a student I think price is high, but I think value for money is good.\nEnterprise, Capterra, Rohit V., Student, 4.0, The product installation is simple and easy to understand. The configuration of this product for a multi-node cluster is intuitive and easy to learn. Automatic suggestions popup while filtering over indexed data.,  In case of analytics, there should be at least 2000 entries.\nEnterprise, Capterra, Verified Reviewer\n, nan, 4.0, Capas de procesar gran volumen de datos a partir de m\u00faltiples fuentes, r\u00e1pido y eficaz en el an\u00e1lisis . Nos ha permitido mejorar y fortalecer todos nuestros procesos internos de la empresa y optimizar nuestros objetivos, Es un software bastante caro y no para peque\u00f1as empresas, a no ser que te dediques a ello. Puede requetir implementar algunos complementos adicionales.\nEnterprise, Capterra, Shahab V., Cybersecurity, 4.0, Splunk is an easy to navigate, search and monitor data., Bad customer service. Was once locked out of my account and never got back in.\nEnterprise, Capterra, Anindita B., Software Engineer, 5.0, It gives us proper logging data for any product and also the fact that it shows data on a timely basis. Also can import data., Nothing to be specific, it can be made for interactive maybe\nEnterprise, Capterra, Stephanie N., nan, 5.0, Beautiful design, that makes event logs fun. Intuitive design., Repetitive adjustments, I wish you could save a default time format. Resources.\nEnterprise, Capterra, Robert D., Computer Software, Unspecified, 5.0, Splunk is great for visualizing any application data that we need, and the custom dashboards feature makes it easy to have related reports and queries all in one place., I've been using Splunk for a while, and I still find the query process a bit difficult. For non-technical people, there is a steep learning curve.\nEnterprise, Capterra, Tommaso B., Financial Services, Unspecified, 5.0, I like the ease of use and installation, and how processes large amounts of data, I think the price for the amount of data handled is too", "doc_id": "f8613859-5e96-4bcd-882f-aa600feab1ff", "embedding": null, "doc_hash": "b40670255ccab1222f1e138ee650c19c2f5caf4ed1f81467bca2266880d61fe9", "extra_info": null, "node_info": {"start": 73971, "end": 77828, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "f1a0779e-905c-4c66-9f14-c1fd473f6115", "3": "ea47314c-19e1-4116-ac9a-9b436f91fd74"}}, "__type__": "1"}, "ea47314c-19e1-4116-ac9a-9b436f91fd74": {"__data__": {"text": "processes large amounts of data, I think the price for the amount of data handled is too high\nEnterprise, Capterra, Nate B., nan, 5.0, This software is great at collecting and organizing data from my companies operation.,  Initially it feels unintuitive and there is a definite learning curve. Once I learned how to navigate and manipulate the software, its features were powerful and helpful.\nEnterprise, Capterra, Nakul S., nan, 5.0, simple and easy, costly\nEnterprise, Capterra, Juan N., Consultant, 3.0, The charts and visualizations that you can create in general have a good look and it has the minimum functionalities expected as a user (export, filtering, search, etc), I spent some time trying to understand the interface and functionalities but once I started to load some data and use the search I was able to see the capabilities of the product., I did not like the limitations of the free version like the size of the data you can upload but I guess is still fair to be able to use it for free.\nEnterprise, Capterra, Sumant M., Software engineer, 5.0, It is easy to use for a novice person. Results are fast. Great product with handy features. You can get insight about your data within few clicks., I did not find the documentation really much useful as a student. Usage cost was really high for me.\nEnterprise, Capterra, Brincy M., Manager Human Resources, 5.0, It realized harmful threats quickly and i think it deserves their cost, I couldn't use it with my ipad, I think it should integrate with ipad as soon as possible.\nEnterprise, Capterra, Ankit S., Engineer, 4.0, 1. Easy to deploy 2. Lot of plugins are available which simplify monitoring work 3. Good readable logs,  I will not recommend it for the larger systems due to it's complexity, in smaller systems it works well.\nEnterprise, Capterra, Verified Reviewer, nan, 5.0, Splunk gathers a ton of information. It detects just about anything you want to know when it is configured., Creating reports that will display the information you need is challenging and the output format could be improved upon.\nEnterprise, Capterra, Verified Reviewer, nan, 4.0, With Splunk, sky is the limit, this is also a disadvantage, you have too many possibilities, Very hard and complex to configure, be ready to have sleepless nights\nEnterprise, Capterra, Denham M., IT Manager, 3.0,  Great visibility, and deep info good reporting., Setup and configuration, to get onboarded makes me reconsider the software\nEnterprise, Capterra, Tanuvir S., Consultant, 4.5, The product is neat and simple to use with a great customer support, Nothing much, maybe the pricing model. Other than that, I think it's a great product\n\nEnterprise, Capterra, Parag M., Consultant, 3.5, Nice analytics UI. Nice support system. Healthy user community., The amount of time it takes to load, performance-wise could be better\nEnterprise, Capterra, Verified Reviewer\n, nan, 5.0, Enables me to monitor for fraud and cyber security threats and risks, It is great to use but it is expensive. But worth it.\nEnterprise, G2.com, Lin L., Senior Infra Engineer, Network, 5.0, Logging is essential in enterprise networks and operations for troubleshooting., It's not easy to understand quickly from GUI, but it's helpful with log messages.\nEnterprise, G2.com, \nAnjali O., Enterprise, 5.0, Splunk is very good and efficient tools for monitoring purpose. We can add customs third party apps also to splunk that makes it more efficient. We can add customs alert and dashboard which is also cool., There is nothing in particular that I don't like about splunk but if we want to specific speak for something than having splunk on legacy architecture is more painful to handle and manage as an admin.\nEnterprise, G2.com, Verified User, nan, 5.0, It easily convert the big data into visualisations which are very helpful for the leaderships to get to know", "doc_id": "ea47314c-19e1-4116-ac9a-9b436f91fd74", "embedding": null, "doc_hash": "0c16c8f8f9b777c311ae578115bf4e9cf13f9326815ebd4c7a5e5eaa617d0a7c", "extra_info": null, "node_info": {"start": 77830, "end": 81699, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "f8613859-5e96-4bcd-882f-aa600feab1ff", "3": "652073e8-08c5-49cc-bbc4-ca70d326cd91"}}, "__type__": "1"}, "652073e8-08c5-49cc-bbc4-ca70d326cd91": {"__data__": {"text": "the big data into visualisations which are very helpful for the leaderships to get to know about their business approaches towards the goals.., It needs to include more add-on apps which are easy to integrate with all platforms irrespective of their operations like small or big solutions. Splunk also should give more options for data onboarding.\nEnterprise, G2.com, \nJohn P., nan, 4.5, Splunk Enterprise can easily handle large amounts of data from different sources without giving much thought to data format and normalization. Access to the data is done quickly and easily, and you have various tools to customize and integrate data analysis workflows for custom dashboards or use apps from the other product partners, Splunk can be expensive for as license cost is based on size of ingested data. Regex skills may also be needed to be able to properly parse certain data, which can be quite a steep learning curve.\nEnterprise, G2.com, \nvikesh b., Consultant, 5.0, Onboard any machine data, Analytics, Customization, Powerful search, Splunkbase marketplace for apps and add-ons, build dashboards/alerts/reports, Machine learning, Use it for Security/ITOPS/Business Analytics etc..., License price, Limited visualization, knowledge of Search processing language\nEnterprise, G2.com, \nMariano R., Project Manager Team Lead, 4.5, Splunk is a realy easy tool to adopt in the organization. We reach expose a great reports in a few time, The configuration to connect diferents sources may be more user frendly.\nEnterprise, G2.com, \nMadhura G., Enterprise, 5.0, It's alerting and dashboaring capabilities. Easy integration with different platforms, It's slow at times due to large amount data\nEnterprise, G2.com, \nKrishanu C., Security Analyst, 5.0, The best thing about splunk enterprise is its flexibility. It can be used to analyze data from a wide variety of sources. The User interface and design is easy to understand even for non-technical users to get started with. It's search capabilities allows me to find all the information I need quickly. Also it can easily be scaled up or down depending on organization needs. The security features such as access controls and data encryption helps in securing sensitive data., There is no doubt that splunk enterprise is a great platform. However, the cost can be a barrier for smaller organizations. The learning curve is a bit steep and some users may take some time and effort to get up to speed with the platform. Also splunk enterprise can be a resource-intensive tool and might need significant computing power and storage capacity. This can be a concern for organizations that have limited resources or that are working with large datasets\nEnterprise, G2.com, \nMunkhbaatar T., System Engineer\n, 4.0, Easy to use and most powerful system in logging, License cost is expensive. Daily log limit is so small for business\nEnterprise, G2.com, \nMohammad A., Mid-Market, 5.0, Integrate with all log sources , best virtualization for the searches and use-cases for the dashboards, It is difficult to learn on it because it is intended for professionals\nEnterprise, G2.com, \nAmit M., Security Operation Center Team Lead, 5.0, First, Splunk is very intuitive to use. it is not complex, and the Splunk documentation and courses provide comprehensive explanations on how to best utilize the system. in addition, I like that it provides the option to seamlessly dump log files, honesntly i dont see downside in Splunk. We are also using QRadar and I must say that it is way better for data analysis.\nEnterprise, G2.com, \nAmit M., Delivery Lead - Information Security, 4.5, Its a powerfull tool for any enterprise to rely on. Must say, the tool is very much user friendly,powerfull and easy to access.\n\nIts now a world leader dominating other tools., Nothing as such as of now but yes the UI could be a bit better then what it is now. Rest everything is good nothing to worry on.\n\nWhen you take it , feels like plug n play\nEnterprise, G2.com, \nAshish j., Senior Software Engineer, 4.5, Splunk is", "doc_id": "652073e8-08c5-49cc-bbc4-ca70d326cd91", "embedding": null, "doc_hash": "8dc239d4aaa49911b6a35c4c4f14ece463b5b5886f8543611fe7f8379cb6dc30", "extra_info": null, "node_info": {"start": 81697, "end": 85730, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "ea47314c-19e1-4116-ac9a-9b436f91fd74", "3": "5bd4e401-4e7b-4124-bba6-800f7b04c425"}}, "__type__": "1"}, "5bd4e401-4e7b-4124-bba6-800f7b04c425": {"__data__": {"text": "\nAshish j., Senior Software Engineer, 4.5, Splunk is awesome big data tool to get data from any source and get insight from the raw data to deliver values to the business and security., It's premium apps trainings are expensive.\nEnterprise, G2.com, \nNithin s., Application Development Analyst, 5.0, Splunk enterprise is an all in one tool for automation and log analysis. The ease of acquiring documentation and materials to contribute to your project is one of the main highlights!, I face slowness in solunk enterprise sometimes. I have encountered a few bugs like when a saved search didn't run on time. Also it's difficult to find a root cause of the problem by using internal logs.\nEnterprise, G2.com, \nSanthanabharathi B., Information Security Specialist - SOC, 4.5, Comparatively splunk provides multiple use cases for an organisation, Nothing is problem in splunk enterprise it's always good to learn\nEnterprise, G2.com, \nKhaja Salahuddin M., Senior Network and Security Engineer, 5.0, The dashboard of the splunk enterprise and in particular for security is very intuative. lots of knowledge base and learning available on internet., The pricing of the enterprise security app is high when compared to other SIEM solutions\nEnterprise, G2.com, \nManraj T., nan, 4.5, Good data analytics with the advanced parser and correlation engine. Very easy to customize, and visualization is also fantastic. Good reporting templates and log sources integration is excellent., Very hard to understand the Architecture at the beginning of solution deployment. Querying data is also needs programming skills, need to add more custom correlation rules.\nEnterprise, G2.com, \nAlaa B., Azure Kubernetes Engineer, 4.5, was easy to configure with Application like jboss and IIS for .net app\n\nalso we configured alerts for some reptative errors and we discovered it using splunk\n\nmanagement also liked it, i have 2 comments which is the language used for splunk need learning curve\n\nalso configuring splunk servers (clusters) not easy\n\nbut documentation is great also courses\nEnterprise, G2.com, \nCrysthel Jane S., Junior Software Engineer, 4.0, It is a huge help to analyze big data, and from my experience, it is suitable for cybersecurity defense., Well, as a user, what I don't like about using Splunk is that the dashboard is not a user-friendly.\nEnterprise, G2.com, \nAzar N., Information Security Engineer, 4.0, Splunk have quick search and detection ., Splunk can reduce memory and CPU usage .\nEnterprise, G2.com, \nEric R., Software Engineer, 4.0, Splunk Enterprise is incredibly powerful and useful. It can be used for many applications, can be customized for lots of use cases and has enough features to be used by many people in the org., Getting started can be somewhat tricky due to the query language and figuring out what the best set up is for your organization specifically. Sometimes speed is also less than ideal.\nEnterprise, G2.com, \nAbdul S., Sr. Penetration Tester, 5.0, Splunk Enterprise is widely recognized as a powerful and versatile tool for collecting, analyzing, and visualizing large amounts of data. Some of the key features and benefits of Splunk Enterprise include its ability to handle complex and diverse data sources, perform real-time analysis and reporting, and provide a wide range of customization and integration options. Additionally, its user-friendly interface and scalability make it a popular choice among organizations of all sizes for their big data and log management needs., some common criticisms of Splunk Enterprise include its high cost, steep learning curve, and resource-intensive nature. Additionally, some users have reported performance issues and difficulties with scalability as their data volumes increase. However, these criticisms are subjective and may not apply to all users and use cases. To determine if Splunk Enterprise is the right fit for your needs, it is recommended to carefully evaluate your requirements and conduct thorough testing and evaluation.\nEnterprise, G2.com, Verified User, nan,", "doc_id": "5bd4e401-4e7b-4124-bba6-800f7b04c425", "embedding": null, "doc_hash": "bbc1e7ab35ed71d7316d75dc3c3270586d37fe8348174c410fbb0a7a5f99bb82", "extra_info": null, "node_info": {"start": 85761, "end": 89811, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "652073e8-08c5-49cc-bbc4-ca70d326cd91", "3": "5b9c6817-960a-4fbb-ada8-c91eaea375f9"}}, "__type__": "1"}, "5b9c6817-960a-4fbb-ada8-c91eaea375f9": {"__data__": {"text": "testing and evaluation.\nEnterprise, G2.com, Verified User, nan, 5.0, One of the most powerful and versatile features of Splunk Enterprise is its advanced search capabilities. This feature allows users to perform real-time and historical searches, as well as complex queries and analysis on large datasets. This enables users to quickly and easily find the information they need and gain valuable insights from their data. Additionally, the ability to create visualizations and dashboards can help users to quickly identify patterns and trends in the data and make data-driven decisions. The machine learning and statistical modeling capabilities of Splunk can also be a powerful tool for identifying patterns and anomalies in the data, which can be particularly useful for security and IT operations use cases., I find that certain features such as the initial setup and configuration process may be complex and time-consuming, especially for those who are new to the platform. Additionally, some users may find that the cost of the enterprise version of Splunk can be high and may not be feasible for smaller organizations with limited budgets. Some users may also find that certain features such as the machine learning and statistical modeling capabilities may require a significant amount of expertise and knowledge to effectively use.\n\nIt's worth noting that the complexity in the initial setup and configuration can be mitigated with the proper planning, training and resources. And the high cost of the enterprise version can be justified by the features it provides and the value it can bring to the organization, and the expertise and knowledge required for certain features can be acquired by training or hiring experts.\nEnterprise, G2.com, Verified User, nan, 5.0, It's reporting feature and I like the most. I have CPU and memeory utilisation based reports coming to me. This helps me to mitigate the potential performance issue on servers. As a result we have minimal outages impacting business., So far so good. Earlier we were using Netcool and had had replaced it with SPLUNK. The experience is awesome.\nEnterprise, G2.com, \nDhrumil P., Assistant Sales, 5.0, Its User Friendly for beginners to maintain and come with a Built-in case management system. Also gives a response very fast for any logs which come in Splunk. It makes integration very easy for other tools and technology., The license cost of the Enterprise is prohibitive because of the budget. So the startup organization can't afford the license. It also required a very steep learning Curve. And the tricky part is Automation.\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk provides a detailed overview of notable events, web intelligence to prove web traffic in our network, automates event response, recommends proper remediation for alerts, and risk assessment with the help of risk score., All the functionalities are well designed, and SLA needs to improve some audit-compliance reporting parts to help remediation teams to remediate it properly. And also Licensing Costs.\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk platform provides great insights on the back end calls and events that takes place when an application is submitted. The best part of Splunk is it has customization to various events., At times the values corresponding to the query does not reflect, this may be due to some Splunk platform being down. But it occurs at times and that could be resolved.\nEnterprise, G2.com, Verified User, nan, 5.0, Splunk can do a lot many things which free to use SIEM tools do nothave. It comes with ML/AL inbuilt and can also be used with different data sources by default., Splunk can do a lot many things which free to use SIEM tools do nothave. It comes with ML/AL inbuilt and can also be used with different data sources by default.\nEnterprise, G2.com, \nKathan P., SOC Analyst, 5.0, Easy to maintain and comes in-built case management system. Fast response for any logs which come into Splunk. Easy integration with major tools and technology., The licensing cost for the enterprise version can be costly and may not be over budget for startups. The navigation panel needs to be improve so that we can find details easily.\nEnterprise,", "doc_id": "5b9c6817-960a-4fbb-ada8-c91eaea375f9", "embedding": null, "doc_hash": "755c61df864046890ee6ba72fa5b6ec3dbfcdd56b4daa18affa238ecb8528d9a", "extra_info": null, "node_info": {"start": 89800, "end": 94039, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5bd4e401-4e7b-4124-bba6-800f7b04c425", "3": "94bd416e-81de-4df9-9af5-eeec685ecf1c"}}, "__type__": "1"}, "94bd416e-81de-4df9-9af5-eeec685ecf1c": {"__data__": {"text": "navigation panel needs to be improve so that we can find details easily.\nEnterprise, G2.com, \nMeet S., SOC Analyst, 5.0, It's GUI very gives all the features the same as the backend as well. Also, love the case management feature as well., It is pretty costly. That's the only backdrop I see.\nEnterprise, G2.com, \nRavi P., SOC Analyst, 5.0, Splunk provides excellent service because we need to cover all the tools logs and give all the expected values also while analyzing records, it provides such an excellent service., Most probably not muck dislike, but sometimes it's taking much time for the given output of queries, but the whole scenario, it's a great product. Not another aversion from my end.\nEnterprise, G2.com, \nPramod P., Vice President, 5.0, I use Splunk every day to troubleshoot network-related issues and identify the root cause of the problems. Splunk is a great tool to correlate the event logs from multiple sources and get a deeper understanding of what is happening in your environment. Splunk is a powerful tool to visualize the events logs and highly customizable queries, get metrics and monitor any abnormality in your environment., Due to the scale of our environment, I have observed performance issues sometimes, queries are queued, and it takes time to return the query result.