Try our new research platform with insights from 80,000+ expert users
Splunk User Behavior Analytics Logo

Splunk User Behavior Analytics pros and cons

Vendor: Splunk
4.1 out of 5
Badge Leader
Leave a review

Pros & Cons summary

Splunk User Behavior Analytics excels in searching large data volumes and analyzing complex attack vectors. Notable features include data aggregation, threat identification, and recommended actions, along with advanced analytics, data correlation, and effective dashboards. Its integration with various vendors aids adaptability. Despite its higher price than competitors and setup complexity, improved correlation rules and simplified analytics are desirable. Occasional bugs and high data ingestion costs pose challenges for enterprises.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk User Behavior Analytics excels in data aggregation, automatic threat identification, and recommending actions.
Splunk is highly scalable, allowing users to frequently expand their usage.
Its advanced analytics and data correlation detect patterns, anomalies, and security threats efficiently.
Features such as alerts and auto report generation add significant value.
The integration with other vendors and the ability to query large data sets highlight its versatility and utility.

CONS

There are occasional bugs, and the initial setup can be complex due to required customization.
Scaling Splunk User Behavior Analytics on-premise is challenging, and high costs make it less competitive against alternatives like ArcSight and LogRhythm.
The correlation engine needs more persistent and definable rules, as well as additional built-in searches and use cases informed by global customer experiences.
Advanced reporting is affected by latency and configuration challenges during lexical analysis, and storage model enhancements are necessary.
The machine learning algorithm, central to Splunk User Behavior Analytics, requires updates for improved functionality across features.
 

Splunk User Behavior Analytics Pros review quotes

Enterprise677 - PeerSpot reviewer
Enterprise677
BS Systems Engineer at a tech services company with 501-1,000 employees
Dec 2, 2018
It is a solution that helps test and measure customer satisfaction.
Read full review
ITConsul6a61 - PeerSpot reviewer
ITConsul6a61
IT Consultant at Red Hat
Mar 11, 2019
The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them.
Read full review
Securityc88d - PeerSpot reviewer
Securityc88d
Security Operations Center Manager
Mar 11, 2019
Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
January 2026
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
AE
Securityps67
Security PS Supervisor at a tech services company with 1,001-5,000 employees
Aug 13, 2019
It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap.
Read full review
AK
Anton Kudin
CISO at a financial services firm with 201-500 employees
Aug 18, 2019
The solution is definitely scalable.
Read full review
NS
Genrlmgr67
Senior Security Engineer at a government with 1,001-5,000 employees
Aug 18, 2019
This intelligent user behavior analytics package is easy to configure and use while remaining feature filled.
Read full review
reviewer890208 - PeerSpot reviewer
reviewer890208
Information Security Specialist at a financial services firm with 201-500 employees
Aug 19, 2019
The most valuable features are the indexing and powerful search features.
Read full review
AT
Ali Tamimi
Managing Director at Hayyan Horizons
Aug 19, 2019
The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk.
Read full review
reviewer1418904 - PeerSpot reviewer
reviewer1418904
Global Engineer at a financial services firm with 10,001+ employees
Sep 21, 2020
The product is at the forefront of auto-remediation networking. It's great.
Read full review
reviewer1276995 - PeerSpot reviewer
reviewer1276995
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Jan 1, 2023
This is a good security product.
Read full review
Show 10 more reviews (out of 23)
 

Splunk User Behavior Analytics Cons review quotes

Enterprise677 - PeerSpot reviewer
Enterprise677
BS Systems Engineer at a tech services company with 501-1,000 employees
Dec 2, 2018
There are occasional bugs.
Read full review
ITConsul6a61 - PeerSpot reviewer
ITConsul6a61
IT Consultant at Red Hat
Mar 11, 2019
It could be easier to scale the solution if you are using it on-premise, not in the cloud.
Read full review
Securityc88d - PeerSpot reviewer
Securityc88d
Security Operations Center Manager
Mar 11, 2019
The initial setup was complex because some of the configurations that we required needed customization.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
January 2026
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
AE
Securityps67
Security PS Supervisor at a tech services company with 1,001-5,000 employees
Aug 13, 2019
The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes.
Read full review
AK
Anton Kudin
CISO at a financial services firm with 201-500 employees
Aug 18, 2019
In the future I would like to see simplified statistics and analytical threats.
Read full review
NS
Genrlmgr67
Senior Security Engineer at a government with 1,001-5,000 employees
Aug 18, 2019
The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need.
Read full review
reviewer890208 - PeerSpot reviewer
reviewer890208
Information Security Specialist at a financial services firm with 201-500 employees
Aug 19, 2019
The correlation engine should have persistent and definable rules.
Read full review
AT
Ali Tamimi
Managing Director at Hayyan Horizons
Aug 19, 2019
They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases.
Read full review
reviewer1418904 - PeerSpot reviewer
reviewer1418904
Global Engineer at a financial services firm with 10,001+ employees
Sep 21, 2020
Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.
Read full review
reviewer1276995 - PeerSpot reviewer
reviewer1276995
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees
Jan 1, 2023
The price of Splunk UBA is too high.
Read full review
Show 10 more reviews (out of 23)

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
Dtex Systems vs Splunk User Behavior Analytics Logo
Dtex Systems vs Splunk User Behavior Analytics
See all alternatives

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
Dtex Systems vs Splunk User Behavior Analytics Logo
Dtex Systems vs Splunk User Behavior Analytics
See all alternatives
Related questions
  • 39
Which is the best UEBA solution?
  • 11
Viable, Cost-Effective Competitors to Rapid7 InsightIDK
  • 128
What is your recommended cost-effective solution to detect and prevent APT attacks?
  • 29
Looking for recommendations and a pros/cons template for software to detect insider threats
  • 42
What are the main differences between UEBA and SIEM solutions?
  • 11
Monitoring Web Hosted Servers for unwanted guests
  • 108
Why is User Entity Behavior Analytics - UEBA important for companies?
  • 14
When evaluating User Behavior Analytics, what aspect do you think is the most important to look for?
  • 15
Which is the best User Entity Behavior Analytics (UEBA) solution?
  • 11
What are the different types of insider threats that UEBA solutions help to detect?