Splunk Enterprise Security Reviews

I use this solution for data visualization.

The most valuable features of the solution are it is straightforward to use and the documentation is good for finding out how to get the data you are looking for.

The solution could improve by making it more business analysis oriented. The way it is now is designed more for developers.

I have been using Splunk for two weeks.

The solution is stable, I have not experienced any bugs or glitches.

The solution is scalable and it is a requirement of my company to have scalable solutions.

I have used previously Qlik Sense and Kibana.

I did the training with Slunk and once I had the training the installation was easy.

I have evaluated Tableau.

My advice to others is not to be intimidated by the solution and to give it a try. It will become easier over time.

I rate Splunk an eight out of ten.

They provide excellent predefined user cases.

This helps us in the footprinting of all the incidents.

When we deep dive into the events for the triggers, we have very little information in some instances.

I have used Splunk for two years.

We raised support cases.

Scalability is always a question for this product.

Response from technical support can be improved. There was always a delay and we had to chase them.

We didn’t have a previous solution.

I was not present during the initial setup.

Pricing and licensing are always high compared to other products in the market. Storage is very expensive as well.

It is a good product, but expensive.

I used it in the SOC environment to get logs, create dashboards, and filter out data.

The indexing and data collection are valuable. 

Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better.

Their sales support and tech support need improvement. Their support is really bad.

I used it for nearly one year in my previous organization. I last used it about seven months ago.

It is stable.

Its scalability is good.

Their sales support and tech support are really bad. They take really long to respond.

We were using AlienVault. We switched because we weren't really happy with it. So, we looked into different solutions, such as Splunk.

Its initial setup was okay.

We did it ourselves. We had around two people for deployment and maintenance, but we had around 15 users. They all were SOC people.

We had a yearly subscription.

I can recommend this solution to others. It is a great product. 

I would rate it an eight out of 10.

• Cybersecurity defense
• Web app monitoring
• VMware monitoring
  

• Troubleshooting
• Cyber defense
  

• Drill down
• Apps
• REST API
  
• Software development kits
• Architecture
• Replication capabilities
  

• Multi-tenancy support
• Improved user interface
• Non-proprietary search language
• Different licensing model

• Log monitoring and alerts
• Looking up information 
• Dashboards for nice, fast information about various application servers.

• It is easier to find problems and exceptions.
• It is used by any factor in the firm.
• Easy dashboards creation.
• The visibility is amazing.  

• Regex for fields creation is great.
• High availability
• Easy to use in any environment.

Make it easier to include roles and user controls, as it is horrible now.

Not even Splunk's support guy, who came to our firm, could help with defining proper role management.

It is a pretty high cost solution, but if your organization has the funds, it can bring many benefits.

• Can ingest data from various data sources.
• Is very useful for organizations who are attempting to meet compliance requirements.
• Is able to fully configure and integrate various solutions into one tool and provide actionable results.

My use of Splunk at my previous place of employment improved how we functioned.

I have used Splunk for three years.

We didn’t have any stability issues.

We didn’t have any scalability issues.

During our use of Splunk, we had professional services assisting and not actual technical support. However, the professional services team was great.

Our organization did not have an established SIEM tool.

The initial setup is straightforward, depending on the level of implementation of the tool.

Take into consideration the labor costs for a dedicated Splunk developer who can craft the required queries needed for each organization. Organizations usually have their own form of implementation of each tool.

We didn’t evaluate any alternatives.

My primary use case is for log management. It's mostly deployed on-premises, but it can be cloud-based as well. 

The most valuable features are how stable and easy to use Splunk is. 

This solution could be improved by better pricing in general and by easier installation. 

I have been a partner of Splunk for three years. 

This solution is stable. 

Technical support is customer-friendly. 

The initial installation is not straightforward. It needs two or three days, depending on the size of the company. But it can be done with one senior engineer. 

I implemented through an in-house team. 

Splunk has a subscription and a perpetual license. 

This product could use better pricing. 

I would rate Splunk a nine out of ten. I recommend this product to others who are considering implementing it.