\nEnterprise, G2.com, Verified User, nan, 4.0, The Splunk tool is one of the most helpful tool for creating customise searching of big data from different system with correct logging and responses. Splunk is very efficient searching tool with different visualisation., I don't see any drawback expect the point that for some system is it able to display data for only 3 months or few months data. Apart from this cost is something which I would consider goes higer if we are accessing large data.\nEnterprise, G2.com, \nFilippo S., Multilingual Support Specialist, 5.0, Easy to create quick report and custom logs, The dashboard could be more streamlined and intuitive\nEnterprise, G2.com, \nVINAYAK J., Senior Network Engineer, 5.0, GUI is very easy to understand and configure.\n\nIt will not take more than 5mins to integrate with zscaler.\n\nWe can export the logs in pdf format which is very easy to read., Applying filters to search the logs because it is very difficult to apply the correct filter. Need some document for filters.\n\nEnterprise, G2.com, Verified User, nan, 5.0, Versatility and flexibility, a vast range of add-ons, great community and support, various options for different budgets, good integration options with various tools and vendors., Splunk is not easy to start up with and it requires good Linux and Systems skills. A very steep learning curve should be anticipated. Deployment automation can be hard or not possible at all.\nEnterprise, G2.com, \nNitish N., Software Engineering Analyst, 5.0, Splunk is the most effective but expensive tool for cybersecurity analysis, The one factor that I dislike in splunk is the pricing for the licence\nEnterprise, G2.com, \nPardeep K., Project Trainer, 5.0, Splunk Enterprise Security provides simplified threat management that facilitates quick threat detection and response and minimizes risk., Pricing gets a bit higher for large data volumes. The optimization of searches is more of an art than just science. Dashboard is a bit harsh as compared to tableau. It is continuously making attempts to replace it with open source alternatives.\nEnterprise, G2.com, Verified User, nan, 4.5, Fetching data & creating visualisation both in one application., There is nothing i dislike about splunk Enterprise\nEnterprise, G2.com, \nDayana P., Director, Digital Marketing, 4.5, It has an alert system that warns us in real time of any vulnerability in the system, any funnel or any error and in this way we can solve it quickly. It also allows the easy creation of custom work panels and customize the platform interface to work and have at hand, the tools we use the most., It can have a high learning curve, even for educated", "doc_id": "94bd416e-81de-4df9-9af5-eeec685ecf1c", "embedding": null, "doc_hash": "ea2430a61f147f0482bc2722557ada9a6542c73c2a90d592e5d371ba51cdd4fd", "extra_info": null, "node_info": {"start": 94025, "end": 98008, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5b9c6817-960a-4fbb-ada8-c91eaea375f9", "3": "3b28057a-a366-494d-86cb-fb4ec55da5c2"}}, "__type__": "1"}, "3b28057a-a366-494d-86cb-fb4ec55da5c2": {"__data__": {"text": "the tools we use the most., It can have a high learning curve, even for educated employees, so time is required for training. I wish that some basic functions could work without the need for internet access, no doubt my work would be faster. From the installation of the software to its use, it is a long process, because to configure it is confusing and sometimes we need the help of technical staff.\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk is easy to integrate with all other applications through agent and heavy forwarder., Need to build so many use cases for building so alerts.\nEnterprise, G2.com, Verified User, nan, 4.5, it is easy to integrate between splunk and Sophos threat Management system., Some queries for test cases should be there to help the implementation team.\nEnterprise, G2.com, Verified User, nan, 4.5, It's been quite some time since I started using Splunk and I must say it's really easy and convenient to use and clearly does its job. My company uses Splunk for log analysis and as per my experience, it's easy to get knowledge on most of the features. No hard training is required. Creating a dashboard requires some deep knowledge but once created it will be easier to understand logs. It is a really helpful tool for security analysis., Nothing much but yes, it is costly and it requires high memory uses from the system it's running on. Just because of this it is not preferred in small organizations.\nEnterprise, G2.com, Verified User, nan, 5.0, SPL is one and only, whatever you can imagine, you can do it with SPL, Data pipeline and conf files are still hard to understand if you have no enough knowledge.\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk Enterprise it is very versatile and could be integrated with a number of systems. We have used Splunk Connector in Kubernetes environment with great success. It would collect and forward all logs with ease., You need to learn what structure of data Splunk expects and modify your ingest data to that model. You also need to learn about to your environment so you know to which index you will load your data.\nEnterprise, G2.com, \nJohn P., nan, 4.5, Splunk Enterprise can easily handle large amounts of data from different sources without giving much thought to data format and normalization. Access to the data is done quickly and easily, and you have various tools to customize and integrate data analysis workflows for custom dashboards or use apps from the other product partners., Splunk can be expensive for as license cost is based on size of ingested data. Regex skills may also be needed to be able to properly parse certain data, which can be quite a steep learning curve\nEnterprise, G2.com, Abdul S., Sr. Penetration Tester, 5.0, Splunk Enterprise is widely recognized as a powerful and versatile tool for collecting, analyzing, and visualizing large amounts of data. Some of the key features and benefits of Splunk Enterprise include its ability to handle complex and diverse data sources, perform real-time analysis and reporting, and provide a wide range of customization and integration options. Additionally, its user-friendly interface and scalability make it a popular choice among organizations of all sizes for their big data and log management needs., some common criticisms of Splunk Enterprise include its high cost, steep learning curve, and resource-intensive nature. Additionally, some users have reported performance issues and difficulties with scalability as their data volumes increase. However, these criticisms are subjective and may not apply to all users and use cases. To determine if Splunk Enterprise is the right fit for your needs, it is recommended to carefully evaluate your requirements and conduct thorough testing and evaluation.\nEnterprise, G2.com, \nKrishanu C., Security Analyst, 5.0, The best thing about splunk enterprise is its flexibility. It can be used to analyze data from a wide variety of sources. The User interface and design is easy to understand even for non-technical users to get started with. It's search capabilities allows me to find all the information I need quickly. Also it can easily be scaled up or down depending on organization needs. The security features such as access controls and data", "doc_id": "3b28057a-a366-494d-86cb-fb4ec55da5c2", "embedding": null, "doc_hash": "6782b93c0072bd8c3b39bbcd98a836f617436740f364f66c5cd463e2f57f8c3a", "extra_info": null, "node_info": {"start": 98016, "end": 102279, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "94bd416e-81de-4df9-9af5-eeec685ecf1c", "3": "84838ed9-c928-4a9e-acd8-8641b036fa23"}}, "__type__": "1"}, "84838ed9-c928-4a9e-acd8-8641b036fa23": {"__data__": {"text": "up or down depending on organization needs. The security features such as access controls and data encryption helps in securing sensitive data., There is no doubt that splunk enterprise is a great platform. However, the cost can be a barrier for smaller organizations. The learning curve is a bit steep and some users may take some time and effort to get up to speed with the platform. Also splunk enterprise can be a resource-intensive tool and might need significant computing power and storage capacity. This can be a concern for organizations that have limited resources or that are working with large datasets\nEnterprise, G2.com, \nNithin s., Application Development Analyst, 5.0, Splunk enterprise is an all in one tool for automation and log analysis. The ease of acquiring documentation and materials to contribute to your project is one of the main highlights!, I face slowness in solunk enterprise sometimes. I have encountered a few bugs like when a saved search didn't run on time. Also it's difficult to find a root cause of the problem by using internal logs.\nEnterprise, G2.com, \nAnjali O., nan, 5.0, Splunk is very good and efficient tools for monitoring purpose. We can add customs third party apps also to splunk that makes it more efficient. We can add customs alert and dashboard which is also cool., There is nothing in particular that I don't like about splunk but if we want to specific speak for something than having splunk on legacy architecture is more painful to handle and manage as an admin.\nEnterprise, G2.com, \nAmit M., Security Operation Center Team Lead, 5.0, First, Splunk is very intuitive to use. it is not complex, and the Splunk documentation and courses provide comprehensive explanations on how to best utilize the system. in addition, I like that it provides the option to seamlessly dump log files, honesntly i dont see downside in Splunk. We are also using QRadar and I must say that it is way better for data analysis.\nEnterprise, G2.com, Verified User, nan, 5.0, One of the most powerful and versatile features of Splunk Enterprise is its advanced search capabilities. This feature allows users to perform real-time and historical searches, as well as complex queries and analysis on large datasets. This enables users to quickly and easily find the information they need and gain valuable insights from their data. Additionally, the ability to create visualizations and dashboards can help users to quickly identify patterns and trends in the data and make data-driven decisions. The machine learning and statistical modeling capabilities of Splunk can also be a powerful tool for identifying patterns and anomalies in the data, which can be particularly useful for security and IT operations use cases., I find that certain features such as the initial setup and configuration process may be complex and time-consuming, especially for those who are new to the platform. Additionally, some users may find that the cost of the enterprise version of Splunk can be high and may not be feasible for smaller organizations with limited budgets. Some users may also find that certain features such as the machine learning and statistical modeling capabilities may require a significant amount of expertise and knowledge to effectively use.\n\nIt's worth noting that the complexity in the initial setup and configuration can be mitigated with the proper planning, training and resources. And the high cost of the enterprise version can be justified by the features it provides and the value it can bring to the organization, and the expertise and knowledge required for certain features can be acquired by training or hiring experts.\nEnterprise, G2.com, \nAmit M., Delivery Lead - Information Security, 4.5, Its a powerfull tool for any enterprise to rely on. Must say, the tool is very much user friendly,powerfull and easy to access.\n\nIts now a world leader dominating other tools., Nothing as such as of now but yes the UI could be a bit better then what it is now. Rest everything is good nothing to worry on.\n\nWhen you take it , feels like plug n play\nEnterprise, G2.com, \nAshish j., Senior Software Engineer, 4.5, Splunk is awesome big data tool to get data from any source and get insight from the raw data to deliver values to the business and security., It's premium apps", "doc_id": "84838ed9-c928-4a9e-acd8-8641b036fa23", "embedding": null, "doc_hash": "b0845aa5a47a4a63d8dd655577ed285f693b438616c36ad1f6ec8dc7039a0e37", "extra_info": null, "node_info": {"start": 102262, "end": 106577, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "3b28057a-a366-494d-86cb-fb4ec55da5c2", "3": "bc7a6092-63e8-4c2a-8f18-563f5472822b"}}, "__type__": "1"}, "bc7a6092-63e8-4c2a-8f18-563f5472822b": {"__data__": {"text": "from the raw data to deliver values to the business and security., It's premium apps trainings are expensive.\nEnterprise, G2.com, \nMunkhbaatar T., System Engineer, 4.0, Easy to use and most powerful system in logging, License cost is expensive. Daily log limit is so small for business\nEnterprise, G2.com, Verified User\t\t, nan, 5.0, It easily convert the big data into visualisations which are very helpful for the leaderships to get to know about their business approaches towards the goals.., It needs to include more add-on apps which are easy to integrate with all platforms irrespective of their operations like small or big solutions. Splunk also should give more options for data onboarding.\nEnterprise, G2.com, \nDhrumil P., Assistant Sales, 5.0, Its User Friendly for beginners to maintain and come with a Built-in case management system. Also gives a response very fast for any logs which come in Splunk. It makes integration very easy for other tools and technology., The license cost of the Enterprise is prohibitive because of the budget. So the startup organization can't afford the license. It also required a very steep learning Curve. And the tricky part is Automation.\nEnterprise, G2.com, \nManraj T., nan, 4.5, Good data analytics with the advanced parser and correlation engine. Very easy to customize, and visualization is also fantastic. Good reporting templates and log sources integration is excellent., Very hard to understand the Architecture at the beginning of solution deployment. Querying data is also needs programming skills, need to add more custom correlation rules.\nEnterprise, G2.com, \nMariano R., Project Manager Team Lead, 4.5, Splunk is a realy easy tool to adopt in the organization. We reach expose a great reports in a few time, The configuration to connect diferents sources may be more user frendly.\nEnterprise, G2.com, \nRushi M., Android Developer, 4.5, Splunk Enterprise is one of the best analytics tools that I have used. Below are the key features of Splunk:\n\n- It provides the best visualization of the data.\n\n- The indexing of data is so easy.\n\n- The data can be collected from multiple sources quickly.\n\n- Alerts are the best\n\n- One can easily schedule the savedsearches\n\n- The search feature is straightforward to use.\n\n- The UI is so easy that any naive user can efficiently operate.\n\n- One can easily find out the security threat using Splunk\n\n- The documentation, The pricing of Splunk is a little high. Except costing there are no complaints from my side.\nEnterprise, G2.com, \nVerified User, nan, 4.5, Fetching data & creating visualisation both in one application., There is nothing i dislike about splunk Enterprise\nEnterprise, G2.com, \nHimanshu S., QA Architect, 5.0, Love the filter capability for logs and possibility of complex logic filters\n\nSpeed of response for search is pretty great even with days worth of logs\n\nGraph generation ability is a life saver for performance feedback and recurring issues, Complicated to get started on for a new user\n\nWould have appreciated more UI features to get results than having to do filter manually\n\nThe response could have been more easy to read for non tech users\nEnterprise, G2.com, \nRizwan K., Assistant Consultant, 3.5, Splunk is very good data analysing tool, on which we can work on comex queries in very easy way, Compare to other Bi tools, splunk lack in Visualization\nEnterprise, G2.com, \nVerified User, nan, 4.5, The possibility of creating fast parsing rules on custom logs and start analyze the data as soon as possible in a friendly and easy-to-use graphic user interface., Even if Splunk is a very powerful tool, it comes at a pretty bitter cost. If there is not enough budget, this is not a platform that you'll look after. There are a few open source solutions that can accommodate simple use-cases using less money.\nEnterprise, G2.com, Verified User ,", "doc_id": "bc7a6092-63e8-4c2a-8f18-563f5472822b", "embedding": null, "doc_hash": "eb5c01329b842b408a649f71e1fb2c47d7a13d88087660f3dfbaf836a15dd1c2", "extra_info": null, "node_info": {"start": 106591, "end": 110463, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "84838ed9-c928-4a9e-acd8-8641b036fa23", "3": "922bc878-0201-49ea-b751-5b4fde16bb6d"}}, "__type__": "1"}, "922bc878-0201-49ea-b751-5b4fde16bb6d": {"__data__": {"text": "use-cases using less money.\nEnterprise, G2.com, Verified User , nan, 2.5, VPN security.\n\nAbility to handle large data sets.\n\nFor end users accessing data, simple learning curve.\n\nConfigurability of data and reporting - There's plenty of options.\n\nSSO for ease of access.\n\nAbility to consume a variety of end points., Data visualisation looks clunky. It's not a modern UI.\n\nOn our Enterprise version, the data is bulk loaded every 24 hours and it takes a considerable amount of time to load.\n\nLoading reports can be a little slow but providing you don't mind waiting a good few seconds,it's not a big issue (just used to instantaneous data) - Likely hardware as well as software contributing.\nEnterprise, G2.com, \nDempsey W., Principal Software Developer, 5.0, We use Splunk to track transactions that flow through a dozen different service-based systems. Splunk allows us to follow the flow of these transactions and see the \"trail\" they follow as they pass through the various systems. Being able to aggregate and cross-reference data from all of our systems has been invaluable while troubleshooting problems in our systems., Having cost based on the size of the index of data is the only thing that I don't like.\nEnterprise, G2.com, \nSukanya M., Development Assistant, 5.0, SPL is the easiest language we have ever seen. Data processing is very fast to create all the glass table dashboards. Splunk machine language toolkit and ITSI brings a lot of value to the landscape for the system., The navigation menu is not designed to customize as per the organization. There is no option found to change the look and feel of the application as per the organization's internal standardization.\nEnterprise, G2.com, \nVikas K., SAP BASIS, HANA and BTP Consultant, 5.0, We can use Artificial intelligence and Machine learning capabilities using Splunk Enterprise and optimize the way of doing business. Also, Splunk Enterprise is used for alerting in case of any failover or space issue in servers., I do not see anything which I dislike about Splunk. However, we can have to alert and fix automation within Splunk itself. This would ultimately minimize the turnaround time to act on issues.\nEnterprise, G2.com, \nSANTOSH M., Senior System Engineer, 5.0, Leading industry monitoring tool for performance,data analysis,data integration , Application sensors, custom application.\n\nVirtual machines , hyper version and for cloud services., Worth using it and everything is upto the expectations.\n\nGood to have product for IT industry\n\nNeed little UI improvements and on-time patches.\n\nApart from these no Dislikes.\nEnterprise, G2.com, Verified User , nan, 4.5, it is easy to integrate between splunk and Sophos threat Management system., Some queries for test cases should be there to help the implementation team.\nEnterprise, G2.com, Verified User , nan, 1.0, Analytics engine, functionality and Dashboards., Price increase move to cloud, support flexibility.\nEnterprise, G2.com, Verified User , nan, 4.5, Splunk is easy to integrate with all other applications through agent and heavy forwarder., Need to build so many use cases for building so alerts.\nEnterprise, G2.com, \nAjay K., Lead IT Engineer, 4.5, Flexible SPL\n\nData onboarding from any source\n\nSplunk apps\n\nData analytics\n\nHigh availability, High splunk license costs\n\nHigh resources requirements\nEnterprise, G2.com, \nAditya J., Security Delivery Analyst - Identity and Access Management, 4.0, This is best tool to search, monitor the system generated data. It actually visualise the data generated every moments. It helps us to monitor the data just by seeing logs in proper categorised manner.\n\nThe best part I like about Splunk is, it is best searching tool. In my current project, we use splunk the analyse the daily logs with different categories according to the requirements.\n\nIt helps us in troubleshooting the issue which requires data to analyse in quick and simplified way.\n\nI", "doc_id": "922bc878-0201-49ea-b751-5b4fde16bb6d", "embedding": null, "doc_hash": "95fdf5afbcd46816187252abb65c0456dd2d1635c8a193d21e2c25df3f3b31a3", "extra_info": null, "node_info": {"start": 110478, "end": 114414, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "bc7a6092-63e8-4c2a-8f18-563f5472822b", "3": "5f6282df-c993-4ad6-ab4e-cc53ae5c1557"}}, "__type__": "1"}, "5f6282df-c993-4ad6-ab4e-cc53ae5c1557": {"__data__": {"text": "the issue which requires data to analyse in quick and simplified way.\n\nI mainly use this tool as log analysis and as expected it helps me very much to troubleshoot the issue., In my current organization, as per the configuration we have, I am not able to find the error logs requested on reverse proxy servers.\n\nHere in the project, we are having more than 300 servers and all the monitored and analysed by splunk only but few days ago, while troubleshooting session, I was not able to get the error logs observed on reverse proxy we have.\nEnterprise, G2.com, Verified User , nan, 4.5, reporting based upon Autopilot generated events., The inability to easily share splunk data with other tools.