Agreed, anyone who has touched PCI DSS would agree you need to associate access with a human user. This would not work. If you look at the security logs it won't differentiate between which keys were used for that generic account.
As a guy who used to resell Splunk, it offers a lot more in comparison to it's open source alternatives. Being data agnostic with decent log compression, with an extremely rich searching syntax, some very good (HTML 5) reporting dashboards, decent reporting and a verbose API make it very attractive for users (companies) who have compliance requirements or require some form of performance monitoring. (I know it's a mega sentence)
I have since left working with Splunk directly but I would still advocate its use because it's one of the better commercial (albeit expensive) log management/SIEM products around.