We just raised a $30M Series A: Read our story

Splunk Cloud OverviewUNIXBusinessApplication

Splunk Cloud is the #13 ranked solution in our list of Log Management Software. It is most often compared to Wazuh: Splunk Cloud vs Wazuh

What is Splunk Cloud?

Splunk Cloud is the industry’s only enterprise-ready cloud service for machine data, offering a 100% uptime SLA and standard plans from 5GB/day to 5TB/day. Watch this video to find out how you can accelerate time-to-value and stay focused on your core business using Splunk Cloud.

Splunk Cloud Buyer's Guide

Download the Splunk Cloud Buyer's Guide including reviews and more. Updated: September 2021

Splunk Cloud Customers
Mindtouch
Splunk Cloud Video

Pricing Advice

What users are saying about Splunk Cloud pricing:
  • "The pricing model makes this an expensive solution."
  • "The licensing is based on the amount of data that we send to the cloud on a daily basis."
  • "The price is something that people complain about."
  • "The licensing costs depend on the state of your environment and the fees are paid on a monthly basis."

Splunk Cloud Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SO
Sr BigData Infrastructure Architect at a hospitality company with 10,001+ employees
Real User
Top 5
Add oversight to your business with complete log reporting although it may strain your budget

Pros and Cons

  • "This is a complete log reporting tool."
  • "The log search capabilities are very good."
  • "The pricing model makes the product costly."
  • "The dashboards should be easier to customize."

What is our primary use case?

Splunk is an event log manager. We have reservation and event logging dashboards integrated from the data dock to Splunk and we have all the specific dashboards that we work with in Splunk for log management.  

How has it helped my organization?

We became pretty complete with our reporting using Splunk for all the log and event capabilities. I would rate this product as somewhere around seven or eight-out-of-ten for the logging capabilities and how that has added to the oversight of our business.  

What is most valuable?

The log event capabilities and the flexibility in the search engine for finding what we need in the logs are some of the more valuable features in this product.  

What needs improvement?

The pricing models should be improved and optimized. Right now, the pricing is a bit too expensive.  

One other thing you need is more ability to customize the dashboard to the way you want to have it. If you had a template that you could create and label inside of Splunk that would be good.  

One good thing that could be added to the AWS side of the solution is that you should have an OPS (Operation Alert) alert built into the dashboard that comes with Splunk. That would be very useful. For example, if you have a pre-defined template creator to fill in the information to forms that are loaded. That would be really beneficial.  

For how long have I used the solution?

I have been using Splunk Cloud for more than four years now, in total.  

What do I think about the stability of the solution?

We have not experienced or even heard much about bugs or other problems people are having with Splunk. It seems pretty stable.  

What do I think about the scalability of the solution?

Scalability is good, but the cost factor in scaling is really high. That is the reason why we are interested in working with products and solutions that will help us optimize our costs and may be looking into other solutions.  

We probably have something around a hundred users who work with Splunk. Mainly they are architects, enterprise architects, and data-link architects. We also have business analyst systems. We have not had a problem in changing or growing these roles.  

How are customer service and technical support?

I have not had direct experience with the Splunk technical support because I leave it to the other teams in our organization because I am not really in a position to use Splunk support.  

Which solution did I use previously and why did I switch?

I have only been working with Splunk for these past three years. I am not too much of an expert. I left my role as an officer in an organization in 2014, so from 2014 to 2017 I was not in touch with the advancements of products in the industry. But I was using other solutions prior to Splunk.  

How was the initial setup?

The setup and installation of the product are straightforward.  

What's my experience with pricing, setup cost, and licensing?

The pricing model makes this an expensive solution.  

What other advice do I have?

Advice-wise, I do not really have much to say to potential users considering the solution as something to apply as an end-user. My job role is data organization so it might not be appropriate for me to give these opinions. This seems to me to have more to do with system functionality. But from my side, I am good with the product.  

Interface-wise, I think the product is good.  

Security-wise, it is all approved from the CSOs (Chief Security Officer) perspective.  

Enhancement-wise, we have to put in a lot of effort. The end-users who are working with the solution should know SQL. If they lack training in SQL, there will not really be a use case for them.  

Whatever the use cases we had for Splunk, we were able to make it work.  