\nEnterprise, G2.com, \nShadab K., Lead Staff Engineer, 4.5, The best part of Splunk is also one of its key features, which is logs aggregation. You can easily aggregate your logs from multiple environments ( PROD/TEST/QA ) and find them all in one place. Also, the availability of your files in the cloud makes it even more promising due to ease of access. The ability to create custom dashboards for monitoring purposes is also a very useful feature., Sometimes, you get random errors while performing a key-value search, but that is not a show stopper. They may happen due to network or proxy errors and do not occur very frequently.\nEnterprise, G2.com, \nsarang v., Technology Architect, 5.0, Splunk's ability to monitor real-time events that happened in the logs provides users with effective monitoring, debugging, issue resolutions, event tracking, dashboard monitoring, automated jobs, and effective GUI manipulation. This ability makes Splunk the most effective monitoring tool across all the operating systems.\n\nOne can effectively use Splunk for the auditing of the data., The integration method is tricky and gives output with delays when searching for extensive data, making its user experience a little disappointing.\nEnterprise, G2.com, Verified User, nan, 3.0, SPLUNK was a nice data analytic tool till the advanced SOAR function tools emerged in the market., Lacks advanced SOAR function. Not pocket friendly as other SAS products are eg Sentinel.\nEnterprise, G2.com, Verified User, nan, 5.0, Very in-depth and informative. dashboards are easy to read and understand, No dislikes so far. it has been everything we were looking for in log aggregation\nEnterprise, G2.com, \nMubeen A., SOC - Security Engineering Lead, 5.0, Architecture, Implementation, Ease of use, features, support and user interface, I dislike the most pricing since it is a very expensive product. Also, the trainings and certifications related to the product are expensive as well.\nEnterprise, G2.com, \nArup Kumar P., Software Engineer II\n, 4.5, The logs can be categorised based on the attributes for fine-tuning the issue encountered. The logs can also be filtered based on the timeframe, not only within the same day but across a wide variety of dates within 30 days., As it loads data from the logs in real-time, the application becomes really slow. As the data is being linked directly fro the database and the local caching is not possible for this enormous amount of data, the user sometimes gets very confused whether the data is being fetched or the API failed, if a timely intimation or loader is placed in the front then it would have been really insightful.\nEnterprise, G2.com, Verified User, nan, 5.0, Onc splunk is set up with your company's data, it makes diagnosing and tracking problems and progress extremely easy. Reports, Alerts and Dashboards make learning from data easy. I was able to start using splunk my first week and have continued learning more all the time. I honestly have gotten to the point where I am convinced splunk can do anything- it's just up to me to figure it out. And the online splunk forums have always had enough examples and explana, It sometimes takes some exploring to find what you are looking for if your company has multiple splunk apps and you want to use more advanced features like", "doc_id": "5f6282df-c993-4ad6-ab4e-cc53ae5c1557", "embedding": null, "doc_hash": "544b0206eb9e3efcb7e006886c6a1c6c6e8f12cfffdc25b203625670f8d7d909", "extra_info": null, "node_info": {"start": 114410, "end": 118423, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "922bc878-0201-49ea-b751-5b4fde16bb6d", "3": "0294ad83-fd66-4219-9f09-778575cf809c"}}, "__type__": "1"}, "0294ad83-fd66-4219-9f09-778575cf809c": {"__data__": {"text": "looking for if your company has multiple splunk apps and you want to use more advanced features like lookups.\nEnterprise, G2.com, Verified User, nan, 4.0, splunk has great user interface and easy to understand documentation for implementing cluster level data sources and monitoring then in form of triggered events and it has great visulaization option to create real time and timely evet based reports, while most of the features are impressive, they can concentrate on ease of logic building in next releases\nEnterprise, G2.com, Verified User, nan, 5.0, Easy to use for non-technical users but powerful for security and operations. There are add-ons / apps for everything you could need., Managing add-ons and getting the right data in can be difficult and time consuming. Sometimes the documentation is a little vague.\nEnterprise, G2.com, Verified User, nan, 2.5, Splunk is a truly self-service platform for ingesting many disparate data sources and performs very well in benchmark tests against its competitors. The ui is high quality and easy to use, There are certain functionalities that don't come out of the box and require additional licensing if you truly want to get the best use of the tool. This process could be more transparent\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk is an enterprise performance monitoring tool to analyze the system logs. The best part of it is to give the detailed description of errs/exceptions from logs, Connecting to Splunk from the other tools is a bit complex though it monitors the whole enterprise wide app logs.\nEnterprise, G2.com, \nMatthew C., Senior QA Engineer, 5.0, It is designed for cloud-native enterprise. It enhances performance by viewing everything in the application and act on artificial intelligence-driven analytics. It collects traces and monitors apps. It gathers and analyses spans and provides fidelity. It allows you to analyze app performance along every dimension. It assists you to solve modern problems as it determines an issue before it transforms into a consumer problem. It minimizes MTTR with artificial intelligence-driven directed troubleshooting to speedily understand the root-cause error mapping and service dependencies., It can be complex when it is integrated with other tools. So, it is not best suited for large systems. It takes too much time to show the homepage and load significant features. I think there are some bugs that slow down the loading of features. Also, it is pretty expensive. The time and date editing range are somehow troublesome. The user interface is not much customizable as it is very tough to customize the design component.\nEnterprise, G2.com, Verified User, nan, 4.0, Ability to create custom dashboards.\n\nRun queries on historic data\n\nGreat monitoring tool, There is nothing in particular that I dislike about it for what its meant to do. I do understand no single tool can be a silver bullet\nEnterprise, G2.com, Verified User, nan, 5.0, Only platform to bring any data in any format without caring about structure of data and ability to do anything with it, Splunk TA for stream still have known issues with reoccur again and again\nEnterprise, G2.com, \nNate S., Software Engineer, 4.0, Makes it easy to gain insights from large volumes of log data., Query language can be complex and unintuitive, specifically when it comes to properly quoting strings\nEnterprise, G2.com, \nmugdha j., Student, 4.5, It is an out of world experience to get logs using splunk. One would never understand how Splunk makes troubleshooting so easy. It makes understanding the architecture really easy., Sometimes some queries can take some time to run in different modes but it still provides a very efficient result for any scenario.\nEnterprise, G2.com, \nIgor G., Security Engineer, 5.0, Possibility to correlate events and logs, custom dashboards available., Not easy to develop custom apps for ES, more documentation will help\nEnterprise, G2.com, Verified User, nan, 4.0, We use Splunk to screen our framework including DHCP, DNS and organization-wide occasions. Quite possibly the main thing for", "doc_id": "0294ad83-fd66-4219-9f09-778575cf809c", "embedding": null, "doc_hash": "db0be8266af2ca4fe7491836cde6d9da7460b82b376217756156ac6780f27f5a", "extra_info": null, "node_info": {"start": 118402, "end": 122504, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "5f6282df-c993-4ad6-ab4e-cc53ae5c1557", "3": "abb2f36a-947c-41fa-85ef-2275497140fe"}}, "__type__": "1"}, "abb2f36a-947c-41fa-85ef-2275497140fe": {"__data__": {"text": "including DHCP, DNS and organization-wide occasions. Quite possibly the main thing for us on schedule to utilize this instrument is the opportunity to screen the whole framework searching for logs and occasions in the applications or the infra. Additionally, In Splunk, we make our say to day occasions reports and pre-characterized order to synopsis and examination information. An incredible component is that you can make a config on Splunk notice rule to send quickly aware of all the group when a basic occasion shows up., Cloud adoption and cloud enhancement need innovation.\nEnterprise, G2.com, Verified User, nan, 4.5, We use this across our different departments for security, host monitoring, data intelligence, vulnerability and threat actor collections, correlation, alerting and much more., The biggest complaint I hear is 2-fold: It's expensive and it's hard to learn. Both of these are true, but opposed to some competitors, this is just more baked and better. The cost can be justified and it's a leader in various vendor rubrics.\nEnterprise, G2.com, \nSWAPNIL T., SQL and dotnet Developer, 4.0, The best part of this tool is this supports the log monitoring on the multiple OS platform and provides the alerting on the basis of the log information which helps organization to check multiple anomalies happen in the systems.\n\nAlso this tool is greatly support the next generation tool and cloud concept its really impressive to continue monitoring on the authentication and many more aspects., As this tool is work on the log file and use it for automation and alerting the storage of this log files make more burden on the organization costing and maintaining also makes difficult.\nEnterprise, G2.com, \nVerified User, nan, 3.0, The easy-to-use interface and the community support. The product documentation is good, and therefore the learning curve is not too steep, For a simple log query, the solution needs you to write a few lines of query. Smart query suggestions would be welcome\nEnterprise, G2.com, \nFrancisco M., Software Engineer, 5.0, The ability to use XML to create and style your own dashboards., To get the most out of the app a lot of people with different skill sets need to be involved and with the same goal in mind, for example, the observability engineers are the ones in charge of the maintenance and setup of the Splunk platform and data, while the backend engineers are the ones that implement the logs caught by Splunk. The frontend engineers need to look into the available logs and see what information from there is useful to create a dashboard that can be used for ourselves or for the product owners.\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk is very robust with being able to search network traffic, create dashboards and automate reports and alerts. It allows users and admins to solve many problems. Our company has created several alerts for when people on the network download any files that look like they could be a virus, or if they are using illegal software, or trying to login with wrong passwords constantly., There is a large learning curve to being able to use Splunk and be able to understand what the data you're looking at filter through it all to find what you need. It's very good if you know what you're doing, which there is documentation for, but if you don't have lots of networking experience and knowledge it's easy to be lost and overwhelmed.\nEnterprise, G2.com, Verified User, nan, 3.5, Super easy to write powerful queries to find the right data., The queries can sometimes become hard to comprehend when they are longer.\nEnterprise, G2.com, Verified User, nan, 4.5, The ease of splunk queries to extract reports out of logs, Splunk can be little slower in extracting reports of the data is huge\nEnterprise, G2.com, Verified User, nan, 4.0, its easy to install\n\nits work on windows and ios\n\nits searching is fast, its difficult to learn spl\n\nits require high computational power devices\n\ncourse fees is too high\nEnterprise, G2.com, \nMubasshir Ali R., Mid-Market, 5.0, Splunk makes", "doc_id": "abb2f36a-947c-41fa-85ef-2275497140fe", "embedding": null, "doc_hash": "ee840677343636c5902048cfe79f91c25ff6b879661aeb29840aa56cff5022c1", "extra_info": null, "node_info": {"start": 122513, "end": 126576, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "0294ad83-fd66-4219-9f09-778575cf809c", "3": "905ad1ac-118c-467b-8a79-3df2be677e83"}}, "__type__": "1"}, "905ad1ac-118c-467b-8a79-3df2be677e83": {"__data__": {"text": "\nMubasshir Ali R., Mid-Market, 5.0, Splunk makes it easier to search through various data including logs. I was used to fetch the details through logs in order to find the one lines among the 100 of thousands of lines. Now it become as easy as ABC also the infrastructure monitoring is cool. We have integrated this with Slack to get the alerts real-time., It has its own SPL, if they enable SQL too so that it will be heaven for the tech guys.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk's power to extract meaning from machine data is unparalleled., If I could add something to Splunk it would be more visualizations or integration with something like R.\nEnterprise, G2.com, \nRashmi K., Senior Consultant, 3.5, Debugging becomes easier with all data logged in splunk and various search / indexing options, You need to write queries for most of searches\nEnterprise, G2.com, \nSumanjit R., Assistant Consultant, 5.0, The easy integration. just include Splunk libraries in your code, use the methods/functions to log and you are good. Dash-boarding is easy too., It does not have the capability to take action on thresholds.\nEnterprise, G2.com, Verified User , nan, 4.5, This is a needed application for the IT organization to manage their infrastructure which consist of physical computer devices, web servers (cloud), sensors, etc. Manage means, centralized monitoring and analyzing. In the past we used Splunk for only log monitoring and log analyzing (syslog server). But, what we are seeing is more advance and it is with the SIEM capabilities. It now have real-time visibility, advanced dashboards, analyze any kind of data, advance filtering, flexible GUI in configuration & maintenance, and AI & Machine Learning for threat prediction.\n\nFinally, it is very user friendly. We can modify the dashboard, log search queries, filters, alert/alarm rule, threat filters, and configure with multiple devices easier and quickly., nan\nEnterprise, G2.com, Verified User , nan, 5.0, you can have dashboards and alerts with minimal effort, regex to support globs should be there..\nEnterprise, G2.com, Verified User , nan, 4.5, It is the best tool to analyze the logs based on different charts and visual graphs. It has good plugins to help with security and auditing. I have created multiple dashboard and customized alerts to monitor system health. It has great integrations with slack and emails to trigger alerts and notifications., As we have big infrastructure and a lot of logs gets consumed in splunk on daily basis, the user interface becomes slow for query search results. Splunk query builder needs technical knowledge beforehand otherwise understanding error message for a non technical person is a challenge.\nEnterprise, G2.com, \nMaya P., Fraud Portfolio Manager, 4.0, I enjoyed that Splunk had all details for transactions; i.e. time, date, processor, exp date, PII, how & where the transaction was processed, device ID, etc. It also shows the initially authorized dollar amount of the transaction and if it was captured for a different amount., Splunk can be very complicated to navigate and use for identifying a particular transaction. I often had to ask someone for assistance when attempting to search for something in particular or to understand fully what I was reading. There's definitely an overload of data and you can get lost looking for one or a few transactions.\nEnterprise, G2.com, \nNiti P., Voice and Video Engineer, 3.0, The cloud splunk is easy to use and data storage is amazing.This is the biggest advantage of the product., Inspite of being an amazing giant for data capturing and analysis, I dislike its capability to support IPv6 only infrastructure. Also they have no roadmap yet to go towards supporting it. SO this is the biggest limitation of the product as far as I am converned.\nEnterprise, G2.com, \nShilpi A., Senior Software Engineer, 4.5, Splunk Enterprise provides the best analytics of the", "doc_id": "905ad1ac-118c-467b-8a79-3df2be677e83", "embedding": null, "doc_hash": "ee50c92a72d96c75ca953461207de17ba19bed470f9c97aca2c697970bac4244", "extra_info": null, "node_info": {"start": 126610, "end": 130548, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "abb2f36a-947c-41fa-85ef-2275497140fe", "3": "bee4eada-eeec-40eb-bda2-271f40acfaba"}}, "__type__": "1"}, "bee4eada-eeec-40eb-bda2-271f40acfaba": {"__data__": {"text": "Software Engineer, 4.5, Splunk Enterprise provides the best analytics of the log. The best feature of Splunk are as follow:\n\n- It provides the best visualization of data.\n\n- ANy new user can easily onborad. The UI is very simple to learn.\n\n- The Splunk provides the various support to the product likes the Salesforce, ServiceNow and Cisco.\n\n- For all the above product there are apps and add-on created, so that one can easily visualize the data.\n\n- Splunk documentation is very descriptive and easy to understand.\n\n- One can ask the question in splunk answer.\n\n- The help community is very active and always ready to help.\n\n- The Splunk provides the best charts and dashboard., Splunk Enterprise provides the best feature of data analytics. The Splunk can improve their app formation as sometimes the app takes so much of memory of computer.\nEnterprise, G2.com, \nVerified User, nan, 5.0, functionality and customization, splunk allows expert (admin) used to edit the functionality and customize the instance as per any clients requirements, should work more on providing ready add-ons for the not soo common security appliances\nEnterprise, G2.com, \nArjun P., Systems Engineer, 4.5, Splunk tool really helps in debugging issues easily and it provides a great platform for analysis.\n\n1. Easy to use queries.\n\n2.Easy to access historical data\n\n3. Easy to setup.\n\n4.provides app specific details\n\n5.easy to analysis the whole statistics of the data.\n\n6. Good visualization box integration., NA. Never faced any issue or dissatisfaction while using the application.\n\nThe whole application can be made responsive and optimal so that users need not wait to get the response of one query.\nEnterprise, G2.com, \nVerified User, nan, 5.0, We like the splunk dashboard and quick searching of logs. Faster indexing and searching of logs., The UI is dated and needs to be refreshed with new features for dashboard etc.\nEnterprise, G2.com, \nNainika S., Software Engineer\n, 4.5, Splunk has many features since I'm using it as its very useful while accessing analytics report of specified time period for specific type of pattern which insists in your server log. Very useful while extracting request and response log in block of XML's. There are still lot's of thing which can't be explained in such few words but I would suggest if you use it for once then you will forget everything., Ah, Really is there anything which you don't like? from my perspective simply NO. I appreciate hard work of Splunk team memers for the awesome interface and design pattern for getting your requirement fulfilled.\nEnterprise, G2.com, \nVerified User, nan, 4.5, I loved this tool for log extraction directly from the server and those shortcuts which is used to filter servers logs are very useful. Easy to get all the information at one place only like host, server name, source , folder , path information etc in just a single click., Copy mechanism is not that much good because if you copy one block of log first it takes very time and fluctuate the screen so I didn't feel very good while copying logs directly from splunk.\nEnterprise, G2.com, \nashish s., Consultant, 4.5, the ease of use and coverage of the tool, initial setup had some challenges but with professional help we found some quick solutions\nEnterprise, G2.com, \nSourav S., Network Consulting Engineer, 4.0, The scalability and ease of deployment. it supports almost all hardware., There are few bugs in integration environment.\nEnterprise, G2.com, \nJoe L., Cyber Security Deputy Manager / Cyber Engineer, 3.5, Splunk offers a high level of granular detail whilst searching through event logs, The presentation of the information can be daunting upon first sight.\nEnterprise, G2.com, \nVerified User, nan, 4.5, Splunk is a great tool for data analysis and mainly log monitoring.\n\nYou can ingest a very high amount of raw data in it and is does it very", "doc_id": "bee4eada-eeec-40eb-bda2-271f40acfaba", "embedding": null, "doc_hash": "536c42fe6009b44d6d7ab84a8564dc70f09166f790c58bc3f85c35419f566632", "extra_info": null, "node_info": {"start": 130525, "end": 134411, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "905ad1ac-118c-467b-8a79-3df2be677e83", "3": "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432"}}, "__type__": "1"}, "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432": {"__data__": {"text": "can ingest a very high amount of raw data in it and is does it very quickly and then you can have search in data using their query language.\n\nSplunk is very rich in terms of documentation which really makes you going easy.