Splunk Enterprise Security Pricing Overview

What I like best about Splunk Enterprise Security is its powerful threat detection and investigation capabilities. It provides a centralized view of security events from multiple sources, making it easier to monitor and analyze security incidents. The correlation searches, customizable dashboards, and threat intelligence integrations help reduce investigation time and improve overall security visibility. I also appreciate its scalability and flexibility, which allow it to adapt to different organizational requirements and large volumes of security data. Review collected by and hosted on G2.com.

One aspect I dislike about Splunk Enterprise Security is that it can have a steep learning curve, especially for new users who are not familiar with Splunk's search language and advanced configurations. The platform is highly capable, but setting up and tuning correlation rules can take time and expertise. Additionally, managing large data volumes can become expensive, and some dashboards or searches may require optimization to maintain performance in larger environments. However, once properly configured, the platform delivers strong security monitoring and investigation capabilities. Review collected by and hosted on G2.com.

What I liked most is the visibility it gives once everything is set up. It becomes a solid central place for monitoring and investigations, and correlating logs across systems actually helps catch things faster.

The built-in detection rules and dashboards are a good starting point, and integrations are flexible enough to bring in data from pretty much anywhere. Performance is reliable too, as long as your queries are optimized.

It does take some effort to tune alerts and get real value, but once that’s done, it makes day-to-day security workflows a lot more structured and efficient. Review collected by and hosted on G2.com.

The biggest issue is the complexity. Setup and onboarding take time, and you really need someone experienced to get it running properly. It is not beginner friendly at all.

Pricing can also get expensive fast since it is based on data ingestion, so you have to constantly manage what logs you are sending in.

The UI feels a bit clunky in places, and navigating during investigations is not always smooth. On top of that, alerts need a lot of tuning. Without it, you end up with too much noise, which affects response time.

Overall, its Ai is powerful, but it takes effort, expertise, and budget to actually make it work well. Review collected by and hosted on G2.com.