Cost optimization is the only thing that needs to be reconsidered.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product overall around seven, or somewhere between six to eight. Six to eight so make that around seven-out-of-ten.  

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SuchismitaPriyadarsini
CHRO at a computer software company with 5,001-10,000 employees
MSP
Top 10
Can be easily scaled and integrated with other solutions, but underscores in comparison with QRadar

Pros and Cons

  • "The solution is stable and reliable."
  • "The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."

What is our primary use case?

As there is no SIEM solution here at present, we are building it up through the assistance of a vendor. In the past I worked in the Splunk Cloud, which was seven-point something. With QRadar I worked on version 7.3. 

We use Splunk Cloud as a SIEM solution and to monitor traffic and the network for detection purposes. We can create use cases so that if the solution picks up on anything entering our organization, the malicious IP can be blocked. 

In respect of ones which are suspicious, based on the logs we pull from the data source, we can build the use cases accordingly and have our analysts work on these. 

What needs improvement?

In the several years I have worked with the solution, I have felt there to be a need for practice of queries and understanding. As with other areas needing practice, the more one learns and practices, the easier things become. 

While this is not terribly difficult, it is so when compared with QRadar. This holds true when we don't know the queries at all. Other than this, it is a great tool. 

The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson. The product should have add-ons. 

What do I think about the stability of the solution?

The solution is stable and reliable. 

What do I think about the scalability of the solution?

The solution is easy to scale, to add on and to integrate with other solutions. I am familiar with app integrations. Many solutions can be integrated with Splunk Cloud, such as CrowdStrike or Symantec. 

How are customer service and technical support?

The solution's response time is not that fast. The experience of some of my peers is that the vendors have actively offered help. By contrast, when I tried Splunk Cloud's technical support I did not receive a response. 

How was the initial setup?

We have not yet undertaken deployment. For the moment, we are on the EPS and discussing the proposed structure with the vendors. Our team is conducting talks with the vendors of QRadar. 

We are exploring multiple avenues in search of a one-SIEM solution. 

What's my experience with pricing, setup cost, and licensing?

I am not in a position to comment on the pricing. 

Which other solutions did I evaluate?

By comparison, I feel QRadar to be better than Splunk Cloud, since it comes with Watson. 

Another advantage is that QRadar works like a threat intelligence tool. It, also, does not require queries, which Splunk Cloud does. It is important that we have an understanding of the queries for the purpose of pulling the logs which we seek. I feel QRadar to be better than Splunk Cloud, as it does not require us to work on the queries. 

I have worked on Splunk Cloud in the past, as well as on QRadar. As there is no SIEM solution in my current organization, we have plans to build it up. This is an ongoing process. I have suggested QRadar to my team and others are considering Sentinel. 

What other advice do I have?

The solution is deployed on-cloud. 

I would recommend the solution to others since there are a couple of companies with many clients that are looking for Splunk Cloud, with which they are familiar. We must consider client demands when it comes to attracting projects. 

Even in India, most of the companies employ Splunk Cloud as the most prevalently used SIEM solution. Then comes QRadar, which is easier. So too, Splunk is less cost-effective than QRadar, although it is more in demand. There are a couple of companies with call centers that request Splunk Cloud. 

I rate Splunk Cloud as a seven out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Splunk Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
542,029 professionals have used our research since 2012.
AK
Cloud Architect at Sainsbury's Supermarkets Ltd
Real User
Top 5
Good documentation, nice dashboards, and customizable reporting capability

Pros and Cons

  • "We haven't had any limitations or problems connecting to our network devices."
  • "The training models can only be accessed for 30 days, even if it is paid training."

What is our primary use case?

This solution is very useful for our Infosec team that manages our enterprise-level security. It collects logs from all of our on-premises devices and servers for search and analysis. All of the logs are collected on-premises and then sent to Splunk Cloud for analysis. 

What is most valuable?

The reporting and dashboards are very good.

In terms of reporting, everything is customizable. You can write a query to have the reports and dashboards created for you, and it will be based on that data.

The documentation is pretty good.

Integration with products and devices works well. We haven't had any limitations or problems connecting to our network devices.

What needs improvement?

The training models can only be accessed for 30 days, even if it is paid training. This is a limitation that I feel should be lifted because if we are paying for it then we want to be able to continue to use it.

For how long have I used the solution?