\n\nThey offer a trial version to everyone and to developer they provide free license for sometime that is a great thing., There used to be a lot of bugs in Splunk in it's initial years but it has become stable over time with version upgrades. So, no big dislike from me.\nEnterprise, G2.com, \nVerified User, nan, 3.5, Splunk is a good tool to create dashboards and measure application level performance including both Application, Network and Database layer, I found it provides limited or sometimes information thats either not required or not make much sense. May be as user, we need more training to understand it.\nEnterprise, G2.com, \nAndrew d., Data Scientist, 4.5, I like that Splunk enables users to easily tell stories with their data. They have democratized a space that was once occupied by those who knew how to code., I like that Splunk enables users to easily tell stories with their data. They have democratized a space that was once occupied by those who knew how to code.\nEnterprise, G2.com, \nLatika M., nan, 4.0, The best thing i like about splunk is the wide range of apps and addons available for the platform, the apps range for a wide range of soutions starting from AWS, salesforce, vmware, tenable etc. also the extensive complexity of the features provided by these Splunk apps are very useful for enterprise users., I wish it would provide a more stable and prominent mobile based solution for users who analyze the data on the move.\nEnterprise, G2.com, Verified User, nan, 5.0, It's way for searching the logs based on the multiple parameters and showing items in the left hand side, which enables us to add in the search query by just one click., Writing queries is bit complex. If a UI can be provided for that, it would be great and then additional feature or clauses can be added in the search index.\nEnterprise, G2.com, Verified User, nan, 5.0, Splunk is very simple to understand. Splunk provides functionalities like Data collection, normalization, visualization and alerting. I like all the functionalities because all are very simple to understand and are tightly bound with the Splunk Enterprise. I also liked the feature of adaptive response with Splunk ES. I also loved the data model functionality to provide a hierarchical data structure and retrieve the data faster., The data cleaning process in Splunk has very limited scope. You have to remove the whole data from Splunk. It will not provide you the control to remove data for a particular source type. I also disliked some of the charts which are not interactive and it has some limitation to plot ticks on the chart. Pricing is also very high compared to others.\nEnterprise, G2.com, Verified User, nan, 5.0, I see alerts of unauthorised logins along with IP. Also the best thing is I can keep track of tasks or any transaction made by employees. Each and every action performed nos logged as we have configured splunk agents on our systems., The complex structure of queries . To search for any transaction or call to webservice we will have to enter query which I feel is complex sometimes.\nEnterprise, G2.com, Verified User, nan, 5.0, the ease with which logs are accessed and read to gain valuable insights. interactive charts and bars provides good visual experience. Splunk DB connect is also one of the good feature . splunk email alerts is life saver, Hard to create index on network path. it is difficult to clear cache once the dashboard is loaded. splunk dashboard needs to be refreshed by closing out all the sessions\nEnterprise, G2.com, \nHannah O., Pharmacist, 3.5, Its easy to use, pretty self explanatory, No complaints, it does what our institution needs it for.\nEnterprise, G2.com, Verified User , nan, 4.0, Splunk is really helpful for business monitoring different aspects of your business. It also can used for data analytics which is important", "doc_id": "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432", "embedding": null, "doc_hash": "58777cb35c43639ffad6960af040712ce76a5f7ec26316efbf6f1d5c2ff09d46", "extra_info": null, "node_info": {"start": 134426, "end": 138505, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "bee4eada-eeec-40eb-bda2-271f40acfaba", "3": "37038a26-361a-4824-b412-45da3a50aa13"}}, "__type__": "1"}, "37038a26-361a-4824-b412-45da3a50aa13": {"__data__": {"text": "monitoring different aspects of your business. It also can used for data analytics which is important when making decisions that can affect the organization., Splunk can sometimes be a bit clunky. There are slow response times and getting access to use the cloud based site can sometimes be difficult.\nEnterprise, G2.com, \nAbhishek R., Software developer, 3.5, While writing queries you refine and build the searches is very helpful. Creating dashboard and graphical representation is easy.Creating Alerts and and setting intervals/cron schedule is quick. extraxting fields using auto regex is very helpful.Saved searches sharing in a secure manner. Sharing them in read-only formats like PDFs using database connection. Exporting data into XML and JSON format is what i uses while transferring or upload into a different infrastructure/system., Sometimes its very slow, not sure may be due to large amount of data .\n\nWhile query is very big we should have a separate editor in place writing in query editor.\n\nSome time fetching specific fields using extract field feature may not give what you need.\n\nSometime searches take little extra time to understand, mainly regular expressions and to new users.\n\nWould be nice if data compression of data stored on disk can be optimized.\nEnterprise, G2.com, Marty B., Network Security Engineer, 4.0, Splunk is a great tool, and allows you to do a full search of whatever you would like to find in any log., Ease of use\n\nTakes lots of training to be fully prepared\n\nNot user friendly at times\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk is a great tool to monitor the logs.\n\nEasy to deploy\n\nGood documentation and support.\n\nHelps to identify performance related issues., None but would definitely help if it has additional features\nEnterprise, G2.com, \nLuca C., Senior Betting & Online DB Administrator, 4.0, One of the most common problems when working in medium or large companies is to be able to analyze certain types of cases and certain problems occurred in a given period, however, without knowing what was causing the problem because certain items and factors may be manifold due to the use of different technologies involved simultaneously on the same subject or on the same transaction.\n\nInside a complex infrastructure is not easy to analyze which single component (for example, application, database, server, network device, etc..) was the cause of a problem often it requires analysis by different departments, thanks to the use of Splunk the control management and the analysis of the issues is centralized in one software.\n\nThe analysis are facilitated through the use of various detailed dashboards.\n\nVery convenient are the automatic alerts and triggers., The cost of the product is high.\n\nThe usability for novice users is not really easy, but reading a little bit of documentation and studying a bit the syntax of the search the user is able to do a lot of query.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk has been paramount in us gaining information from our log data, it has the ability to very quickly parse and understand the data. Once you parse the log data creating visualizations is easy and they can be grouped into dashboards which is quite convenient.\n\nFor us this brings the following business benefits:\n\n- We can quickly and easily see/get alerted of any issues in our running system\n\n- Stakeholders can see the performance and usage of a given system.\n\n- Developers can monitor a system and gain insights which drive optimization., Learning the Splunk query language takes some time. It is powerful and relatively intuitive but there is definitely a learning curve there. In the past, there were a few cases where we had issues with duplicated log data, figuring out why and removing it was quite the effort.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is very easy easy to use. just needs a query and since the data ic connected to server, it automatically pulls up the data and generate the report based on the requirement. different type of visualizations like pie chart, bar graph, etc can be used., Eventhough the spunk query language is simple however we need to learn a new language. Splunk does charge a pretty", "doc_id": "37038a26-361a-4824-b412-45da3a50aa13", "embedding": null, "doc_hash": "f6d93dcf36d07bb1baf418d7d76c433e21445f431b05831f8a7fd73bf23c6ef5", "extra_info": null, "node_info": {"start": 138472, "end": 142691, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432", "3": "63f92bda-3680-476a-89b7-240dad4835c4"}}, "__type__": "1"}, "63f92bda-3680-476a-89b7-240dad4835c4": {"__data__": {"text": "query language is simple however we need to learn a new language. Splunk does charge a pretty penny for the higher levels of certification. But the cost paid to value earned is totally worth the cost of certifications needed.\nEnterprise, G2.com, \nVerified User, nan, 4.5, The ability to create and supplement source types for the data you care about. You don't have to spend hours digging through logs. You can just pull out key fields and use them as key values to report on., If I had to choose something that I dislike about Splunk it would be that I think it needs more easy to create dashboards.\nEnterprise, G2.com, \nVerified User, nan, 4.0, The way it shows the result of inventory is very helpful and helps in doing the forecasting, Not as of now. It is fulfilling all the requirements\nEnterprise, G2.com, \nVerified User, nan, 5.0, Ability to create custom dashboards and reports, Integration capability with limited number of vendors\nEnterprise, G2.com, \nVerified User, nan, 4.5, Data Analytic Dashboard, Filter Criteria for Raw Data, Data Metrics , Usage. Website monitoring and Log tracking. Generate Graphical view for presentation, Filter Data usage and best way to monitor website internally and externally., need to prepare query expression to filter data, required admin knowledge to configure tool. No readymade criteria available to avoid misleading filter criteria. No way to download representation in PPT format.\nEnterprise, G2.com, \nPrasad C., Senior Advisory Software Engineer\n, 4.5, ad-hoc analysis of logs coming from distributed application., cost is very high, there are different licences available we choose SaaS which is expensive.\nEnterprise, G2.com, \nNicholas N., IT lead, 5.0, I like how in depth splunk gets. The splunk enterprise model that we use is integrated into a reporting system that is then sent out to employees to keep track of data., I do not have any dislikes in relation to splunk usage.\nEnterprise, G2.com, Verified User, nan, 4.0, Once splunk is setup properly, from an administrative standpoint it becomes largely easy in day to day upkeep., Users experience a big learning curve at first when beginning to use the product for searches.\nEnterprise, G2.com, \nJyo J., ServiceNow Admin/Dev, 5.0, VictorOps-now owned by Splunk has provided us with an easy mechanism to escalate high priority incidents so that it may be handled on time.\n\nThis helps us restore service as soon as possible, There is nothing that I dislike about this product\nEnterprise, G2.com, \nADIL G., System Analyst, 4.0, Index search result breaks down in to several useful fields. Helps in narrowing down the search., Fields popup window does not list all results. There should be a scroll bar in popup window to scroll through all results.\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk can classify data on various forms which makes it easier to analyze logs for errors or required results, Controls for data classification are too large in number and sometimes we can't remember all.\nEnterprise, G2.com, \nSuhas R., Service Architect, 5.0, ease of use and the way how the ServiceNow tool is integrated with Splunk with just the creation of a user record, this app doesn't have an inbuilt portal of the Splunk app\nEnterprise, G2.com, Verified User, nan, 5.0, We use splunk to log errors, warning and information messages so that we can debug test env and production environment issues. It is fast and easy to use, can make graphs and tables, so handy. Can filter out information based on different attributes making it easier to find the logs that you are most interested in. Makes life easier for a developer cause some things can't be understood until live traffic hits your app., Nothing really, I like this tool. Somtimes I notice that I get 504 error on the page, or service not available errors, then I have to keep refreshing the page until it starts working again. It will be good if that does not happen, other than that, it can take sometime to retrieve", "doc_id": "63f92bda-3680-476a-89b7-240dad4835c4", "embedding": null, "doc_hash": "e1ec4ebf52b530cabee7951aa0a9f7e6f68602e2e453ebd2435cbcd9a27dcea4", "extra_info": null, "node_info": {"start": 142701, "end": 146687, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "37038a26-361a-4824-b412-45da3a50aa13", "3": "f565e74a-3b4b-425b-98ec-027ab439c3d9"}}, "__type__": "1"}, "f565e74a-3b4b-425b-98ec-027ab439c3d9": {"__data__": {"text": "if that does not happen, other than that, it can take sometime to retrieve records for a longer period of time, but thats bound to happen, I am sure they optimize the retrieval time as much as possible.\nEnterprise, G2.com, \nMatt S., IT Engineer, Sr.\n, 5.0, I like how Splunk has a rich set of data that I can pull from for all of our endpoints, At times, I struggle with wording the search properly.\n\nEnterprise, G2.com, \nAmbrosia T., ServiceNow Engineer, 3.5, The conversation that our network is having with our assets network wide is helpful to our infosec team., Nothing, it's pretty simple to set up and use!\nEnterprise, G2.com, \nKelly F., manager, 3.5, This app greatly accelerated our project and couldn't have done it with out it. We have also implemented the ITSI on splunk and needed the SN integration, nothing yet, we really haven't noticed anything\nEnterprise, G2.com, \nRitesh T., Sr software engineer, 4.5, Easy to integrate and OOB features and huge data sets. OOB plugin is easy to integrate, i dont found nothing so far so good. good product\nEnterprise, G2.com, \nVerified User, nan, 5.0, The best thing that I like about splunk is Its search are analysis engine for all of our log data, data analytical tool, comprehensive data analytics that is been provided by splunk., Till now I haven't faced any problem with this software which will incline me towards not liking this software. It automatically collects data in real time from multiple systems is one of the best feature of this software.\nEnterprise, G2.com, \nDan C., nan, 5.0, The ability to fully integrate and create flow of information from our CMDB to Splunk data warehouse., There is nothing at this time. The app installed with no issues.\nEnterprise, G2.com, \nDavid L., Sr. Systems Architect, 3.5, Using the splunk plugin to have alerts pushed into ServiceNow for incident management for quicker resolution, There are no dislikes for Splunk Enterprise\nEnterprise, G2.com, \nVerified User, nan, 3.5, i cant see any extra ordniary feature in it . it is just propose u solution to monitor your systems, there is nothing to explore. only extra cost and effort you r taking after paying too much\nEnterprise, G2.com, \nAbdoulaye F., Sr ServiceNow Engineer, 4.0, Get ServiceNows log into Splunk so we can better disect the logs, The performance can be a little better. Right now it is performance hungry\nEnterprise, G2.com, \nclayton n., Director, 3.0, ease of use. and flexibility ., complexity at times and technical skill needed\nEnterprise, G2.com, Verified User, nan, 4.0, I am using secure splunk to set up alerts , create dashboards and retrieve custom and catalina logs for application monitoring and issue debugging, This is a good tool . There were some issues faced when onboarding custom logs but rest was smooth\nEnterprise, G2.com, \nVerified User, nan, 4.5, The one thing i love about Splunk is all of your logs are in one place . Gone are the days where you need to login to each and every instance to get the logs . Splaunk not only helps to collect the logs through splunk forwarder but also helps to analyze them , create reporting , create alerting and you can integrate it with your service now or ticketing system to automate problem incident management . I love the dashoard and reporting feature for log analysis, Price and enterprise level of support . Not all splunk forwarders report to the splunk server when there is a version mismatch\nEnterprise, G2.com, \nVerified User, nan, 5.0, Very simple setup\n\nNo touching application or causing any issues whether splunk is up or down\n\nLoosely coupled with app but great view of the logs and history\n\nintegration with many different enterprise applications\n\nGreat visuals like charts\n\nWe integrated it with apache logs, jboss logs and", "doc_id": "f565e74a-3b4b-425b-98ec-027ab439c3d9", "embedding": null, "doc_hash": "6af6541350dcf65c2e5226bb4f88115383ab5a9f1ca30ca6d9eb11ea85bae1a9", "extra_info": null, "node_info": {"start": 146704, "end": 150475, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "63f92bda-3680-476a-89b7-240dad4835c4", "3": "d3a7ae68-5174-4258-8292-0a9451e8b916"}}, "__type__": "1"}, "d3a7ae68-5174-4258-8292-0a9451e8b916": {"__data__": {"text": "like charts\n\nWe integrated it with apache logs, jboss logs and endeca logs. Also you can hook up custom scripts to Splunk so it can run on some schedule and report/alert results. Lot to explore, Free version limit should be little more so small biz owners can start using it more\n\nMore video/presentations to ease customer learning\nEnterprise, G2.com, \nVerified User, nan, 5.0, It is a tool that simplifies your data and makes your duty easier, Sometimes it is needed a little more flexibility to aggregate functions of programming\nEnterprise, G2.com, \nneeha c., software engineer, 2.0, application availbilty,error logs, system alerts, too much query to write to find out the error logs\nEnterprise, G2.com, \nVerified User, nan, 5.0, Lots of value is created from the information generated by reading the logs ., Syntax are difficult. Lots of coding involved to configure and read logs.\nEnterprise, G2.com, Mittal M., Technical Support Engineer, 5.0, Splunk is a very simple and easy to use tool that Helps you and your team to analyze the information. Any data from network, servers, application. etc.\n\nThe best part I like about Splunk is that it is easy to deploy.\n\nYou can a simple utility call Splunk lite to push your data from your servers to the main Splunk engine.\n\nThe way Splunk indexes your data is very good. Which in returns good analytic results.\n\nThe report created by Splunk is very accurate. which helps my company to determine the improvement we need to do in our infrastructure.\n\nThe pricing model is very simple and reasonable.\n\nThey have very good well written online Knowledgebase articles to help use Splunk to its full use., The trial version of Splunk is very limited it only gives 500 MB do daily data indexing. As a result, it may prevent you to get an insight of all the potential you can get through Splunk.\nEnterprise, G2.com, \nTimothy V., Lead Analyst - Incident Handling and Response - Allstate SOC, 4.0, The ability to build dashboards so we can test new notable alerts. The ability to set severity levels. We like the correlation events. Ability to ingest multiple indexes and create correlated searches, as opposed to just using a wildcard search. The dashboard layout is usefull and is very customizable. Integration via ES and other plugins allows us to spend time on one single pane of glass, do a pivot investigation and drill way down into the logs that were ingested. Metadata is easy to find, the logs are parsed neatly and are relatively easy to read once you get used to them. Training is also very good, and readily available online. Certification paths are also available, The load on our search heads, some queries take forever. Sometimes we have great difficulty with getting other products to parse logs correctly into splunk. API issues occasionally. The lag in the UI when running a search. The community could use better visibility, a central repository for splunk queries would be nice.\nEnterprise, G2.com, Verified User, nan, 4.5, The ability to create and supplement source types for the data you care about. You don't have to spend hours digging through logs. You can just pull out key fields and use them as key values to report on., If I had to choose something that I dislike about Splunk it would be that I think it needs more easy to create dashboards.\nEnterprise, G2.com, Verified User, nan, 5.0, We use splunk to log errors, warning and information messages so that we can debug test env and production environment issues. It is fast and easy to use, can make graphs and tables, so handy. Can filter out information based on different attributes making it easier to find the logs that you are most interested in. Makes life easier for a developer cause some things can't be understood until live traffic hits your app., Nothing really, I like this tool. Somtimes I notice that I get 504 error on the page, or service not available errors, then I have to keep refreshing the page until it starts working again. It will be good if that does not happen, other than that, it can take sometime to", "doc_id": "d3a7ae68-5174-4258-8292-0a9451e8b916", "embedding": null, "doc_hash": "ff53d658077735453c5e8e38743b1cc97f6acd1d118765cf043ea60a664fed74", "extra_info": null, "node_info": {"start": 150484, "end": 154539, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "f565e74a-3b4b-425b-98ec-027ab439c3d9", "3": "07ac6a79-985c-411a-b6c6-5801e689afcf"}}, "__type__": "1"}, "07ac6a79-985c-411a-b6c6-5801e689afcf": {"__data__": {"text": "be good if that does not happen, other than that, it can take sometime to retrieve records for a longer period of time, but thats bound to happen, I am sure they optimize the retrieval time as much as possible.