Conveniently (and expensively) provide a destination for log data streams and enable realtime ad-hoc querying against that data at scale, with time series features and a Unix shell pipeline-like query syntax. As the comments tell, though, you must tweak it to actually see performance. And, having seen its use in ecommerce with eg logged transaction details such as credit card numbers and other PII, the prospect of easily and loosely logging all the things is limited by data security and privacy concerns, with some practices a recipe for big-time breaches and lawsuits. Aand, per seat licensing is expensive, such that more often than not IME you have a Splunk guy/gal to whom you must address your data reporting needs, questioning any benefits that ad-hoc querying your logs may have.