I have been working with Splunk Cloud for a year and a half.

What do I think about the stability of the solution?

This solution is pretty stable. It is used on a daily basis and in the past year and a half, I haven't faced any issues.

What do I think about the scalability of the solution?

We have a team of 20 for our SOC operations who will be monitoring the results of Splunk Cloud.

How are customer service and technical support?

The support is pretty good. We are a premium customer so when we raise a ticket, they deal with it right away. Also, if it needs to be escalated then the account manager will get involved.

Which solution did I use previously and why did I switch?

We did not use another log management solution prior to this one.

How was the initial setup?

Splunk Cloud is pretty straightforward and easy to set up. It is a SaaS solution, so we don't have to do anything on our end.

What about the implementation team?

We are a team of six people who maintain our security solution.

What's my experience with pricing, setup cost, and licensing?

Compared to other products, Splunk Cloud is expensive.

The licensing is based on the amount of data that we send to the cloud on a daily basis. It is expensive, although it has more features than other SIEM tools.

What other advice do I have?

Overall, I find that Splunk is pretty good. It is a very mature product and I can see that compared to when I used to five years ago as an end-user, they have been improving in every way. The interface is something that has become more user-friendly over time. When there is something missing, it is handled by another product from the vendor. For example, if you need to add predictive analysis then you use Splunk Phantom.

There are many other SIEM tools on the market, such as IBM QRadar and ArcSight Logger. Splunk is comparatively more expensive but it has many features and good functionality. I definitely recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IL
Lead Developer, Solution Analyst at a university with 10,001+ employees
Real User
Top 5
A flexible and feature-rich product, but the documentation needs to be improved

Pros and Cons

  • "The most valuable feature for me is the flexibility of being able to send the log to the https endpoint."
  • "Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for."

What is our primary use case?

We have a public URL that allows anyone to authenticate for ADFS. This allows them to connect using Active Directory. 

What is most valuable?

The most valuable feature for me is the flexibility of being able to send the log to the https endpoint. I know that it is possible to export the logs, although it is easier for me to communicate with the endpoints concerning what I am interested in.

This is a feature-rich product.

What needs improvement?

Although there is documentation available, it is really hard for me to find relevant topics on what it is that I'm searching for. For example, when something goes wrong, I can spend hours trying to figure out the problem and have nothing to refer to. I find that it confuses me somewhat, so it is something that can be improved.

I feel that technical support can be improved because it is always done through the use of a support ticket, which is not very convenient.

Setting up and configuring integrations are not easy to do. 

For how long have I used the solution?

We implement this solution within the past year.

What do I think about the stability of the solution?

Splunk Cloud is quite stable. I do not remember having any issues with bugs or glitches.

What do I think about the scalability of the solution?

I would expect that the scalability is quite good, albeit expensive.

How are customer service and technical support?

Technical support is okay, although they are not as quick to respond as I believe they should be. I feel that some of the support processes are not very convenient.

How was the initial setup?

The initial setup is straightforward, although we still revisit it. We started several months ago and are still trying to set it up in a more structured way. Really, we are still in the deployment stage in some regards because we are struggling with exactly how it should be set up.

What about the implementation team?

We had some assistance from a consultant after the initial setup was completed. It worked well for simple uses, but now, we have some help in trying to configure it to meet our needs.

What's my experience with pricing, setup cost, and licensing?

The price is something that people complain about.

What other advice do I have?

My advice to anybody who is implementing Splunk Cloud is to dedicate the time and resources required to learn it and use it. Investigate the features.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
BR
Director - Corporate Infrastructure at a tech services company with 10,001+ employees
Consultant
Top 20
Meets our requirements from a cost and requirements perspective

Pros and Cons

  • "For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
  • "The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market."

What is our primary use case?

We use it for Log Management and also for another bit of management. It feeds data into Splunk and Splunk writes the rules and based on that, it will pick up incidents. 

It is good from a cost perspective, in terms of the cost of the data you're looking at. There is no cost barrier. 

What is most valuable?

For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective.

What needs improvement?

The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market. 

I did evaluate other products and installations. I can't compare it to Splunk. 

For how long have I used the solution?

I have been using Splunk Cloud for a year. 

What do I think about the scalability of the solution?

There are two people who are part of admin that use Splunk in my company. 