\nEnterprise, G2.com, Verified User, nan, 5.0, The best thing that I like about splunk is Its search are analysis engine for all of our log data, data analytical tool, comprehensive data analytics that is been provided by splunk., Till now I haven't faced any problem with this software which will incline me towards not liking this software. It automatically collects data in real time from multiple systems is one of the best feature of this software.\nEnterprise, G2.com, Verified User, nan, 5.0, Very simple setup\n\nNo touching application or causing any issues whether splunk is up or down\n\nLoosely coupled with app but great view of the logs and history\n\nintegration with many different enterprise applications\n\nGreat visuals like charts\n\nWe integrated it with apache logs, jboss logs and endeca logs. Also you can hook up custom scripts to Splunk so it can run on some schedule and report/alert results. Lot to explore, Free version limit should be little more so small biz owners can start using it more\n\nMore video/presentations to ease customer learning\nEnterprise, G2.com, Verified User, nan, 5.0, The ability to ingest all of our data sources natively is a huge plus for all departments of our organization., Having to learn the configurations and SPL is a little rough.\nEnterprise, G2.com, Verified User, nan, 4.0, It has so much useful features to use for log analysis, Cost per usage is too expensive. Recommended for teams with high budget\nEnterprise, G2.com, Verified User, nan, 5.0, How easy it is to search your data and find quick solutions to complex problems. It is also easy to report and alert on your data, making it easier to narrow down an issue.\n\nRunning statistics based on search results is also simple and powerful., Sometimes UI changes can cause confusion. This is just a small discomfort.\nEnterprise, G2.com, Verified User, nan, 3.0, Ease of doing data analysis and the features associated, There is nothing in the product which I dislike\nEnterprise, G2.com, Verified User, nan, 4.5, The easy of integration with other cloud applications., Nothing in specific. I love Splunk and the UI\nEnterprise, G2.com, Verified User, nan, 4.5, The one thing i love about Splunk is all of your logs are in one place . Gone are the days where you need to login to each and every instance to get the logs . Splaunk not only helps to collect the logs through splunk forwarder but also helps to analyze them , create reporting , create alerting and you can integrate it with your service now or ticketing system to automate problem incident management . I love the dashoard and reporting feature for log analysis, Price and enterprise level of support . Not all splunk forwarders report to the splunk server when there is a version mismatch\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk is a great tool to quickly analyze your logs. It really helpful to analyze and resolve your production logs quickly. There is so much you can do with splunk queries. You can see raw logs, timechart and can do visual analysis., There are events we observed some logs are missing in splunk but there is no way to trace what went wrong otherwise splunk has no shortcomings at all.\nEnterprise, G2.com, Verified User, nan, 5.0, Splunk is one of the best tool I have used so far. It is very fast for loading large amount of data. We can create our own dashboard helpful for various analysis. We can set multiple alert., I hardly see any issues with splunk, data analysis is too good but you must be good enough to write complex splunk queries.\nEnterprise, G2.com, Verified User, nan, 5.0, I like the fact that Splunk gives me information about errors, I like everything about Splunk. I love the layout as well\nEnterprise, G2.com, Verified User,", "doc_id": "07ac6a79-985c-411a-b6c6-5801e689afcf", "embedding": null, "doc_hash": "94bd6ade0f471d3500a72b69388e96963f4cb62499f314a378de256f5b1c8024", "extra_info": null, "node_info": {"start": 154534, "end": 158488, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "d3a7ae68-5174-4258-8292-0a9451e8b916", "3": "802e9005-13d7-4173-bc27-09ab95ea375a"}}, "__type__": "1"}, "802e9005-13d7-4173-bc27-09ab95ea375a": {"__data__": {"text": "I love the layout as well\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk monitors systems health to prevent and eventually predict system failure. It can alerts application and system owners of potential problems with the systems., It should be used to monitor potential malicious activity on systems. I'm not entirely sure how sophisticated the AI component of Splunk is.\nEnterprise, G2.com, Verified User, nan, 4.0, Splint is a Very good tool for studying App Dynamics., Splint is a Very good tool for studying App Dynamics. I did not find anything that is not good about Splunk.\nEnterprise, G2.com, \nChristopher H., Senior Software Developer, 5.0, Splunk language is fairly easy to learn and built-in hinting system comes in handy for beginners. Splunk can be a powerful tool providing much needed insight into servers, applications, and other business data. Building dashboards are fairly easy and can provide a quick and easy to understand view of what your data looks like., The web GUI SPL code editor isn't very customizable as far as picking a different font.\n\nEnterprise, G2.com, \nTeena H., nan, 4.0, We can troubleshoot an issue end to end with all of our logs in one console. Creation of dashboards allows a quick view of potential issues before they become impacting., The search language can be a challenge for the novice user\nEnterprise, G2.com, Verified User, nan, 4.0, Powerful log analytics tool and solid user interface. Seems to be an industry standard. Widely accepted by the IT and IT security community. Great presence in their market and industry. Knowledgeable sales people that understand the technical and business applications of their product instead of handing it off to their developers / product managers / business analysts to answer more complicated questions., The learning curve for the Spunk querying syntax is somewhat steep. I'm not sure how much the support is really geared towards beginners or those that are not familiar with logging tools. The support that is out there for learning the tool is great but the support that is out there for learning the actual querying syntax is, in my humble opinion, lacking. It might be great for those familiar with querying tools, etc. but for those new to IT tools, management, administration, etc it is not the easiest to pick up. I would recommend looking at the tutorials and youtube videos then finding somebody who is already familiar with the tool and having them walk you through it just for the basic features. That alone would help a bit\nEnterprise, G2.com, Verified User, nan, 4.5, Ability to trace the logs of the application, Lack of details around logs that are displayed\nEnterprise, G2.com, \nLinda O., Analyst, 4.0, I think Splunk is pretty easy to use and economical, It can be difficult without proper training\nEnterprise, G2.com, \nRohan S., nan, 4.5, Web interface and the support . the graphs and visualization help, honestly hard to think of something with this product the fact that its a horizontal technology .\nEnterprise, G2.com, Verified User, nan, 4.5, splunk do a great job indexing json logs and creating fields which helps to search relevant information quick and efficient., still struggling to deciper complex wuery to generate visualization\nEnterprise, G2.com, Verified User, nan, 5.0, Probably my job and it\u2019s responsibilities. Everyday it involves challenging in nature, Sometimes it gets tricky to see results using complex queries\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk Dashboards and their flexibility.It helps us in figuring out weird complicated stuff that happened and\n\nexplaining what it really meant and what to do about it., Less Documentation\n\nIt can get expensive for large data volumes.\n\nOptimizing searches for speed is more art than science.\n\nDashboards are functional but not as nice as tableau\n\nIT is constantly embarking on attempts to replace it with open source alternatives, which is a distraction\nEnterprise, G2.com, Verified", "doc_id": "802e9005-13d7-4173-bc27-09ab95ea375a", "embedding": null, "doc_hash": "d17287aed64d01e3a32e89171f3ff48b8d4d7a81c74f894dcb010a650d2934f1", "extra_info": null, "node_info": {"start": 158496, "end": 162475, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "07ac6a79-985c-411a-b6c6-5801e689afcf", "3": "e9416f76-31dd-45d1-88e8-dbefa2b7a04a"}}, "__type__": "1"}, "e9416f76-31dd-45d1-88e8-dbefa2b7a04a": {"__data__": {"text": "source alternatives, which is a distraction\nEnterprise, G2.com, Verified User, nan, 4.0, Good UI, search options, ease of use, fast., A little slow in searching long log files\nEnterprise, G2.com, \nMike B., Student System Administrator, 5.0, Easy to use, extensible, scriptable, versatile, Documentation could use work. Community support lacking\nEnterprise, G2.com, \nScott O., Business Intelligence Developer, 5.0, I love how easy it is to get data into the tool and search it., The APIs for alert scripts and custom search commands could be a little better documented.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Easy of use. Great events ingestion. Great flexibility, Old front end graphics. Price Policies not so good\nEnterprise, G2.com, \nVerified User, nan, 4.5, Splunk provides a great ease in reading the logs. Splunk is a very powerful Data Analytics platform, Most of the time we never directly upgrade new version of splunk as there is possibility of bugs.\n\nWe always need to wait a bit for latest release to be adopted at Enterprise level because of the unforeseen bugs. Good thing is one of Splunk Support, Splunk Answers Community and Slack might be able to assist with workaround or solution.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is just a great solution for managing application logs, it easily allows you to find bugs, and have enough data to find out when the bug was introduced or started appearing, the searching and reporting is so fast even with gigs and gigs of logs.,  haven't found anything I dislike about splunk yet.\nEnterprise, G2.com, \nVerified User, nan, 3.5, Splunk allows you to capture logs from numerous different types of applications, and search or filter through them very easily. You can also create very helpful dashboards, apply plugins for applications, and more., Not much to complain about really. We did hit a bug or two early on, but Splunk has since patched those, and things are operating well.\nEnterprise, G2.com, \nVerified User, nan, 4.0, Search syntax, ease of data normalization, reporting, Cost (compared to open source ELK stack)\nEnterprise, G2.com, \nCorey W., Application System Analyst\nInsurance, 3.5, Easy to find information, easy to view and understand, easy to locate information located in different locations. For queries with a long result, it minimizes the result in an expandable box for ease of viewing., Has a tendency to run extremely slow and sometimes simple changes in terminology can cause a difference in results.\nEnterprise, G2.com, \nDunstan V., Technical Architect, 5.0, The ability to ingest any sort of data. If you can work out where something you want lies in a stream of data, it can become a field. So literally anything you can get a response from becomes a data source., While you can get results really quickly in a new environment, it can take some practice until the penny drops and you can just write off a search without looking things up.\nEnterprise, G2.com, \nVerified User, nan, 4.0, Search and dashboard functions. Performance during reach in millions of records, Not easy to set up. Might be expensive. Hard to integrate\nEnterprise, G2.com, \nVerified User, nan, 5.0, It is easy to use and fast, gets the job done. Have had no problems using this software so far., Can get complicated with so many search queries\nEnterprise, G2.com, \nVerified User, nan, 3.5, Helps eliminate manual review and simplified baseline review process, Some learning curve, especially for those without strong IT background\nEnterprise, G2.com, \nVerified User, nan, 4.0, Alert options and dashboards are the best, Splunk Querying language needs learning.\nEnterprise, G2.com, \nCameron M., Platform Architect, 5.0, Splunk allows me to quick diagnose problems and in most cases prevent them for going wide spread by pulling in logs from all of the sources in our development", "doc_id": "e9416f76-31dd-45d1-88e8-dbefa2b7a04a", "embedding": null, "doc_hash": "1998b3cc8743ec8714d284c480b10c8d6c037e5b8b3cd164eca31ac112602b96", "extra_info": null, "node_info": {"start": 162463, "end": 166314, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "802e9005-13d7-4173-bc27-09ab95ea375a", "3": "d8b2233a-0cbd-4e1e-8f13-144507e0ba90"}}, "__type__": "1"}, "d8b2233a-0cbd-4e1e-8f13-144507e0ba90": {"__data__": {"text": "them for going wide spread by pulling in logs from all of the sources in our development architecture., The only thing I dislike is that it can be difficult to pull data in from a database, they make the DB Connect app, but it is does not work very well in our situation.\nEnterprise, G2.com, \nVerified User, nan, 4.0, It\u2019s good to debug production issues with ease, It is sometimes slow especially for larger time intervals\nEnterprise, G2.com, \nArtur I., Software Engineer, 5.0, Very nice user experience with a lot of graph options.\n\n\"One click\" report creator tool.\n\nIn contrast to ElasticSearch+Kibana, you get all services together., I can think only about high price of this product. Need to pay per GB/Month.\nEnterprise, G2.com, Verified User, nan, 4.0, I think it is great for the novice like me to get started and use right away, It is a little bit difficult to use and get the full benefit out of it without some database background\nEnterprise, G2.com, Verified User, nan, 4.0, What I like best about Splunk is the ease of setting up forwards and ingesting multiple sources of data from structured to unstructured. Splunk does a great job of correlating events and search capabilities are robust as long as you know the search commands. The ability to setup alerts is helpful and the out of the box filtering capabilities are useful for new analysts., What I dislike about Splunk is the slight learning curve at the beginning. Once you get the hang of how to do searches, searching becomes second hand. The product is also pricey, but you do get your month's worth so there is value in this product.\nEnterprise, G2.com, Verified User, nan, 4.0, Group search results, get stack trace, detailed query string, Hard to remember the query parameters, long list of commands to remember\nEnterprise, G2.com, Verified User, nan, 4.0, Easy to use and check the logs on servers of different environments, There should be more user friendly interface\nEnterprise, G2.com, Naomi P., Junior Citrix Engineer, 5.0, My team mostly uses it to track lockouts for users. However we also use it for VPN connection metrics, tracking active directory user accounts, and various other types of reports., It does have a bit of a learning curve to it at first, such as accidentally connecting to the wrong dashboard can leave you feeling a little lost until you find you way back to the correct app.\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk is super easy to deploy, use, and allows users to easily and efficiently manage systems and networks., Email alerts are only as good as the people that receive them, which can render the tool not as useful if there are the only alerts created.\nEnterprise, G2.com, \nLuca G., Software Engineer, 3.5, - UI options for data visualization are good. Quite flexible charts.\n\n- Transactions feature is really great (even though hard to know it even exists).\n\n- Alerting is extremely useful and very reliable., Slow and sluggish.\n\n- GUI not quickly responsive.\n\n- Proprietary query language not intuitive. Steep learning curve.\nEnterprise, G2.com, \nCody K., Sr Project Delivery Specialist, 2.5, Ease of use, UI\u2019s are awesome, simple user focused application, reduces data management time. Exports are clean and able to be shared with customers., Setting up new applications within splunk, sometimes this is tedious, but over all not too bad.\nEnterprise, G2.com, \nTiffany Nicohle B., Software Developer, 4.5, Robust features and adaptability and ease of customization, There was a bit of a learning urge for new users\nEnterprise, G2.com, Verified User, nan, 4.5, Searching for specific logs with multiple sources is great! Narrowing by timeframes is excellent., Log retrieval can be lengthy if looking for over 30 days.\nEnterprise, G2.com, Verified User, nan, 4.0, I like that I can create a dashboard for the specific report that", "doc_id": "d8b2233a-0cbd-4e1e-8f13-144507e0ba90", "embedding": null, "doc_hash": "a690d567ee60fbc7d3d723c1c17bd61d004825b3d28ab586fde6247d1295ba5e", "extra_info": null, "node_info": {"start": 166308, "end": 170162, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "e9416f76-31dd-45d1-88e8-dbefa2b7a04a", "3": "df2706de-7a67-4837-9162-5b9e36d1a8ed"}}, "__type__": "1"}, "df2706de-7a67-4837-9162-5b9e36d1a8ed": {"__data__": {"text": "nan, 4.0, I like that I can create a dashboard for the specific report that I need to pull, Sometimes I find that splunk if offline or is not capturing complete information\nEnterprise, G2.com, Verified User, nan, 5.0, Powerful tool yet easy to learn, configure and manage.\n\nUser community is very active and a great resource for questions and help with any issues one might encounter., Nothing to dislike. Support is readily available, either from Splunk or the user community, should there be any issues.\nEnterprise, G2.com, Verified User, nan, 2.5, You can query a lot of different types of data., It's slow and learning the language is not intuitive.\nEnterprise, G2.com, Verified User, nan, 4.5, Customization of queries allows us to retrieve detailed information - ability to extract information and quickly view it or export it for future reference or to provide to the customer, Not clear enough if query is not formatted properly; needs more feedback and to be more responsive when customers are trying to search to save us time\nEnterprise, G2.com, \nMir Vizarath A., Principle T3, 5.0, Ability to query data\n\n- Dashboards\n\n- Different modes to query data, this helps decide how much information you choose to see which at times is useful when reviewing several days worth of logs.\n\n- Ease of use\n\n- Flexibility for the most part,  Unable to query data past 30 days, but this looks like a limit imposed by my employer.\nEnterprise, G2.com, Verified User, nan, 4.0, This program has a simple user interface and provides information technology professionals with a vast amount of reports and resources., The main thing I disliked was the large amount of parameter that can be entered when searching. Can be difficult to remember\nEnterprise, G2.com, Verified User, nan, 4.0, Collation of different sources/types of data, The price tag is a little hefty if you're just looking for a simple way to collect and search logged data\nEnterprise, G2.com, \nVidhya A., nan, 5.0, Splunk provided me a platform to analyze both infrastructure loads and Application performance for quick troubleshooting saving loads of time. Versatile Apps at Splunk base helped me in better configuration and enhanced Visulaization of the KPIs of my application, developing python scripts for search parsing\nEnterprise, G2.com, \nAntonio I., Cloud & Hybrid IT Monitoring Specialist | Delivery Consultant at Almaviva TSF, 4.0, Splunk's core offering collects and analyzes high volumes of machine-generated data. It uses a standard API to connect directly to applications and devices. Perfectly integrated for the google CLOUD, There are no problems related to product stability. Management Reporting very beautiful.\nEnterprise, G2.com, \nVerified User, nan, 4.5, Having all the logs in one place. Creating dashboards, alerts and monitoring., Writing complicated queries needs some learning.\nEnterprise, G2.com, \nMegha S., Sr Engineer, 4.0, Easy access, log analysis, charts, queries, easy interface. best monitoring system, real time logs.\n\nreal time alert trigger . easy to get history data from the tool. speed performance.\n\naccurate analysis, best features of monitoring, can interface with many other tool., Nothing much. everything is more easy and useful in tool. no negative feedback as of now.\nEnterprise, G2.com, \nJason B., IT Administrator\n, 5.0, Very organized and allows you to find what you are looking for very quickly. Love using Splunk and will continue to do so for as long as I work here, Nothing that I can think of that I don't like about this program, it's excellent and I love using it\nEnterprise, G2.com, \nVerified User, nan, 3.0, I've used several monitoring told and Splunk is just like every other. It works as well as it is configured., Misconfiguration can lead to complete network bandwidth saturation very quickly.