Try our new research platform with insights from 80,000+ expert users
Splunk User Behavior Analytics Logo

Splunk User Behavior Analytics pros and cons

Vendor: Splunk
4.1 out of 5
Leave a review

Pros & Cons summary

Splunk User Behavior Analytics offers valuable features such as alerts, auto report generation, and advanced analytics for detecting patterns and security threats with anomaly detection and risk scoring capabilities. Indexing and powerful search facilitate efficient data management, while technical support is highly praised. However, high data ingestion costs and complex initial setups present challenges, as does the need for machine learning updates. Splunk is also significantly more expensive compared to competitors like ArcSight or LogRhythm.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk User Behavior Analytics offers valuable features like alerts and auto report generation.
It provides advanced analytics and data correlation capabilities for detecting patterns, anomalies, and security threats.
The indexing and powerful search features allow efficient data management and analysis.
Anomaly detection, behavioral profiling, and risk scoring are among its best functionalities.
Technical support from Splunk is praised for being amazing.

CONS

High data ingestion costs may pose challenges for large enterprises as Splunk charges based on data processed.
Splunk User Behavior Analytics is significantly more expensive than competitors such as ArcSight or LogRhythm, making it difficult to market.
Initial setup can be complex due to required customization in configurations.
The machine learning algorithm at the core of Splunk User Behavior Analytics requires updates as it influences all other functions.
Advanced reporting features could be improved, with current issues like latency and configuration challenges during lexical analysis.
 

Splunk User Behavior Analytics Pros review quotes

Enterprise677 - PeerSpot reviewer
Enterprise677
BS Systems Engineer at a tech services company with 501-1,000 employees
Dec 2, 2018
It is a solution that helps test and measure customer satisfaction.
Read full review
ITConsul6a61 - PeerSpot reviewer
ITConsul6a61
IT Consultant at Red Hat
Mar 11, 2019
The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them.
Read full review
Securityc88d - PeerSpot reviewer
Securityc88d
Security Operations Center Manager
Mar 11, 2019
Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
February 2026
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
AE
Securityps67
Security PS Supervisor at a tech services company with 1,001-5,000 employees
Aug 13, 2019
It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap.
Read full review
AK
Anton Kudin
CISO at a financial services firm with 201-500 employees
Aug 18, 2019
The solution is definitely scalable.
Read full review
NS
Genrlmgr67
Senior Security Engineer at a government with 1,001-5,000 employees
Aug 18, 2019
This intelligent user behavior analytics package is easy to configure and use while remaining feature filled.
Read full review
reviewer890208 - PeerSpot reviewer
reviewer890208
Information Security Specialist at a financial services firm with 201-500 employees
Aug 19, 2019
The most valuable features are the indexing and powerful search features.
Read full review
AT
Ali Tamimi
Managing Director at Hayyan Horizons
Aug 19, 2019
The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk.
Read full review
reviewer1418904 - PeerSpot reviewer
reviewer1418904
Global Engineer at a financial services firm with 10,001+ employees
Sep 21, 2020
The product is at the forefront of auto-remediation networking. It's great.
Read full review
reviewer1276995 - PeerSpot reviewer
reviewer1276995
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Jan 1, 2023
This is a good security product.
Read full review
Show 10 more reviews (out of 23)
 

Splunk User Behavior Analytics Cons review quotes

Enterprise677 - PeerSpot reviewer
Enterprise677
BS Systems Engineer at a tech services company with 501-1,000 employees
Dec 2, 2018
There are occasional bugs.
Read full review
ITConsul6a61 - PeerSpot reviewer
ITConsul6a61
IT Consultant at Red Hat
Mar 11, 2019
It could be easier to scale the solution if you are using it on-premise, not in the cloud.
Read full review
Securityc88d - PeerSpot reviewer
Securityc88d
Security Operations Center Manager
Mar 11, 2019
The initial setup was complex because some of the configurations that we required needed customization.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
February 2026
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: February 2026.
DOWNLOAD NOW
884,873 professionals have used our research since 2012.
AE
Securityps67
Security PS Supervisor at a tech services company with 1,001-5,000 employees
Aug 13, 2019
The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes.
Read full review
AK
Anton Kudin
CISO at a financial services firm with 201-500 employees
Aug 18, 2019
In the future I would like to see simplified statistics and analytical threats.
Read full review
NS
Genrlmgr67
Senior Security Engineer at a government with 1,001-5,000 employees
Aug 18, 2019
The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need.
Read full review
reviewer890208 - PeerSpot reviewer
reviewer890208
Information Security Specialist at a financial services firm with 201-500 employees
Aug 19, 2019
The correlation engine should have persistent and definable rules.
Read full review
AT
Ali Tamimi
Managing Director at Hayyan Horizons
Aug 19, 2019
They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases.
Read full review
reviewer1418904 - PeerSpot reviewer
reviewer1418904
Global Engineer at a financial services firm with 10,001+ employees
Sep 21, 2020
Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.
Read full review
reviewer1276995 - PeerSpot reviewer
reviewer1276995
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Jan 1, 2023
The price of Splunk UBA is too high.
Read full review
Show 10 more reviews (out of 23)

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
TrendAI Tipping Point vs Splunk User Behavior Analytics Logo
TrendAI Tipping Point vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Dtex Systems vs Splunk User Behavior Analytics Logo
Dtex Systems vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
Cisco Secure IPS (NGIPS) vs Splunk User Behavior Analytics Logo
Cisco Secure IPS (NGIPS) vs Splunk User Behavior Analytics
See all alternatives

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
TrendAI Tipping Point vs Splunk User Behavior Analytics Logo
TrendAI Tipping Point vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Dtex Systems vs Splunk User Behavior Analytics Logo
Dtex Systems vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
Cisco Secure IPS (NGIPS) vs Splunk User Behavior Analytics Logo
Cisco Secure IPS (NGIPS) vs Splunk User Behavior Analytics
See all alternatives
Related questions
  • 43
Which is the best UEBA solution?
  • 18
Viable, Cost-Effective Competitors to Rapid7 InsightIDK
  • 147
What is your recommended cost-effective solution to detect and prevent APT attacks?
  • 40
Looking for recommendations and a pros/cons template for software to detect insider threats
  • 42
What are the main differences between UEBA and SIEM solutions?
  • 14
Monitoring Web Hosted Servers for unwanted guests
  • 114
Why is User Entity Behavior Analytics - UEBA important for companies?
  • 26
When evaluating User Behavior Analytics, what aspect do you think is the most important to look for?
  • 17
Which is the best User Entity Behavior Analytics (UEBA) solution?
  • 17
What are the different types of insider threats that UEBA solutions help to detect?