Try our new research platform with insights from 80,000+ expert users
Splunk Enterprise Security Logo

Splunk Enterprise Security pros and cons

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk Enterprise Security excels in visibility, threat detection, and scalability, helping organizations monitor security data efficiently. While its integration capabilities enhance resilience and operational efficiency, users face challenges with its pricing model and steep learning curve. Concerns include inadequate technical support, slow response times, and non-intuitive incident management features. Despite these drawbacks, its support for diverse data sources remains a key asset for cybersecurity professionals aiming to strengthen threat response capabilities.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk Enterprise Security excels in visibility and threat detection, allowing organizations to monitor and analyze security data efficiently.
Risk-based alerting and correlation capabilities enhance organizational resilience, filtering noise and prioritizing significant alerts.
Seamless integration with existing security tools provides a comprehensive platform for data ingestion, analysis, and reporting.
The flexibility of its search capabilities and ability to manage diverse data sources is a significant asset for cybersecurity professionals.
Splunk Enterprise Security's scalability and support for a wide range of use cases contribute to improved operational efficiency and threat response capabilities.

CONS

Splunk Enterprise Security is expensive, with many users and potential customers expressing concern over its pricing model.
Technical support from Splunk Enterprise Security has been described as inadequate with slow response times and unresolved issues.
Users find the learning curve for Splunk Enterprise Security to be steep, making it challenging for new users to fully utilize its features.
Integration with third-party services has been highlighted as an area needing improvement within Splunk Enterprise Security.
The incident management features in Splunk Enterprise Security could be more intuitive and streamlined for better case management.
 

Splunk Enterprise Security Pros review quotes

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 3, 2015
Great log management capabilities with flexible and comprehensive search capabilities, scalable and easy to use.
Read full review
it_user174663 - PeerSpot reviewer
it_user174663
Systems/Applications Specialist with 201-500 employees
Feb 19, 2015
I'm not sure about the money but in saved time and a new kind of visibility for the system/business process this product has been revolutionary in the working environment.
Read full review
it_user313119 - PeerSpot reviewer
it_user313119
Integration Architect at a manufacturing company with 1,001-5,000 employees
Sep 21, 2015
What Splunk calls operational intelligence: fast availability of operational data spread across several servers to prevent or react faster to outages or performance decreases.
Read full review
Buyer's Guide
Splunk Enterprise Security
February 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The speed of the search engine
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The data representation options in the dashboards are excellent.
Read full review
it_user250131 - PeerSpot reviewer
it_user250131
Information Architect at a financial services firm with 5,001-10,000 employees
May 17, 2017
Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value.
Read full review
it_user635271 - PeerSpot reviewer
it_user635271
Foundation Technology Specialist at a insurance company with 1,001-5,000 employees
May 26, 2017
The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature.
Read full review
it_user575310 - PeerSpot reviewer
it_user575310
Engineer, Infrastructure Applications at a healthcare company with 1,001-5,000 employees
Jun 1, 2017
The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data.
Read full review
it_user399819 - PeerSpot reviewer
it_user399819
Security Architect at a energy/utilities company with 1,001-5,000 employees
Jun 4, 2017
Ease of correlation, creating correlation searches are easy and you can combine multiple sources with little effort
Read full review
it_user525171 - PeerSpot reviewer
it_user525171
Specialist Master, Cyber Risk at a tech vendor with 10,001+ employees
Jun 15, 2017
Splunk gives my clients the ability to bring multiple, disparate types of data together, then correlate and report on them.
Read full review
Show 10 more reviews (out of 345)
 

Splunk Enterprise Security Cons review quotes

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 3, 2015
Operational workflow, use case framework, and ticketing systems need improvement to make it suitable for SOC environments.
Read full review
it_user174663 - PeerSpot reviewer
it_user174663
Systems/Applications Specialist with 201-500 employees
Feb 19, 2015
It can be easier to setup and adding new sources which Splunk are improving with every new version.
Read full review
it_user313119 - PeerSpot reviewer
it_user313119
Integration Architect at a manufacturing company with 1,001-5,000 employees
Sep 21, 2015
I've ever used it, just studied it.
Read full review
Buyer's Guide
Splunk Enterprise Security
February 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that.
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc.
Read full review
it_user250131 - PeerSpot reviewer
it_user250131
Information Architect at a financial services firm with 5,001-10,000 employees
May 17, 2017
We usually have to follow up with technical support on our open cases.
Read full review
it_user635271 - PeerSpot reviewer
it_user635271
Foundation Technology Specialist at a insurance company with 1,001-5,000 employees
May 26, 2017
It is a challenge to manage the environment in such a way, that one’s log, even with the bandwidth license, isn’t exceeded.
Read full review
it_user575310 - PeerSpot reviewer
it_user575310
Engineer, Infrastructure Applications at a healthcare company with 1,001-5,000 employees
Jun 1, 2017
It requires a significant amount of relatively complex architecture once you push past the single server instance.
Read full review
it_user399819 - PeerSpot reviewer
it_user399819
Security Architect at a energy/utilities company with 1,001-5,000 employees
Jun 4, 2017
The GUI can be improved to include some of the capabilities that other BI solutions have.
Read full review
it_user525171 - PeerSpot reviewer
it_user525171
Specialist Master, Cyber Risk at a tech vendor with 10,001+ employees
Jun 15, 2017
The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating.
Read full review
Show 10 more reviews (out of 345)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
See all alternatives
Related questions
  • 76
Which would you recommend to your boss, IBM QRadar or Splunk?
  • 38
What are some of the best features and use-cases of Splunk?
  • 105
What SOC product do you recommend?
  • 47
Splunk as an Enterprise Class monitoring solution -- thoughts?
  • 539
What is the biggest difference between Dynatrace and Splunk?
  • 99
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 33
What are the advantages of ELK over Splunk?
  • 68
How does Splunk compare with Azure Monitor?
  • 23
New risk scoring framework in the Splunk App for Enterprise Security -- thoughts?
  • 45
Splunk vs. Elastic Stack