\nEnterprise, G2.com, Verified User, nan, 5.0, It's scalable. We started with a small standalone installation with a", "doc_id": "df2706de-7a67-4837-9162-5b9e36d1a8ed", "embedding": null, "doc_hash": "0c97ccff5e23b7c1363113e0b8bd46425ca34a32715f29f25a1e152e2ea294f3", "extra_info": null, "node_info": {"start": 170174, "end": 174103, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "d8b2233a-0cbd-4e1e-8f13-144507e0ba90", "3": "343f4d90-69d0-4aed-87d9-6c7896f18cdf"}}, "__type__": "1"}, "343f4d90-69d0-4aed-87d9-6c7896f18cdf": {"__data__": {"text": "It's scalable. We started with a small standalone installation with a very small data set. Over time, we grew our Splunk environment to a clustered multi-site installation that is used by multiple departments., As your installation matures, understanding the intricacies of how Splunk *works* will require full-time attention (and manpower). Folder structure, permissions, and app installations, as well as keeping up with the dizzying release schedule will require some time devoted to Splunk.\nEnterprise, G2.com, Verified User, nan, 4.0, I love the dash board feature. It works well., None the program is stable and works well for us.\nEnterprise, G2.com, \nShmuel C., Solution Architect\n, 4.5, The ability to quickly search across multiple sets of data., Complicated to use - meaning that I have to get help to build any queries and dashboards and functionality.\nEnterprise, G2.com, Verified User, nan, 3.5, Quick log search. Custom dashboards are great!, I can\u2019t think of an area where I use Splunk where it couldn\u2019t do the job.\nEnterprise, G2.com, Verified User, nan, 4.0, Lot monitoring across client environmemts, Implementation strategy for multi client\nEnterprise, G2.com, Verified User, nan, 4.0, Its very eady to learn if you know how relational databases work...meaning you can setup relationships.., Its a hard question....i guess they xould have more use cases built in.\nEnterprise, G2.com, Verified User, nan, 4.0, The UI is simple and clean, the amount of sort features on the log results is fantastic, It can be a bit slow in running queries and also doesn\u2019t always capture the data it\u2019s supposed to\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk has most abilities that a corporate IT need for automation, reporting, logging, monitoring, Nothing so far. Everything has been good\nEnterprise, G2.com, \nPatrick O., Information Security Engineer\n, 4.5, The tooling included in base Splunk, plus the broad community supplying pre-built extensions to common data needs, greatly reduce time to detection on problems and make tracing root cause issues much easier than any other tool I've used., Management of the software can be complex, as it is a complex tool. Buying professional services for initial configuration and any major changes (e.g. moving to a clustered environment) is frankly necessary unless you have someone on staff who has already managed a deployment previously.\nEnterprise, G2.com, Verified User, nan, 5.0, Splunk takes in any data in almost any form (as long as it is human readable text) and allows searching, manipulation, transformation, calculation, etc. and then presents it in a multitude of ways to make the data tell a helpful story. That is superior to products that make you set up each type of data in a set format. We have data that varies greatly even among similar software products., Bugs, though to be honest, I haven't run across many, and they seem to get fixed pretty quickly. I've run into some that usually have a workaround, which makes it easier to deal with the bug.\nEnterprise, G2.com, Verified User, nan, 5.0, Practical data ingestion implementation, multiple data sources and types., Still editing config files without version control?\n\nEnterprise, G2.com, \nMichael P., Technical Architect, 4.5, Splunk gives us the single pane of glass view we have been wanting. We are able to pull in logs from our various monitoring tools and get visibility end-to-end with a single view., While I am sure the product isn't perfect, it fulfills our needs better than previous products. Therefore, there is little to say in the dislike category.\nEnterprise, G2.com, \nVerified User, nan, 2.5, Using splunk, you can create alerts in logs that you have associated with it., Sometimes it's hard to find the correct search terms in order to find what you're looking for within a splunk log.\nEnterprise, G2.com, \nKevin P., Java", "doc_id": "343f4d90-69d0-4aed-87d9-6c7896f18cdf", "embedding": null, "doc_hash": "ffa47ae23dd27568535f904617b36007ff1f50a4edb8928372086fd082cc3fbf", "extra_info": null, "node_info": {"start": 174106, "end": 177977, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "df2706de-7a67-4837-9162-5b9e36d1a8ed", "3": "55c04431-65ee-4d04-ad9d-e26261ad8eed"}}, "__type__": "1"}, "55c04431-65ee-4d04-ad9d-e26261ad8eed": {"__data__": {"text": "within a splunk log.\nEnterprise, G2.com, \nKevin P., Java Engineer\n, 4.5, Splunk provides an easy way to search multiple log files over a period of time. You can search by any combination of unique text. The syntax is similar to that of SQL where you can use keywords such as AND and OR. Logs are archived for time capsule viewing., Splunk provides an easy way to search multiple log files over a period of time. You can search by any combination of unique text. The syntax is similar to that of SQL where you can use keywords such as AND and OR. Logs are archived for time capsule viewing.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Extremely powerful tool combining analytics from different sources, multiple dashboard views, Hard to say anything negative. Works great for our application\nEnterprise, G2.com, \nstephane p., nan, 4.0, I like the posibility to ingest a large number of logs/data format and to play with it. In a very short time, beginners are able to have a clear view of things that were hidden in the mount of data to be processed., I miss the possibility :\n\n1. to add pdf export to custom visualisation,\n\n2. to configure drilldown fields in custom visualisation\nEnterprise, G2.com, Verified User, nan, 4.5, Splunk gives me a way to program own script to pick up key information and perform analysis automation., I'm seeking a much easier way drag and drop graphic tool can make scripting much more easy.\nEnterprise, G2.com, \nPrakash G., Technology Architect, 5.0, Ability to visualize all logs from Various server instances., I donot dislike anything about the splunk\nEnterprise, G2.com, \nVerified User, nan, 3.5, Very useful in detecting and trouble shoot., Not proprietary...and we have to pay money.\nEnterprise, G2.com, \nRahul N., Senior Engineer, 4.0, easy to setup and use. It's an excellent tool to analyze real-time data & logs, With its long features using it can get really complex using it. you will have to read through many documentation to find the answers you're looking for and sometimes you don't find it\nEnterprise, G2.com, \nNAZEER P., Application Developer Mule ESB, 4.5, The alerting system is best part of this. By using Transaction flow analysis we can identify where exactly the issue is. Building query is simple and easy. We have been using Splunk for 3 years now and it has always been a great tool use to analyze the data patterns and alert us on all performance related issues and pattern matching., We run query for long time frame splunk performance will be effected. Ideally it creates one ticket for one type of exception but some times it creates more than one.\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk very nicely provides query/search access to huge volumes of data (for example log-file data). If you're interested in finding specific occurrences of something/anything within your data, Splunk is a nice tool to have. For basic querying, it cannot be beat., If you need to find an \"area\" within your huge volume of data (for example, either what happened immediately before or after a specific occurrence) then you end up fighting with Splunk to let you see that \"area\". Personally, I've ended up having to write extremely complex regular expressions within Splunk just to be able to see these \"areas\", and they work, but it needs to be easier.\nEnterprise, G2.com, Verified User, nan, 5.0, I like Splunk's speed when querying millions of logs to find specific data points. Combined with the online support pages that help with any type of query, Splunk makes searching through data easy. Additionally, the ability to start a search and have it sent via email upon completion allows for productivity to increase due to the fact that I do not have to sit around waiting for my query to complete. Lastly, the export feature is extremely convenient for digging through large amounts of data easily in Excel., If you click to expand a search result and then attempt to scroll while this result is still expanded, you will get yanked back up to that result", "doc_id": "55c04431-65ee-4d04-ad9d-e26261ad8eed", "embedding": null, "doc_hash": "704abd87ab3c5923fb1f6af0185f69c73edf772b47fce798c8462c46207a4e5d", "extra_info": null, "node_info": {"start": 177988, "end": 182005, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "343f4d90-69d0-4aed-87d9-6c7896f18cdf", "3": "9dfaab70-7d70-4e42-86f2-a3c2d961207c"}}, "__type__": "1"}, "9dfaab70-7d70-4e42-86f2-a3c2d961207c": {"__data__": {"text": "to scroll while this result is still expanded, you will get yanked back up to that result repeatedly until it is closed.\nEnterprise, G2.com, Verified User, nan, 4.0, Offers great predefined applications and visualised dashboards to dispaly and make sense of the logs. These make it very easy to see the wood for the trees., Some of the best applications and dashboards can bee quite expensive although there are kes comprehensive free versions available\nEnterprise, G2.com, \nJay T., nan, 4.5, The colors and menu items are very intuitive. It may not be a big thing but it is easy on the eyes, It lacks support for agile cycles. If a planning mechanism is included like Jira, it would be a good improvement\nEnterprise, G2.com, Joe C., Systems Engineer Level III/Architect/Manager of San Diego Office, 4.0, Easy to setup, upgrade, manage, and configure to meet your needs. The universal forwarder makes this easier than any other solution out there., Price can be of a concern. If you have a large influx of traffic being logged, you could easily go over your license limit and have a violation.\nEnterprise, G2.com, Verified User, nan, 4.0, The visualization graph features as well as the alert and notifications, Need to learn the syntax for log search. Should have made it a little easier for new users.\nEnterprise, G2.com, \nJagadish M., Technical team lead, 4.5, Splunk will publish the data by connecting to any different source systems and shown in the dashboard with all the trend., Depends upon the Application logs and sys logs rather than having its own data.\n\nEnterprise, G2.com, \nTrisha D., AMTS Software Engineer, 4.0, Splunk is very user friendly and on the analytics side, the visuals created are very elegant!, As you scale does the price and it can definitely get overly expensive and the more data you need to index, the higher the CPU cost is. Also some of the querying requires a bit of a learning curve\nEnterprise, G2.com, Verified User, nan, 1.5, The ability in Splunk to search for errors online and without having to SSH or Telnet into a console would have to be the best feature of Splunk by far., The inability to then simply review and investigate a particular log message would have to be the biggest downfall of the platform. Text is presented in the tokenised view and it definitely isnt intuitive on how log messages and the surrounding (preceding or proceeding) logs can be viewed easily... if it\u2019s possible I still haven\u2019t figured it out after 12 months of using the product.\nEnterprise, G2.com, \nVerified User, nan, 4.0, Helps finding the events quick from server logs. This avoids us from logging into multiple servers separately., Except being proprietory the product is good.\nEnterprise, G2.com, \nVerified User, nan, 3.5, Splunk captures a great deal of data for reporting., Getting a decent report requires a lot of manipulation.\nEnterprise, G2.com, \nErik A., Application Engineer II\n, 5.0, From the users sides, it is a single platform that can provide everything a company needs without needing to go between different platforms that host different bits and pieces of the data needed to support a customer facing service. From the support side, my day job, it is very easy to built out new environments, set them up as we need, and support their ongoing usage., I wish I could get more people at my company onboard with the concept of a single platform is better than multiple platforms.\nEnterprise, G2.com, \nGiuseppe A., WEB & Mobile Team Leader , 4.5, It's an unique container of etherogeneus log, and permit to identify production problem and in case also to prevent, when it happens a performance degradation., The price: it's quite expensive, and it's hard to persuade my company to upgrade to a bigger license.\nEnterprise, G2.com, \nVerified User, nan, 2.5, Ability to capture cross platform logging, Licensing, especially for large enterprises\nEnterprise,", "doc_id": "9dfaab70-7d70-4e42-86f2-a3c2d961207c", "embedding": null, "doc_hash": "d6def574ccc79b0977275df5761acf0ace0792a24159f43eefb4464573fca9b9", "extra_info": null, "node_info": {"start": 181982, "end": 185880, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "55c04431-65ee-4d04-ad9d-e26261ad8eed", "3": "fb76762e-5f96-4e30-b458-26837b628208"}}, "__type__": "1"}, "fb76762e-5f96-4e30-b458-26837b628208": {"__data__": {"text": "to capture cross platform logging, Licensing, especially for large enterprises\nEnterprise, G2.com, \nBonnie R., Senior Systems Engineer, 4.0, I like having real time alerts panel is easy to use and reporting is detailed, Sometimes the alerting is overly sensitive even when we lower the settings updates are too frequent and dislike having to install a forwarder\nEnterprise, G2.com, \nChristopher M., Information Technology Security Analyst\n, 5.0, The ability to manipulate data in Splunk is unparalleled. Splunk\u2019s powerful and flexible query language can morph difficult to understand log formats into usable data. Correlating data across different systems via one interface will allow you to know your environment or identify incident data in ways you never imagined., There is a definite learning curve to starting out. However, there is a quite a bit of documentation out there to help you get started. In addition Splunk documentation, the community (Splunk answers/slack channel/user groups) can help get you moving along a lot faster.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Log analysis, dashboard to run queries , pretty flexible tool, Need people with technical knowledge to make changes, add new dashboards\n\nEnterprise, G2.com, \nBhagat B., Senior Consultant, 4.0, The best thing about spunk log is pull logs based on the time period. The logs are easy to read. Same system can pull the data from many environment. you can run your queries to pull the data. You can download all the logs in different file format. You can search your logs based on certain time period with any text. It can also pull the data based on the different system swell., Coping of logs is not simple. It should have a link or button to copy a particular logs. I seen lots of issue with internet\n\nexplorer browser. Its very slow with IE but works well with Chrome.\nEnterprise, G2.com, \nClara M., Lead Business Intelligence Engineer, 5.0, It has made projects more efficient (ease of joining multiple sources together, search times are quicker, etc.) which frees up more of my time to research, explore, and work on more projects, Custom visualizations don't export to PDF\n\nEnterprise, G2.com, \nRich M., Senior Information Systems Security and Database Architect\n, 5.0, The versatility. We ingest some of the worst looking logs and force them into a usable form, generating reports and dashboards that business users make decisions from. At times I use Splunk as a clearinghouse for terribly formatted data that I don't even directly use, taking data that makes my BI team cry, reformatting it, cleaning it up and shoving it into a database for them to use further down the pipe. In the more standard uses, we use it to correlate various pieces of information from across our environment to identify when weird things are happening so we can better address them. But two of its primary strengths are the quality of the documentation and the thriving and active user community (answers.splunk.com, User Groups, their Slack channel and so on) who are always willing to help out if you need it!, There's can be a significant amount of complexity, some of which is due to the domain across which it works, but some of which hasn't been smoothed over yet by Splunk. This is mostly not in the core product but in some of the Apps, which just need a little work. See comments on the community above, though - there are replacement apps and lots of help available on the Slack channel and in Answers!\nEnterprise, G2.com, Verified User, nan, 4.0, Easy interface and presents the metadata in such an organized way and make troubleshooting a whole lot easier., the way to deploy app. it work fine but is just a little redundant. I dont like the fact that if you put one app in the deploy directory and deploy it will install that app and remove all the others. no matter how many. I think that's a design issue and needs to be fixed/.\nEnterprise, G2.com, Verified User, nan, 5.0, The ease of use Splunk offers makes using the tool a breeze. You don't have to be a developer to get your hands dirty going through machine data", "doc_id": "fb76762e-5f96-4e30-b458-26837b628208", "embedding": null, "doc_hash": "ae60b94b78453de6bdf23b59a0b8c9a4079c9662ca8c1875c6e33d52d574ed89", "extra_info": null, "node_info": {"start": 185873, "end": 189974, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "9dfaab70-7d70-4e42-86f2-a3c2d961207c", "3": "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879"}}, "__type__": "1"}, "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879": {"__data__": {"text": "You don't have to be a developer to get your hands dirty going through machine data and finding good use cases for the tool, As your data ingest grows, so does the cost. This can become pricey if you're not careful\n\nEnterprise, G2.com, \nEarl W., Windows Server Administrator, 5.0, It sits by idle- or it seems to be but any and every change to your system will be logged for ease of recovery, Nothing. A very well thought out solution for any business\n\nEnterprise, G2.com, \nVerified User, nan, 4.5, You can access all the logs and filter through very easyly, It needs to be more user friendly so that a person with no experience can still access it\n\nEnterprise, G2.com, \nVerified User, nan, 2.5, It allows one to search through numerous records using key word searches.\n, If not familiar with Splunk, the phrases or key words necessary to do a search can be inconvenient.\nEnterprise, G2.com, \nVerified User, nan, 3.5, I am using Splunk now to monitor the logs from my backup server. The fact that it can import in logs from another host is great. The love the reporting for the logs as it provide an easy to use ad-hoc query which output a readable format for you to understand. You can actually go beyond logs and into monitor your network for spikes in processes and resources. What makes this unique is knowing which host and users are associated with the processes., It's very confusing at first because there's so many tools and links. It's not simple so do read up before you tackle this product. This product costs a lot of money for what it delivers.\nEnterprise, G2.com, \nVerified User, nan, 4.0, It's much easier to configure, compared to tools like ELK, and the search is quick to look for logs based on specific time., Not so many plugins for rails and open source tools like apache2,Nginx,...\n\nMonitoring a specific file status in linux environment seemed hard since the splunk enterprise was installed in windows environment.\nEnterprise, G2.com, \nVerified User, nan, 3.5, Transparency in reporting to monitor server problems, It doesn't have a UI friendly interface for the end users and it's not that intuitive\nEnterprise, G2.com, Jaya Krishna T., Sr. Database Engineer, 5.0, Splunk provides a great ease in reading the logs. It helps us analyze the metrics on a regular basis to troubleshoot production issues. We have been using Splunk for quite a few years now and it has always been a great tool use to analyze the data patterns and alert us on all performance related issues and pattern matching., There is not much of dislike on the product. It's more of how much I can help reviewing the production to help it enhance its ease of use.\n\nIt would be great to have multiple levels of automation setup within splunk where in it allows users to choose what exactly they want by looking at the earlier patterns and usage of the product. By showing this suggestions, it will be easy for the users to make sure they take into consideration the suggestions shown by splunk to make a wise decision whether to go ahead with the suggestion or implement a new one.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is a fantastic tool that we depend on. It isn't just development work we rely on Splunk for, but we also use it for testing engineering changes as a standard before production releases. From ease-of-use, forwarding data from a variety of data sources, and E2E data correlation, Splunk has been able to package software that does it all!, Recent versions of Splunk can be a bit chatty in terms of messages that are displayed in Splunk Web. I'm finding a lot of questions coming from the business teams like, \"I'm seeing this error - what does this mean?\", or \"This error message came up when I ran this search in the dashboard, can you please have a look?