We have a policy where we have to keep the domain controllers on lock with sensitive servers for about 90 days. We look at the controls around once a week to check if they need to be attended to. 

How are customer service and technical support?

We initially contacted their support during the implementation. It was not for a very complex issue. It was more for a consultation. 

Their support is good. 

How was the initial setup?

I was new to Splunk and had a problem with understanding the forwarders and worker safety management.

My team was able to install it themselves. 

In terms of how long it took to deploy, between coding, testing, and other things, it took about four weeks to complete the project to complete the initial installation. Altogether it was four to five weeks. They should improve the customization. 

Which other solutions did I evaluate?

Splunk is a leader in its marker. 

Splunk offers more features than its competitors. Other solutions are not on the same level to be able to compare them. 

What other advice do I have?

I would rate Splunk a nine out of ten. 

The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Juha Strandman
Owner at a reseller with 1-10 employees
Reseller
Top 5
Quick to set up and the technical support is invaluable

Pros and Cons

  • "The most valuable feature of Splunk Cloud is the quick setup."
  • "The only thing that is missing from Splunk Cloud is the command-line interface."

What is our primary use case?

We are a Splunk reseller and Splunk Cloud is one of the main products that we work with.

Our customers implement this product for log management, application management, application testing, and process management. They also have it for customer service use cases.

What is most valuable?

The most valuable feature of Splunk Cloud is the quick setup.

What needs improvement?

The only thing that is missing compared with Splunk Enterprise is the ability to manually edit all config files. This task is easily handled with support tickets but sometimes is would be nice to experiment directly.

For how long have I used the solution?

I have been selling Splunk products for ten years.

What do I think about the stability of the solution?

We have not heard any complaints about stability. 

What do I think about the scalability of the solution?

Scalability with Splunk is the best because it scales to anything. Their promise to users is scalability and availability. Our customers range in size from very small companies to large ones.

How are customer service and technical support?

Over the past ten years that we have been selling Splunk products, they have been in constant contact for support. I would say that it is invaluable. They have great response time and great skills, and I couldn't compare it with any other software company.

How was the initial setup?

Installing Splunk Cloud, itself, is nothing. The length of time for the total deployment depends on how many log sources that you have. It can be completed in a matter of hours.

What about the implementation team?

Being a cloud-based product, Splunk does all of the maintenance. We don't have to do anything to maintain it.

What's my experience with pricing, setup cost, and licensing?

The licensing costs depend on the data ingest volume. If you weigh the costs and the benefits, the benefits are great and it is money well spent. 

What other advice do I have?

I feel that Splunk Cloud is good as it is. It is the best tool on the market.

My advice to anybody who is considering this solution is to start now and don't wait. Every day that you wait, you can be wasting time and money.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
SO
Founder at a marketing services firm with 11-50 employees
Real User
Top 5
User friendly and very extensive compared to similar tools

What is our primary use case?

My primary use case was trying to build a centralized log database and making some logs on my servers. I also use it to install tools in Splunk Forwarder. I'm a company founder.

What is most valuable?

Splunk is a very user-friendly tool and it's very extensive compared to other tools.

What needs improvement?

From my perspective, customization needs to be simplified and I'd like to see a reduction in the cost of the solution.

For how long have I used the solution?

What do I think about the stability of the solution?

It's stable, but if you try to customize it, it will take some time because there's a specific language behind Splunk. Thankfully they have a good community which is a big help.

What do I think about the scalability of the

What is our primary use case?

My primary use case was trying to build a centralized log database and making some logs on my servers. I also use it to install tools in Splunk Forwarder. I'm a company founder.

What is most valuable?

Splunk is a very user-friendly tool and it's very extensive compared to other tools.

What needs improvement?

From my perspective, customization needs to be simplified and I'd like to see a reduction in the cost of the solution.

For how long have I used the solution?


What do I think about the stability of the solution?

It's stable, but if you try to customize it, it will take some time because there's a specific language behind Splunk. Thankfully they have a good community which is a big help.

What do I think about the scalability of the solution?

The solution is scalable.

How was the initial setup?

The initial setup is very straightforward. 

What's my experience with pricing, setup cost, and licensing?


Licensing costs are paid annually and are quite expensive.

What other advice do I have?

I recommend this solution for any company that has the money to buy it and rate it eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate