No more typing reviews! Try our Samantha, our new voice AI agent.
Splunk Enterprise Security Logo

Splunk Enterprise Security pros and cons

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk Enterprise Security reduces security operations center overhead with strong log management and risk-based alerting for better threat detection. It enhances resilience by centralizing security data and providing network visibility, aiding in threat analysis. Despite powerful capabilities, the solution has high licensing costs, making it ideal for larger enterprises. However, it faces challenges in search performance, complexity in setup, and lacking technical support, with customization of features posing difficulties for users.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk Enterprise Security significantly reduces security operations center overhead while offering seamless integration with existing tools.
It provides powerful log management capabilities, enabling efficient handling and retention over extended periods.
The platform supports risk-based alerting, improving alert prioritization and filtering out noise for better threat detection.
Splunk Enterprise Security enhances business resilience by centralizing security data, facilitating faster incident detection and resolution.
Its search and data aggregation capabilities offer comprehensive visibility across network environments, aiding in swift threat analysis and response.

CONS

Licensing costs for Splunk Enterprise Security are significantly high, making it more suitable for large enterprises.
Search performance can be slow, especially when handling large volumes of data.
The initial setup and configuration processes are often complex and require expert assistance.
Technical support services are lacking and often slow to resolve issues.
Customization of features, such as writing queries and handling correlations, poses challenges for users.
 

Splunk Enterprise Security Pros review quotes

Sathis-Kumar - PeerSpot reviewer
Sathis-Kumar
Senior Manager at Bank of America
Nov 13, 2025
The integration and plugin availability are nice, and the AI module is also great.
Read full review
reviewer2136243 - PeerSpot reviewer
reviewer2136243
Risk Advisory Cyber Cloud Analyst at a consultancy with 1,001-5,000 employees
Nov 14, 2025
The query functionality is very easy to use and fast to retrieve logs in comparison to other SIEM solutions.
Read full review
Kyle Vernham - PeerSpot reviewer
Kyle Vernham
Threat Analyst at a manufacturing company with 10,001+ employees
Sep 9, 2025
When it comes to leveraging Splunk Enterprise Security's dashboards and visualizations to communicate security posture to executives, it's pretty straightforward for any type of information.
Read full review
Buyer's Guide
Splunk Enterprise Security
May 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
900,747 professionals have used our research since 2012.
Venu Yenuganti - PeerSpot reviewer
Venu Yenuganti
Manager, Cyber Threat Management at a retailer with 10,001+ employees
Nov 26, 2025
Splunk Enterprise Security definitely improved our operations.
Read full review
Himanshu Vasoya - PeerSpot reviewer
Himanshu Vasoya
Observability Engineer at Data Elicit Solutions Pvt. Ltd.
Apr 9, 2026
What I like the most about Splunk Enterprise Security is the flexibility and customization it offers, as you can create dashboards, write custom SPL queries, and design detections exactly as per your environment while leveraging strong correlation capabilities and visualizing everything in a single place, which makes analysis easier and far better than other solutions.
Read full review
Krishnakumar Mahadevan - PeerSpot reviewer
Krishnakumar Mahadevan
EA & CISO at a non-tech company with 10,001+ employees
May 29, 2026
Bundling the solution in a single umbrella is the strongest point.
Read full review
MatthewSnyder - PeerSpot reviewer
MatthewSnyder
Principal Engineer at Aviatrix
Sep 9, 2025
While it might be an initial upfront investment on data onboarding, it's going to be something that makes your life incredibly easy once you get beyond that point.
Read full review
Clay Matt - PeerSpot reviewer
Clay Matt
Dir Of Global Cyber Security Ops at a manufacturing company with 10,001+ employees
Sep 10, 2025
I would assess the stability and reliability of Splunk Enterprise Security as typically very good, with minimal downtime or crashes.
Read full review
Andry Casares - PeerSpot reviewer
Andry Casares
Security Engineer at a financial services firm with 5,001-10,000 employees
Sep 9, 2025
My security ops team takes around 30 minutes to one hour to remediate security incidents with Splunk Enterprise Security compared to a previous solution.
Read full review
Chetankumar Savalagimath - PeerSpot reviewer
Chetankumar Savalagimath
Delivery Manager at a tech services company with 1,001-5,000 employees
Feb 20, 2026
We are satisfied with Splunk Enterprise Security, and it comes with a wide number of out-of-the-box applications which do help us to fix the problems.
Read full review
Show 10 more reviews (out of 379)
 

Splunk Enterprise Security Cons review quotes

Sathis-Kumar - PeerSpot reviewer
Sathis-Kumar
Senior Manager at Bank of America
Nov 13, 2025
We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy.
Read full review
reviewer2136243 - PeerSpot reviewer
reviewer2136243
Risk Advisory Cyber Cloud Analyst at a consultancy with 1,001-5,000 employees
Nov 14, 2025
The user interface is the main area for improvement.
Read full review
Kyle Vernham - PeerSpot reviewer
Kyle Vernham
Threat Analyst at a manufacturing company with 10,001+ employees
Sep 9, 2025
One main change I would suggest is related to the incident board: when an incident is resolved, it should not appear on the incident board. It's just a rare occurrence that we open up the incident.
Read full review
Buyer's Guide
Splunk Enterprise Security
May 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
DOWNLOAD NOW
900,747 professionals have used our research since 2012.
Venu Yenuganti - PeerSpot reviewer
Venu Yenuganti
Manager, Cyber Threat Management at a retailer with 10,001+ employees
Nov 26, 2025
Pricing is certainly an area that could use improvement. While some vendors may offer lower prices, the value we receive here truly sets this solution apart.
Read full review
Himanshu Vasoya - PeerSpot reviewer
Himanshu Vasoya
Observability Engineer at Data Elicit Solutions Pvt. Ltd.
Apr 9, 2026
Regarding pricing, Splunk Enterprise Security is on the higher side in terms of cost. It is more suitable for enterprises that can fully utilize its capabilities, and smaller organizations might find it expensive, especially when dealing with large volumes of data and licensing models.
Read full review
Krishnakumar Mahadevan - PeerSpot reviewer
Krishnakumar Mahadevan
EA & CISO at a non-tech company with 10,001+ employees
May 29, 2026
The setup and configuration process is very complex and tedious, and we often need to speak with support people.
Read full review
MatthewSnyder - PeerSpot reviewer
MatthewSnyder
Principal Engineer at Aviatrix
Sep 9, 2025
When deploying Enterprise Security, the biggest challenge or the most amount of work that you're going to spend time on is onboarding your data and getting it into a position that allows you to search it uniformly. So applying things like the common information model is the biggest time investment that you'll have in the deployment.
Read full review
Clay Matt - PeerSpot reviewer
Clay Matt
Dir Of Global Cyber Security Ops at a manufacturing company with 10,001+ employees
Sep 10, 2025
I find the process for customizing, developing, testing, deploying, and refining detections in Splunk Enterprise Security to be cumbersome.
Read full review
Andry Casares - PeerSpot reviewer
Andry Casares
Security Engineer at a financial services firm with 5,001-10,000 employees
Sep 9, 2025
We're planning to incorporate UBA and SOAR. It would be good to have everything in one place.
Read full review
Chetankumar Savalagimath - PeerSpot reviewer
Chetankumar Savalagimath
Delivery Manager at a tech services company with 1,001-5,000 employees
Feb 20, 2026
However, for smaller organizations, the deployment and management can be expensive, leading them to choose other SIEM tools.
Read full review
Show 10 more reviews (out of 379)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
IBM Turbonomic vs Splunk Enterprise Security Logo
IBM Turbonomic vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
WhatsUp Gold vs Splunk Enterprise Security Logo
WhatsUp Gold vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
LogRhythm SIEM vs Splunk Enterprise Security Logo
LogRhythm SIEM vs Splunk Enterprise Security
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
IBM Turbonomic vs Splunk Enterprise Security Logo
IBM Turbonomic vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
WhatsUp Gold vs Splunk Enterprise Security Logo
WhatsUp Gold vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
LogRhythm SIEM vs Splunk Enterprise Security Logo
LogRhythm SIEM vs Splunk Enterprise Security
See all alternatives
Related questions
  • 164
Which would you recommend to your boss, IBM QRadar or Splunk?
  • 62
What are some of the best features and use-cases of Splunk?
  • 181
What SOC product do you recommend?
  • 127
Splunk as an Enterprise Class monitoring solution -- thoughts?
  • 350
What is the biggest difference between Dynatrace and Splunk?
  • 154
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 71
What are the advantages of ELK over Splunk?
  • 148
How does Splunk compare with Azure Monitor?
  • 71
New risk scoring framework in the Splunk App for Enterprise Security -- thoughts?
  • 121
Splunk vs. Elastic Stack