\". Most often messages that display are not directly correlated to what the Splunk users are performing. I may have missed it, but it would be great to pass something off to the business teams that they could reference if a particular set of error", "doc_id": "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879", "embedding": null, "doc_hash": "b11ad7382a8c445b9915ce741282299f66fc4826e0584732400454463a72ed60", "extra_info": null, "node_info": {"start": 189988, "end": 194015, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "fb76762e-5f96-4e30-b458-26837b628208", "3": "da25c223-a805-482a-bb28-b3862f33b028"}}, "__type__": "1"}, "da25c223-a805-482a-bb28-b3862f33b028": {"__data__": {"text": "to pass something off to the business teams that they could reference if a particular set of error messages occur. Any infrastructure-related messages would ultimately be handled by the core Splunk team.\nEnterprise, G2.com, \nVerified User, nan, 4.0, The Search app itself is excellent. Our customers also like the charts and graphs available., A few too many apps out there, some supported and some are not, so you must tread carefully with those.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Reliable and robust methods to manage application and service related logs on prod, Learning curve required for newbies in the team\nEnterprise, G2.com, \nVerified User, nan, 4.0, User friendly UI which helped us in monitoring application, Still exploring the app so haven\u2019t explored all options and in progress. So far it\u2019s good.\n\nEnterprise, G2.com, \nVerified User, nan, 5.0, It's pulls all the data and shows it in a report\n, The UI could use an update. However it works great.\n\nEnterprise, G2.com, \nVerified User, nan, 4.0, Splunk makes searching through tons of data very easy.\n, There is a learning curve to create complex queries.\n\nEnterprise, G2.com, \nVerified User, nan, 5.0, The user interface and the querying syntax, Since I am still learning it I will need more time to find andwer to this\n\nEnterprise, G2.com, \nVerified User, nan, 4.0, I really enjoy being able to not only view the logs but identify the personnel that made the changes., I do feel there is more to be desired with the search function.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Log analysis, visualisation , application performance monitoring\n, There is not a feature to dislike on splunk\n\nEnterprise, G2.com, \nManjushri S., Java Software Developer\n, 5.0, Ability to create custom dashboards and monitor logs\n, All features are extremely good do not dislike any\n\nEnterprise, G2.com, \nVerified User, nan, 5.0, Simple easy to use analytics. Visually very pretty and easy to navigate.\n, Current Splunkbase apps need help. Most of the apps simply don't work out of the box and are more templates.\nEnterprise, G2.com, \nVerified User, nan, 4.5, Splunk is very flexible tool which helps our team with effective logging and troubleshooting. It also helps with amazing dashboarding which helps our Business analaysts and Product Owners, Licensing is a little expensive. Support and documentation can be improved too.\n\nEnterprise, G2.com, \nChristina S., Systems Analyst Staff - SW Eng Compute Analytics Lead\n, 5.0, Splunk allows access to all the operational data. It lets you correlate events and set up alerts to help with future issues. It allows for metric tracking and analysis and provides easy to use dashboards., Dashboard design is restrictive. The layout is pretty fixed unless you have admin rights to create style sheets. The UI only lets you do half of the options, you must go into the simple xml for full range of options. Creating drill-ins is not intuitive. Limited out-of-the-box charting options for time series.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is so easy to use that you will find yourself using it as the first step in every project or problem solving venture. The speed in which answers are realized is amazing and invaluable to fast paced teams or companies., There is never enough time to implement all of the ideas we have for using Splunk! (this is an 'us' problem, not a Splunk problem)\nEnterprise, G2.com, \nNoah W., Data Scientist Intern\n, 5.0, As I said in my title \"The jack of all trades...if you want it to be\" Splunk is so powerful that sometimes it's hard to know where to start! Start small and don't overwhelm yourself, you'll quickly come to appreciate Splunk and all it can do., Many small and annoying bugs. I can work around all of them,", "doc_id": "da25c223-a805-482a-bb28-b3862f33b028", "embedding": null, "doc_hash": "62d8b85c2cb68313431c1be8e06bf21a4fd0104b2a1fdeb2dae5aa3c6186e7aa", "extra_info": null, "node_info": {"start": 194003, "end": 197768, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879", "3": "ecb9caf5-ef92-4595-affa-0b60ab364b41"}}, "__type__": "1"}, "ecb9caf5-ef92-4595-affa-0b60ab364b41": {"__data__": {"text": "it can do., Many small and annoying bugs. I can work around all of them, but sometimes I burn an entire day figuring out how.\nEnterprise, G2.com, \nDhwani S., QA Engineer\n, 3.5, I like the most is i can see log anytime without even touching prod environment.\n, Nothing which i can say about Splunk. I really like splunk and i don't have any suggestion for improvement.\nEnterprise, G2.com, \nVerified User, nan, 4.5, If my data is in Splunk then I can answer questions almost at the speed of thought. We have not had a use case where Splunk failed to achieve the results. The quality of the software is high. When someone says Splunk gave me the wrong answer, I usually find that they asked the wrong question., The cost model is prohibitive for some use cases.\n\nEnterprise, G2.com, \nScot L., Senior Consultant\n, 4.5, Splunk Enterprise is the best of what's out there for event correlation. It is very extensible and can take almost any kind of data with a little work. FANTASTIC for searching data and identifying correlations and patterns, or a lack of correlation and patterns to identify the anomalies., It is pretty expensive when you start to ingest all the data and setting up alerts and automated detections is more difficult, but it can be done.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk Enterprise has allowed us to easily sort data from multiple sources in easy to manipulate and view dashboards and reports in way we could never do before., The only thing I can say that I dislike about Splunk is that it has made our customer think that our job is a piece of cake because of how quickly we can answer their questions!\nEnterprise, G2.com, Kyle S., \nIntegration Developer, 5.0, Oh, to begin at the start is akin to creating pottery from clay. Forming the vase of data from the clay of disparity, one can simply design such meaning and substance from meaningless data, and share amongst peers and enemies alike., Sometimes, the rapid evolution causes internal strife, but nary is it a problem, as support and documentation rules all.\nEnterprise, G2.com, \nVerified User, nan, 4.5, Quickly ingest any data ( machine , structured or unstructured), and produce analytics and visualization to drive the business value., It is little bit expensive in terms of License cost but we can still do somethings with the free license limit.\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is simply awesome. You can integrate it with almost all vendors.\n, Norhing to dislike so far so good . But can get better !\n\nEnterprise, G2.com, \nVerified User, nan, 5.0, The dashboards that Splunk uses (that are able to be customized to your needs) are second to none., Splunk has a pricing model where the cost of their software has to do with the amount of data that it ingests. I would rather see something that was done on a node basis rather than total amount of data.\nEnterprise, G2.com, John W., Systems Software Specialist II\n, 3.5, Reports and queries are fast ready when mangemen makes a request.\n, Queries need to be individually customized to specific reports.\nEnterprise, G2.com, \nVikas R., Application Development Analyst\n, 5.0, Great for visualizing any application data that is required and the custom dashboard feature makes it easy to have related reports and queries all in one place.It's easy to understand the interface, graphs are good and can be easily exported. The keywords on the left side are very helpful., I would say query building which might be a steep for non technical user. Also licensing the Splunk software would be little expensive so the best thing would be to start with a small amount of data and see it if works for you or not.\nEnterprise, G2.com, \nVerified User, nan, 4.0, Splunk has thorough logging and makes it very easy to sort and filter based on a specific timeframe., There is a bit of a learning curve to Splunks query", "doc_id": "ecb9caf5-ef92-4595-affa-0b60ab364b41", "embedding": null, "doc_hash": "e98c66fa1b44fd61b4754085f87c89171c000e1bd94e9975270a239ae938c24b", "extra_info": null, "node_info": {"start": 197792, "end": 201660, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "da25c223-a805-482a-bb28-b3862f33b028", "3": "22b17438-5a36-49c6-9fe5-1e599edb22be"}}, "__type__": "1"}, "22b17438-5a36-49c6-9fe5-1e599edb22be": {"__data__": {"text": "based on a specific timeframe., There is a bit of a learning curve to Splunks query language.\nEnterprise, G2.com, \nmatt j., Integration Support Specialist\n, 5.0, Its easy to define the search parameters and to change them on the fly, you can also build graphs to view the progression of the trend. If you use the data often, build a dashboard and consume the data when you need it., you have to remember all the names of the field in the database for a successful query\nEnterprise, G2.com, \nKen C., Senior Technical Engineer, 3.5, Easy to use UI and operation to organize data and visualize it. Also great to use the stored template or report to quickly checkout the reports needed., Sometimes when the data size is large, the response time is slow\nEnterprise, G2.com, Verified User, nan, 4.0, Quick lists of CA Agile data at your finger tips. Splunk gives quick views of queries rapidly., Having to validate the data because it is another way to pull the same CAAC data and you want to make sure the report is accurate.\nEnterprise, G2.com, \nAlexandru O., Senior Software Engineer\n, 4.5, The documentation is really well done and easy to use.\n\nThe UI is slick and fast.\n\nThe ability to easily create dashboards.\n\nThe auto-completion with suggestion while writing the search query\n\nThe left hand menu on the search page containing all the fields detected by the search.\n\nAbility to add/exclude from search the fields extracted from the search results by hovering any text., The time range search could be improved by allowing the following type of input:\n\n\"last 3h\" or \"3d ago\" which is easier to use than applying several clicks to achieve the same results.\nEnterprise, G2.com, \nAman K., Technology Lead\n, 4.0, Checking logs for all applications in one place. Custumizable search by using various input String parameters.\n\nUsing alerts triggered when application encounters certain errors in logs., User Interface and input methods could be more user friendly.\nEnterprise, G2.com, Verified User, nan, 3.5, Able to place logs to help trace bugs in microservices architecture. Has a web interface for searching logs and provides lots of detail., Searching can be difficult at times because of all the options and information to wade through.\nEnterprise, G2.com, \nAlister E., Software Engineering Manager - Test Automation, 5.0, Being able to watch and search real time logs., Since starting to use the tool about 3 years ago, I have not found anything that I would say that I have disliked.\nEnterprise, G2.com, Verified User, nan, 3.5, The best part is it is the single platform to debug any errors in the product be it application or DB or infrastructure or any other middletier third party tools, It\u2019s not much user friendly and takes a while to get used to query the splunk\nEnterprise, G2.com, Verified User, nan, 4.5, Makes monitoring your environment easier with the help of this tools. You don't have to transverse the network looking for hostname to IP or IP to username. This program does it. Moreover, it monitor traffic like a firewall with the rules of the firewall.\n\nBtw, it reads logs from your backup, windows events, and any logs you can throw at it., I don't like that it's still web base. Meaning, if your have a lot of internal traffic, site loads will differ. Your mileage will vary, that is my only complaint about it.\nEnterprise, G2.com, Verified User, nan, 4.5, We use splunk logs day to day basis to analyse and effectively debug issues. We also use it which raising incidents of any failures where we use splunk to get all the required information for developers to debug the issue, sometimes it does not capture the errors correctly which makes it really difficult as we depend on the tool a lotIt will take a while to learn the SPL (Splunk search processing language) but after it is learned, it helps to get a lot of helpful searches. Event correlation is not very easy to grasp without the proper training.\nEnterprise,", "doc_id": "22b17438-5a36-49c6-9fe5-1e599edb22be", "embedding": null, "doc_hash": "28dcdbccc067ee91da7fc98663d8eb38d06510a6f7068598ff7ff6b952b71826", "extra_info": null, "node_info": {"start": 201651, "end": 205595, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "ecb9caf5-ef92-4595-affa-0b60ab364b41", "3": "062c1b51-1d17-41d4-864d-786a1007ab0e"}}, "__type__": "1"}, "062c1b51-1d17-41d4-864d-786a1007ab0e": {"__data__": {"text": "Event correlation is not very easy to grasp without the proper training.\nEnterprise, G2.com, Verified User, nan, 5.0, Dashboards are very helpful. It gives our team a lot of insight into what is happening. The alerting feature is also helpful. It helps to send out an email if there is an increase in threshold, nan\nEnterprise, G2.com, Verified User, nan, 5.0, I love that it is easy to use the tool and that you can search by anything to locate the logs, It provides almost too much information sometimes the info is too abundant and has a lot to wade through\nEnterprise, G2.com, Verified User, nan, 3.0, A simple, flat process to index the data in their native format. This allows allows the platform to be highly scale-able; It can grow with the amount of data it is needed to process. The system can run in dynamic parallel to your environment., Still have to read through many documentation to find the answers and at many times I can't find it. Not highly customized, would be helpful if they can provide more customization tools.\nEnterprise, G2.com, Verified User, nan, 5.0, The ease of use when it trying to search specific information/data, The cost is definitely a factor but overall it's a great product.\nEnterprise, G2.com, Eric W., Senior Network Administrator, 3.5, The add-ons are the best. Some of the information and feedback that the add-ons are able to compile based on all the data that gets injected into Splunk is beyond awesome and very helpful, To start there is a pretty big learning curve in my opinion. The breakdowns in the left hand nav bar definitely helps. But slow to learning the search language.\nEnterprise, G2.com, \nThomas G., Systems Programming Analysis, 5.0, Splunk searches through millions of logs in matter of minutes. Its the essential tool I use at work., It can be ever confusing to use at first. Maybe make a better UI.\nEnterprise, G2.com, Verified User, nan, 4.0, The power and flexibility when it comes to extracting information, The power and flexibility when it comes to extracting information\nEnterprise, G2.com, Verified User, nan, 5.0, What I like about the product is its use for the api dashboard. You can customize your search query and add it to the dashboard and get email notifications everyday (the way we set it)., Missing integration with known IDEs (Netbeans, IntelliJ, JDeveloper..)\nEnterprise, G2.com, Verified User, nan, 4.5, Ability to look up logs and historical records of the same, Nothing much and the software meets its expectation\nEnterprise, G2.com, Verified User, nan, 4.0, If the data is in your logs, you can find it with Splunk. Sometimes I'm just searching for a key phrase in the last 30 days and I can get the answer back within seconds. At other times, I'm using a regex to extract a fraction of complex line and then graph that result to find anomalies and, again, the answer comes back within seconds. Splunk is incredibly powerful and I am constantly learning new things and new ways to use it., The learning curve is incredibly steep. You essentially have an empty search box and you have to know what commands to use (and how to use them) to really get anything useful out of it. It has an alerting feature but it's a little...quirky. There doesn't seem to be a decent way to create live alerts--instead you can have a query run every minute but don't allow it look back more than 1 minute because otherwise you'll get duplicate results.\nEnterprise, G2.com, Verified User, nan, 4.0, Dashboards is very helpful. It gives us a lot of insight into what is happening. Also the alerting feature is also helpful. It helps to send out an email if there is an increase in threshold etc. Setting up file based forwarders is easy. Field extraction is also really great. It helps to analyze the search results., It will take a while to learn the SPL (Splunk search processing language) but after it is learnt, it helps to get a lot of helpful", "doc_id": "062c1b51-1d17-41d4-864d-786a1007ab0e", "embedding": null, "doc_hash": "2180db6ac7b5f338d4fed9a313dd51b9fec3a8d5d3420c7ba1352df918f2ddb4", "extra_info": null, "node_info": {"start": 205591, "end": 209508, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "22b17438-5a36-49c6-9fe5-1e599edb22be", "3": "885f2991-1d81-459e-97c2-c2654ff84e24"}}, "__type__": "1"}, "885f2991-1d81-459e-97c2-c2654ff84e24": {"__data__": {"text": "search processing language) but after it is learnt, it helps to get a lot of helpful searches. Event correlation is not very easy to grasp. Also the search UI is not very intuitive. Sometimes Splunk is not very fast. And also sometimes events timeline doesn't respond well. Patterns can be improved to have more intuitiveness. More formats can be supported to export the results.\nEnterprise, G2.com, Verified User, nan, 4.0, Its easy to pick up and do short/simple queries, and once you get the hang of it, it is an incredibly powerful too. It doesn't really care what it is being used to search through or for, just point it at something, and it will do its job., Splunk is easy to learn, hard to master. Getting from the simple searches to the advanced stuff is very challenging, especially if you teach yourself, but well worth it. Another downside is I wasn't able to find a way to publish records automatically to Jira. It would be incredibly useful to be able to push search results with test reports to Jira tickets\nEnterprise, G2.com, \nParikshith M., Instructional Student Assistant, 4.0, Imagine you have 10 servers running and you need to debug a exception. Wondering how you can login to each and check ? This is where Splunk is extremely handy. It has awesome data analyzing tools. The dashboards are extremely customization friendly ., The queries is difficult to understand to start with. The overall UI itself looks extremely complicated when someone new to it starts using it. But yes, powerful tool will have some complexity , wouldn't it ?\nEnterprise, G2.com, \nTarun G., Software Engineer II, 3.5, Drilling down into specifics of an issue if they are being fed to the splunk server, All the information needed to be shown here needs to be fed to the splunk server, I would prefer if with an annotation it figured out what all to feed to it and what not to\nEnterprise, G2.com, Verified User, nan, 4.0, I like that I can search by each type of field, and find the cause of errors., It has a fairly steep learning curve, but once you learn it, it's powerful\nEnterprise, G2.com, Verified User, nan, 3.5, It has a fairly steep learning curve, but once you learn it, it's powerful, Can get too slow, when running large queries\nEnterprise, G2.com, Verified User, nan, 5.0, The ability to create dashboards based on your logs\n\n- Quick searching of logs\n\n- Easy, easy, easy collection of logs, One of the biggest problems with Splunk is their cost model as they charge by the GB.\nEnterprise, G2.com, \nVerified User , nan, 4.0, Splunk is awesome because it has comprehensive and flexible search functionality., When I think of what I dislike about Splunk, nothing comes to mind.\nEnterprise, G2.com, Verified User, nan, 2.0, Splunk is a useful tool for log aggregation and in general works well, It is an expensive tool as they charge by the amount of data\nEnterprise, G2.com, John M., Senior Ruby/Rails Developer and Project Manager, 3.0, Ability to track trends, create alerts and notifications, share data, ingest data, and get the whole team up to speed., Cost. Learning curve (powerful, but challenging)\nEnterprise, G2.com, Verified User, nan, 4.0, Splunk has an easy to use interface that can hide how powerful the software can be. It is useful for anyone monitoring anything., There is very little I dislike about splunk. I suppose the only thing I think they could improve is make it cheaper so we don't have to worry as much about our data limits.\nEnterprise, G2.com, Verified User, nan, 3.5, The total amount of information that can be processed and parsed up into useful data., It seems that every new product requires me to learn a new syntax or language in order to make full use of a product. This is no different, but it is still useful.