Splunk Enterprise Security Reviews

We primarily use the solution for security and operations monitoring.

Gives full visibility on operational and security posture in our organization. Integrations is straightforward and effective.

The log aggregation is great.

The solution offers good data analytics.

The dashboards are very helpful.

The initial setup is simple and straightforward. 

The solution is low-maintenance.

It's a stable product.

We have found that the solution scales well. 

The TERM licensing model is still not very useful. It's not helping us. They used to have a perpetual licensing model. Now Splunk is offering annual term/subscription only. That's costly and it's more expensive and it's putting some burden on us.

Technical support needs to be more responsive. 

We would like to see more AI. Through AI, artificial intelligence, not machine learning only. We want to see more AI-enabled kinds of functionalities just to reduce dependencies on manual interventions. We do that, however, automation and artificial intelligence-based kind of automation we would really like to see.

I've been using the solution for six years. I've used it for a while at this point. 

It's not high maintenance. There are software or upgrade releases every now and then, however, in general, the product is very stable. There are no bugs or glitches. It doesn't crash or freeze. 

We have 17 people that are using the solution currently. 

It's very easy to scale the product if you need to.

We use technical support every now and then. The response times are not very good. This is the thing that I would need to see improvement on and probably in that area only. They are that good when they started handling cases, however, they take too much time to respond to customer requests.

We did not use anything else on the production scale. Our first experience was with Splunk.

The solution is straightforward and simple to set up. It's not complex at all.

We handled the process internally. We did not need the assistance of any integrators or consultants. 

Filter the noise out.

Yes all the other competitors, Splunk by far is the best.

We're a partner and a customer. 

I'm using the latest version of the solution. 

I would highly recommend the solution. It's the best product out there. It's definitely easy to set up. The use cases are multiple. It's not restrictive in terms of the efficiency of the platform. Just make sure that you have enough resources or good counsel from people who can help with the use cases. If you do the sky would be the limit. It is a good solution.

I'd rate the solution at a ten out of ten.

Splunk is our central locale for cybersecurity and protection.

Once we onboarded all of the required needs, it created a lot of visibility for us.

It is quite extensible. It is a platform that we can build our use of each case instead of each case being limited or restricted to each capability. This is probably the best feature.

I would like to see future development in terms of ML (Machine Learning). 

It is a stable product.

It can be scaled quite easily in comparison to other products on the market.

The tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets.

I was not involved with the initial setup.

The price could be improved.

• IT Ops
• Security
• Compliance

Many IT groups and non-IT groups use the product to gain insights into their environments.

Splunk has significantly helped with aggregation and correlation of critical logs. Not having to grep on each individual server has made everyone more efficient.

Search and Dashboarding: Allows us to quickly search for an error and plot the results on a chart.

DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down. 

I work with Splunk, as a contractor, so I use it in many different areas. Most often it is used to get performance insights on applications or servers. Recently, I have used it in more of an endpoint security mindset. 

My whole organization is built around Splunk. We provide Splunk PS to many different companies. If Splunk did not have such a good presence, we could not exist.

The best features would have to be the ability to ingest any data and display it in a way that anyone can understand.

It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away.

We use Splunk for both monitoring and SIEM. Our security operations group uses Splunk to track user accounts which may have been compromised as well as follow those accounts through the organization.

Splunk has give us the capability to easily track problems and their status. Our security operations team has been able to use it to track where people login and what they do on those machines.

Personally, I like the capability of removing sensitive data before it goes into Splunk. I also like the ease with which dashboards can be created.

I like Splunk. The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it.

We work with Splunk. We use it for our own services, and we also integrate and resell Splunk. It is used for cyber security. 

Different clients have different versions. They have Splunk Cloud and Splunk on-premises with different versions.

It is very easy to use and integrate. There are connectors for every technology.

The UI can be improved. Dashboards and reports can be better in terms of graphics.

We have been using this solution for a few years. In 2016, we became a Splunk partner.

It is very stable.

Its scalability is very good. We work with this platform for our own services. We use Splunk extensively, and we also offer it to our clients. We plan to increase its usage.

Our company has three offices. We have offices in Spain, Columbia, and Mexico. We have around 100 people, and about 50 people are working with Splunk. They all are focused on cyber security. They are security engineers or security specialists.

I don't know about their support. I don't work with it much. On an activity level, I'm not so close to the platform. I'm the country manager, so I am a bit far from the operation.

We tried to work with Exabeam for user behavior analytics, but we stopped it.

Its setup is very easy, but we have been working with Splunk for a lot of years. We have all the certifications in Splunk, and we are a specialist in Splunk. So, for us, it is very easy to set it up and integrate it, but it might not be easy for other companies.

Splunk is a very good platform for analytics and cybersecurity. We use it very extensively. It is very easy to use, and it is very stable and scalable.

I would rate it a nine out of 10.

We are a solution provider and Splunk is one of the products that we distribute.

The primary use case is for SIEM and we have approximately 35 customers.

The fact that Splunk is a platform and not just a SIEM solution is a key benefit.

Our customers like that they can use Splunk to optimize their security.

The Splunk licensing model should be more flexible.

The support that is included with the standard licensing fee is very bad.

We have been working with Splunk since 2017.

Stability-wise, it's perfect. We haven't had any problem with Splunk. It's good software.

One of the key benefits and differences with this software is that the customer can scale up as much as they need to. Our largest Splunk customer is using between three and four petabytes of data per day.

If you don't pay extra for technical support then it is very bad. If you pay extra for it, then the technical support is normal.

I am familiar with other products and Splunk can handle much more data than IBM QRadar or any other competing product.

Direct competitors are more flexible when it comes to licensing.

We have not had any problems installing Splunk.

For a standard case, it takes between one and two weeks to install correctly and deploy. This is for situations where the client has less than 50 gigabytes of data per day.

Problems during the implementation are typically due to something on the customer's side. For example, if the client does not have somebody that is responsible for the deployment, helping to speed up the various procedures, then this is a key problem for us.

It takes two people to deploy and maintain.

Splunk is not a cheap solution and the license is billed annually. The licensing model should be improved and the price should be lower, in general.

You can purchase additional technical support, which is much better than the support that is included.

I would rate this solution an eight out of ten.

There are many use cases for Splunk, we commonly use it for log management and analytics.

The most valuable feature of Splunk is the management and built-in workflows.

The analytics of Splunk could be improved.

I have been using Splunk for approximately four years.

Splunk is a highly stable solution.

I have found Splunk to be scalable.

We have 15 members of our organization that use this solution.

We used to support a few times and our experience was good. 

I would rate the support from Splunk a four out of five.

I have previously used RSA and I prefer Splunk.

The implementation of slunk is not straightforward. It is of a moderate difficulty level.

We used an integrator to do the implementation.

There is an annual license required to use this solution.

I have evaluated other solutions, such as IBM QRadar.

This solution has good technology.

I rate Splunk an eight out of ten.