- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Looking for insight - Any Splunk Engineers / Analysts on here?
Posted on 12/6/21 at 7:00 pm
Posted on 12/6/21 at 7:00 pm
Hey guys - As the title states, I'm curious if there are any Splunk Engineers / Analysts on here and what your take is in regards to working in the Splunk ecosystem.
I'm currently a Salesforce Administrator for my company and have been for the last 2 years and some change. My company recently created a new Data Observability team and the manager for said team has recently reached out to me inquiring about my interest in one of the future positions they're looking to fill. Admittedly I have very little knowledge regarding Splunk outside of the fact that it's a Data aggregator (among other things) for systems and hardware that allows companies to stay ahead of potential maintenance & security issues as well as use advanced analytics to make business decisions using big data.
Initially I told the manager that I likely wasn't interested in the position as I'm happy with my current role on our Salesforce team (although not necessarily happy with the team I'm apart of) .. That was until he showed me the pay scale for Splunk Engineers and who would be on the team that he's assembling. I'm already building out reports, dashboards, alerts, automated processes and flows within Salesforce and feel like this would translate well into the duties on the new team as I know those are big pieces of the role.
I'm not overly happy with the management and team dynamics on the team that I'm on right now and have been giving more thought to the idea of the Splunk role.
I'd appreciate any insight and details on your personal experiences with the system if anyone has any to share and whether or not you think this is a transition worth making. FWIW - I'm enrolled in a 40 hour block of training for Splunk and will be diving deeper into the ins and outs of the role and system over the next few months.
Thanks in advance
I'm currently a Salesforce Administrator for my company and have been for the last 2 years and some change. My company recently created a new Data Observability team and the manager for said team has recently reached out to me inquiring about my interest in one of the future positions they're looking to fill. Admittedly I have very little knowledge regarding Splunk outside of the fact that it's a Data aggregator (among other things) for systems and hardware that allows companies to stay ahead of potential maintenance & security issues as well as use advanced analytics to make business decisions using big data.
Initially I told the manager that I likely wasn't interested in the position as I'm happy with my current role on our Salesforce team (although not necessarily happy with the team I'm apart of) .. That was until he showed me the pay scale for Splunk Engineers and who would be on the team that he's assembling. I'm already building out reports, dashboards, alerts, automated processes and flows within Salesforce and feel like this would translate well into the duties on the new team as I know those are big pieces of the role.
I'm not overly happy with the management and team dynamics on the team that I'm on right now and have been giving more thought to the idea of the Splunk role.
I'd appreciate any insight and details on your personal experiences with the system if anyone has any to share and whether or not you think this is a transition worth making. FWIW - I'm enrolled in a 40 hour block of training for Splunk and will be diving deeper into the ins and outs of the role and system over the next few months.
Thanks in advance
This post was edited on 12/6/21 at 7:43 pm
1
Posted on 12/8/21 at 5:05 pm to TRUERockyTop
I work with Splunk (cloud) almost every day from a SIEM/log aggregation perspective. Probably 60% of our clients are subscribers, the rest use some other software package (e.g., Graylog, NetWitness) in an on-prem or cloud environment.
My opinion: Splunk is the best… but also the most expensive. If the client can afford it, I recommend Splunk since it is relatively easy to ship logs to, and has a ton of features. We also design dashboard overlays for Splunk that can be used to break the logs into manageable views - and have several teams devoted strictly to this offering.
If I were to replicate something similar on-prem (or in the cloud), I would need multiple applications (e.g., Syslog-NG for redundant collection, Cribl for de-dupe, and then a massive Graylog deployment for storage, analysis and review).
I said all of that to say, I don’t see Splunk going anywhere, anytime soon. The feature set alone is hard to match.
We are helping clients stand-up new Splunk instances regularly, and have a list of clients ready to make the jump from legacy on-prem applications. It’s usually a big job to switch SIEM’s in a production environment, so once a company makes the investment, we don’t normally hear of a company willing to entertain a shift.
My opinion: Splunk is the best… but also the most expensive. If the client can afford it, I recommend Splunk since it is relatively easy to ship logs to, and has a ton of features. We also design dashboard overlays for Splunk that can be used to break the logs into manageable views - and have several teams devoted strictly to this offering.
If I were to replicate something similar on-prem (or in the cloud), I would need multiple applications (e.g., Syslog-NG for redundant collection, Cribl for de-dupe, and then a massive Graylog deployment for storage, analysis and review).
I said all of that to say, I don’t see Splunk going anywhere, anytime soon. The feature set alone is hard to match.
We are helping clients stand-up new Splunk instances regularly, and have a list of clients ready to make the jump from legacy on-prem applications. It’s usually a big job to switch SIEM’s in a production environment, so once a company makes the investment, we don’t normally hear of a company willing to entertain a shift.
This post was edited on 12/8/21 at 5:06 pm
Posted on 12/10/21 at 3:53 pm to hollowpoint
Thank you for your feedback. Our company purchased it a few months back and seem to really be trying to squeeze everything out of it. Initially it was bought strictly for security purposes, but after realizing how powerful the platform is - we are going full steam ahead on the data visualization side of the house as well. I'm starting training next week and looking forward to what comes out of it. We'll see what the future holds
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News