\nEnterprise, G2.com, Verified User, nan, 3.5, Splunk is easy to use and allows the mining of", "doc_id": "885f2991-1d81-459e-97c2-c2654ff84e24", "embedding": null, "doc_hash": "dea447c8c6ff8ad20202302de072fb6536b263052a24298e347c9d57807e5186", "extra_info": null, "node_info": {"start": 209513, "end": 213364, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "062c1b51-1d17-41d4-864d-786a1007ab0e", "3": "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4"}}, "__type__": "1"}, "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4": {"__data__": {"text": "User, nan, 3.5, Splunk is easy to use and allows the mining of disparate log files to consolidate reporting and monitoring., Nothing, the product worked very well. Admins were able to set it up and push out the report functionaly.\nEnterprise, G2.com, \nVerified User , nan, 4.0, Relatively light weight and quick. Fairly easy to use and navigate., Expensive. Bit of a learning curve with querying\nEnterprise, G2.com, Verified User, nan, 5.0, A super useful tool to figure out what's happening on production environments, helping us to quickly track and fix production issues that help real customers. It is simple to learn., So far so good, I don't deal with many of the splunk issues that the guy in charge always complains about, i just know it requires high maintenance work and someone with a special set of skills to do so.\nEnterprise, G2.com, \nJessica T., nan, 5.0, Fantastic insight into how our systems our running. Can build custom dashboards and develop powerful search queries., A bit of steep learning curve without good documentation.\nEnterprise, G2.com, Verified User, nan, 4.5, I mainly liked the ability provided for performing searches, overall it was a good tool, but w/data export had some difficulty sharing results\nEnterprise, G2.com, Verified User, nan, 5.0, Graph trending capability of the software, slow performance. take too much time to get useful information\nEnterprise, G2.com, Verified User, nan, 4.5, The ability to capture and examine logs from various sources and turn it into normalized event data. I don't have to comb through several raw logs to find what I'm looking for and you can customize it to fit you organizations exact needs.... great benefit., This may be due to lack of knowledge but the ability to integrate directly with CVEs from the NVD. Maybe there's a data pull that exists that I don't know about. But if that was advertised more or perhaps more knowledge about that then I believe that would be beneficial.\nEnterprise, G2.com, Verified User, nan, 5.0, The ability to customize and built things the way I need them. I am able to search and filter exactly what I need., Honestly there isn't much I can say that I do not like. Sometimes it can be slow depending on my search criteria but somewhat expected. It can also be a bit expensive.\nEnterprise, G2.com, \nMatthew C., Principal Systems Engineer, 4.0, Splunk provides a convenient mechanism for gathering numerous system and software logs. The ability to search historical and real-time logs is a key capability for our monitoring. The custom field extraction and reporting are also a great feature for analysis., Splunk relies on a Perl-based regular expression structure. I can regex just about anything I want in a python regex and routinely am frustrated by Splunk's support of only Perl regex. This translates into a lot of lost time trying to figure out how to get my custom field extract to extract only what I want extracted.\nEnterprise, G2.com, \nVerified User, nan, 2.5, The interface is fairly easy to use and you can access your data from anywhere after you log in. It works well when you don't have a ton of data., The query language is not intuitive and can feel difficult to use. Graphing and charting isn't easy to use either, though it seems like it could be a nice feature.\nEnterprise, G2.com, \nVerified User , nan, 3.5, ease of use and relatively simple learning curve, can be super expensive and the administration of it.\nEnterprise, G2.com, \nVerified User , nan, 4.5, Splunk does a good job of ingesting log data in a variety of formats, without needing to define every field to parse ahead of time. Many modules available to help process common sources, nan\nEnterprise, G2.com, \nZachary C., Web Developer & Designer III, 4.5, The query language, speed, and visualizations are truly amazing. Reporting, alerting, and ability to read any log format known to man just makes it that much better. For more", "doc_id": "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4", "embedding": null, "doc_hash": "0ab87164061d34a99b14f42ddc359248b4e5dbb2f62ea727b32ad125d91b158b", "extra_info": null, "node_info": {"start": 213384, "end": 217309, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "885f2991-1d81-459e-97c2-c2654ff84e24", "3": "4471364f-327d-492d-b746-8f962831fd94"}}, "__type__": "1"}, "4471364f-327d-492d-b746-8f962831fd94": {"__data__": {"text": "and ability to read any log format known to man just makes it that much better. For more advanced and dedicated users, scripting is also available in power shell or python., Not sure there is much to dislike, maybe cost?\nEnterprise, G2.com, \nVerified User , nan, 4.0, Best tool to analyze the application logs., Need easier and intuitive way to dashboard.\nEnterprise, G2.com, \nVerified User , nan, 4.0, It's extremely fast, and reasonably easy to use. Dashboards can be setup to work in realtime, which is fantastic for tracking live events.\n\nResponsive service and generally updates were good., It's not quite fully fledged as a database tool, or our version wasn't anyway. Sub-searches had a 10k limit, so that was occasionally a problem.\nEnterprise, G2.com, \nVerified User, nan, 3.5, Quick although it goes thru a ton of data. Once logs are pulled the info is easy to read and the query run is easily adjusted using the settings on the side., Hard to learn! So hard! I understand that businesses are different but man, I could have used a tutorial on even the basics!\nEnterprise, G2.com, \nVerified User, nan, 5.0, Incredibly powerful, can handle the entirety of a large scale online business data indexing. Can dive into just about any error type and logs to debug whats going on in the business. Good looking dashboards to track statistics, admittedly underutilized., Requires nearly a specialty in the program itself, while it can do just about anything log and data related, it needs classes and instruction to be fully utilized. The query language can be a bit overbearing and needs a bit of time to get used to it. Doesn't get its full potential realized until expertise is obtained.\nEnterprise, G2.com, \nAmel B., Cloud Expert, 4.0, The search query that uses wildcards , filters and time sorting, The fact that you can't extract the full stack trace , or view the log file containing the error at the exact timestamp\nEnterprise, G2.com, \nVerified User, nan, 4.0, The quality of data that stores within splunk and can be searched in so many different ways. It's the only way we can take very granular customer data and pull it to analyze., Not user-friendly if you're non technical. You have to learn how to operate Splunk in the way it reads and that's not intuitive at first.\nEnterprise, G2.com, \nVerified User, nan, 4.0, Its so intuitive and you can search based on so many different criterion, like request ID, hostname etc., Haven't explored it in that much depth that I would dislike anything about it.\nEnterprise, G2.com, \nVadym M., Senior Drupal Developer\n, 4.5, Easy to find anything in your logs! Very nice UI., Takes some time to understand how to query logs. There are many integrations with Splunk, but in one case we needed to write own script.\nEnterprise, G2.com, \nAmeya K., Principal Programmer/Analyst (Big-Data), 4.5, easy to debug the real-time data being logged, high-cost for larger data volume to be indexed in the splunk engine.\nEnterprise, G2.com, \nSalman Q., nan, 5.0, The beautiful charts of your performance , logs or data. Perfectly indexed logs. While i say Perfectly indexed it means you can search any thing out of big data quite easily. For me that is the real power of Splunk., I hate its query interface. Its as powerful as advertised but not very easy to use.\nEnterprise, G2.com, \nVerified User, nan, 2.0, can be used to pull up statistics regarding network nodes, its not user-friendly and needs some training to navigate\n\nuser needs to learn database/sql kind-a search methods to search on the product\n\nsometimes can be frustrating\nEnterprise, G2.com, Collette K., Cyber Security Forensic Lead, 3.5, Easy to create dashboard, alerts, emails of alerts, Ease of importing data, naming of indexes, sources, per log source\nEnterprise,", "doc_id": "4471364f-327d-492d-b746-8f962831fd94", "embedding": null, "doc_hash": "05e06dcdc962b20842f2655802969b1ebee6f7e1840a8e632f27843d44ea2ede", "extra_info": null, "node_info": {"start": 217289, "end": 221064, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4", "3": "2040909c-b801-4465-a844-89283f6f469f"}}, "__type__": "1"}, "2040909c-b801-4465-a844-89283f6f469f": {"__data__": {"text": "importing data, naming of indexes, sources, per log source\nEnterprise, G2.com, \nVerified User, nan, 5.0, Splunk is a great product. We have a enterprise license and have been using it from 4 years. Splunk has a great and easy to use user interface. We were able to build many dashboards which give lot of useful information. No need to login to various backend nodes to retrieve logs which are not in a readable format.Using splunk we can access any logging info regardless of which machine that data is stored in. We were able to identify many bugs and issues in our code before our clients saw it and many times before the code is delivered to clients., I do not have any major complaints about splunk.\nEnterprise, G2.com, \nVerified User , nan, 4.5, I do not have any major complaints about splunk., I do not have any major complaints about splunk.\nEnterprise, G2.com, \nVerified User , nan, 2.5, Makes it easy to identify trends within your environment. Once everything is aggregated it makes it easy for example, to see the knock on events of a network outage throughout the environment., Web user interface is a bit clunky. Its very polished interface, but in many cases it's style over substance. When I'm debugging an issue I want to be able to drill down into the problem fast, and the shiny interface can be sluggish and slow you down.h\nEnterprise, G2.com, \nDeborah D., Software Engineer 1, 5.0, I like splunk because it provides a searchable and well indexed storage of application logs, which is what we primarily use to debug production issues. Apart from this, there are several features I love: creating real time alerts in the case of erroneous behaviour, creating dashboards to monitor the release of a new feature, extracting csvs from a set of relevant log events. All this and more is much of what keeps our business running, I think that the error messages on unsuccessful jobs are too detailed for a user. If a job times out, it gives you a message which is a little difficult to understand\nEnterprise, G2.com, \nNoam B., Co-Founder, Server Architect, 3.0, I like the ability to create charts & alerts. Searching logs works nicely and you can find what you are looking for, assuming that you wrote your logs in a key-value manner which splunk can index efficiently., I dislike the query language. I never found it intuitive. I felt it is reinventing the wheel, in a bad way. Also it is far from realtime when there is a lot of data. We have got to as much as 30 minutes delay in seeing the service is having a major problem.\nEnterprise, G2.com, \nVerified User , nan, 2.5, The well designed Dashboards as well as the slick Web UI., It's more geared towards Sysadmins needs rather than being a more generic tool, for example, able to compete in the Web Analytics space.\nEnterprise, G2.com, \nMaurizio M., IT Manager, Database Department\n, 3.5, It's fast, and that it's impressive the first time you use it on your application (or other) log files. It's cool because with just few click You can search trough your \"big data\" log files, but you can also create some reports or dashboards to see what you have to analyse. Pattern and statistics are also cool and useful. You can also zoom on a selected area to go in deep and to do a better analysis on data., We've had some problems the first time to make it work, but when You understand his \"philosophy\" everything is smooth and works. It has a cost - of course - but the product - i think - deserves.\nEnterprise, G2.com, \nVerified User , nan, 4.0, Ease of use. Help documentation . Online resources., Has a bit of a learning curve. Limited number of experts available in the market.\nEnterprise, G2.com, \nVerified User , nan, 3.5, It is useful to have a tool available that is for searching through logs. This makes finding errors in different environments including production or qa environments more streamlined and easier to track., The UI of splunk is not great. The indication that a", "doc_id": "2040909c-b801-4465-a844-89283f6f469f", "embedding": null, "doc_hash": "7395ee02e1b6ac97ee419bb3bd334738f7f6b56968bb3d8990853695278629a1", "extra_info": null, "node_info": {"start": 221074, "end": 225028, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "4471364f-327d-492d-b746-8f962831fd94", "3": "4e6ed601-46ca-40c7-845d-fff5d9f17da9"}}, "__type__": "1"}, "4e6ed601-46ca-40c7-845d-fff5d9f17da9": {"__data__": {"text": "and easier to track., The UI of splunk is not great. The indication that a search is searching is not super obvious. It took me a while to notice the very thin blur status bar. And learning to search with splunk takes reading the tutorials and playing around because it is not very intuitive.\nEnterprise, G2.com, \nBharadwaj (Brad) C., Director Of Engineering/Head of Reliability Engineering, 3.5, migrated to splunk within the last year from an internal inbuilt tool (don't know who made the decision to switch because i personally loved the internal one). It is definitely simple to use and a great way to look for logs for any production issues. The mobile support is a great way to keep up. Lets you customize the search strings that you specifically need and if you are developer, its a great way to pin-point to the exact trace., Quite Expensive; would prefer to have more customization especially with regard to date format. Need better dashboard facilities that can provide diverse reporting/analytics. Learning curve.\nEnterprise, G2.com, \nCliff R., Senior Software Engineer, 4.5, The integration tools made it very easy to consume log files and track performance as well as order throughput. It made some unwieldy data very manageable with reporting, tracking and internal algorithms to track order closure as well as system to system performance., Once you see it work, there is not much to dislike\nEnterprise, G2.com, \nChristian Nahuel P., Software Engineer, 5.0, Splunk is a great tool to monitor apps performance. It has really accurate information, simple and clear dashboards and it is pretty easy to use. Furthermore, it has a really good dashboard for errors with an spectacular stacktrace tool that allows you to symbolicate code., In Mint Splunk you can not customise the metrics. For example, if you are checking popular OS for an App you can only retrieve five results. The same happens with popular App versions or most used devices.\nEnterprise, G2.com, \nVerified User, nan, 3.5, It is quite fast, programmable with python easy to use. It takes only 40 50 min to draw really complicated graphs with it, IT is quite expensive comparing with elk stack and their business model is really weak. The second most important think is that they do not have data tables to represent information filter by fields etc.\nEnterprise, G2.com, \nHaibo Y., Senior Software Engineer, 4.0, Every time when we have production issues, the 1st thing is to open the splunk and check the error messages.\n\nThe other feature is also nice: keep tracking the production environment health status periodically. We did find some potential issues which our client did not report and fix them before our clients finding., The way of displaying the error log sometimes take time to scroll it when opening the item.\nEnterprise, G2.com, \nVerified User, nan, 3.5, search bar and query language\n\n* integrations / add ons\n\n* source code access to splunk enterprise\n\n* source code access to any splunk app, no real good support or process for app development and publishing\n\n* app development is kind of weird and difficult\n\n* really hard to debug configs and/or searches\n\n* splunk doesn't have a solid identity anymore\n\n* overly sales-heavy organisation; hard to find someone to actually help you\n\n* documentation is written in a vacuum mostly, especially in respect to how to run / size it\n\n* big learning curve for users slows adoption\n\n* crap 2FA / SAML / enterprise auth support\n\n* no publicly visible bug or feature request database\nEnterprise, G2.com, Verified User, nan, 2.0, The potential of Splunk is great. A large store of additional plugins., We had some major issues with Splunk cloud and their indexing specifically of objects stored in AWS S3. Support was slow and not very useful. At one point Splunk Cloud introduced a bug that broke all of our logs inputs and it took over a month for them to fix the issue.\n\nThough the potential for Splunk was great on Splunk cloud we couldn't use 90+% of the addon apps and we had constant issues.\nEnterprise, G2.com, \nVerified User, nan, 4.0, easy to", "doc_id": "4e6ed601-46ca-40c7-845d-fff5d9f17da9", "embedding": null, "doc_hash": "7e0ae48d4498646f07805376f4d99914de7f7a5b001609e6321a4913ea21eb12", "extra_info": null, "node_info": {"start": 225031, "end": 229117, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "2040909c-b801-4465-a844-89283f6f469f", "3": "83d4630e-f291-4ba1-b3d2-d3a21d27ab71"}}, "__type__": "1"}, "83d4630e-f291-4ba1-b3d2-d3a21d27ab71": {"__data__": {"text": "G2.com, \nVerified User, nan, 4.0, easy to configure, fast performance. One place to monitor all logs., No in-built statistical/predictive analytics tools\nEnterprise, G2.com, \nRohit V., Senior Software Engineer\n, 3.5, System setup is simple and there is good support for this product. Very easy to analyze data. and create dashboards. Queries execute instantaneously, and the result updates dynamically based on the incoming real time data.\n\nThere are many plugins available (free and paid), which can provide additional insights to data. I like using the Google Maps plugin and WebGL Globe visualization, and I recommend to use that in case the data contains the physical location (latitude and longitude)., It is expensive for commercial use. One needs to be conversant with Unix style commands for using Splunk.\nEnterprise, G2.com, \nArtem G., Staff Software Engineer, 5.0, The fact that it is possible to search on Splunk;\n\nYou don't have to access your actual servers to see logs;\n\nThere are enormous search and reporting capabilities;, It might require certain format to work properly with dates;\n\nDoes not support multiline log entries very well.", "doc_id": "83d4630e-f291-4ba1-b3d2-d3a21d27ab71", "embedding": null, "doc_hash": "67751af0107663ba5da25f31bb43ab3eea9794a85b74ae9a50276cf29f05e834", "extra_info": null, "node_info": {"start": 229136, "end": 230287, "_node_type": "1"}, "relationships": {"1": "755fceaa-f8be-4e0c-82f7-36d891f3a257", "2": "4e6ed601-46ca-40c7-845d-fff5d9f17da9"}}, "__type__": "1"}}, "docstore/ref_doc_info": {"755fceaa-f8be-4e0c-82f7-36d891f3a257": {"doc_ids": ["9edd272d-05a9-4bfb-afb5-924aa610c40d", "1b8e8357-b0b8-4c29-a0c1-2224ede28488", "e2cbe48e-ab64-4f6f-9c4d-834c8beb2df2", "81444380-7cb4-4706-8f08-02dc8ef9d443", "e87beadb-a87a-4450-b26e-6bc11fec887a", "f156331b-003f-4068-b430-81ea09cd3acb", "8aa627a8-d6cd-4c5d-bd90-eb2ebad5359e", "e0807126-e648-46de-b5c2-910e4e173d82", "8a4c4d19-0a4b-4938-81ef-11a4d2a82f3e", "5753c053-763a-41fc-881d-6bf57c1d7753", "5f2c5dca-49fb-4725-ae3e-4c1951067bdd", "10e4af3c-d44a-4aff-a0dc-63907a78a16d", "d9212f2b-877e-42b3-bc44-cf84c73b8311", "5a34023f-6c80-4bc8-a9da-f80343581e69", "7b2071b1-da20-49e8-a91e-a277a4a90d15", "02544d89-afa8-46c7-b46f-ef0dcefed681", "4e1099db-41c7-43c0-836f-0d8da4edc74e", "f1a0779e-905c-4c66-9f14-c1fd473f6115", "f8613859-5e96-4bcd-882f-aa600feab1ff", "ea47314c-19e1-4116-ac9a-9b436f91fd74", "652073e8-08c5-49cc-bbc4-ca70d326cd91", "5bd4e401-4e7b-4124-bba6-800f7b04c425", "5b9c6817-960a-4fbb-ada8-c91eaea375f9", "94bd416e-81de-4df9-9af5-eeec685ecf1c", "3b28057a-a366-494d-86cb-fb4ec55da5c2", "84838ed9-c928-4a9e-acd8-8641b036fa23", "bc7a6092-63e8-4c2a-8f18-563f5472822b", "922bc878-0201-49ea-b751-5b4fde16bb6d", "5f6282df-c993-4ad6-ab4e-cc53ae5c1557", "0294ad83-fd66-4219-9f09-778575cf809c", "abb2f36a-947c-41fa-85ef-2275497140fe", "905ad1ac-118c-467b-8a79-3df2be677e83", "bee4eada-eeec-40eb-bda2-271f40acfaba", "8ccaa11a-a6f6-4e1d-ac0a-8591143a2432", "37038a26-361a-4824-b412-45da3a50aa13", "63f92bda-3680-476a-89b7-240dad4835c4", "f565e74a-3b4b-425b-98ec-027ab439c3d9", "d3a7ae68-5174-4258-8292-0a9451e8b916", "07ac6a79-985c-411a-b6c6-5801e689afcf", "802e9005-13d7-4173-bc27-09ab95ea375a", "e9416f76-31dd-45d1-88e8-dbefa2b7a04a", "d8b2233a-0cbd-4e1e-8f13-144507e0ba90", "df2706de-7a67-4837-9162-5b9e36d1a8ed", "343f4d90-69d0-4aed-87d9-6c7896f18cdf", "55c04431-65ee-4d04-ad9d-e26261ad8eed", "9dfaab70-7d70-4e42-86f2-a3c2d961207c", "fb76762e-5f96-4e30-b458-26837b628208", "806ac9c6-f9f4-4b6a-ac29-457e0f5cf879", "da25c223-a805-482a-bb28-b3862f33b028", "ecb9caf5-ef92-4595-affa-0b60ab364b41", "22b17438-5a36-49c6-9fe5-1e599edb22be", "062c1b51-1d17-41d4-864d-786a1007ab0e", "885f2991-1d81-459e-97c2-c2654ff84e24", "8f63b22d-fc3f-4988-9c9e-fd21d1915eb4", "4471364f-327d-492d-b746-8f962831fd94", "2040909c-b801-4465-a844-89283f6f469f", "4e6ed601-46ca-40c7-845d-fff5d9f17da9", "83d4630e-f291-4ba1-b3d2-d3a21d27ab71"], "extra_info": {}}}}
\ No newline at end of file