Have been using big panda for sometime, it is highly customizable and has helped in reducing noise
What do you like best?
Have been using big panda for sometime, it is highly customizable and has helped in reducing alert noise, to a great extent. Interface is easier, environment creation is easy. Correlation has really helped administrators and team members to work only on actionable alerts. it is easy to identify flapping alerts and new change management integration helps in identifying alerts which are recurring over a small period of time.
What do you dislike?
Unfortunately tags and environment misconfiguration are not easily distinguishable during implementation and we get to know if they didn't work as intended, after some time. Need early detection. And best practices from big panda. Slack integrations do not have bidirectional communication, which makes it difficult to integrate with slack. Some customizations are missing, like having an incident number to the alert, reporting based on same.
Recommendations to others considering the product:
It is easier to configure, it can solve complex alert management. However you should always consult vendor for best practice regarding implementation, as it can really help.
What problems are you solving with the product? What benefits have you realized?
email based integrations, which can generate several thousand alerts per month, ended up creating 1000 alerts, which got correlated further and ended up as few 100 actionable incidents in bigpanda. something which was impossible to monitor with a small team, became easy to monitor. It is acting as a dashboard, no need to login to multiple tools, it save lot of time.
