Splunk Enterprise Security

4.0
(98)

Splunk Enterprise Security (ES) is a SIEM software that provides insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information to enables security teams to quickly detect and respond to internal and external attacks to simplify threat management while minimizing risk and safeguarding business

Work for Splunk Enterprise Security?

Learning about Splunk?

We can help you find the solution that fits you best.

Splunk Enterprise Security Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • Industry
Ratings
Company Size
User Role
Industry
Showing 98 Splunk reviews
LinkedIn Connections
Splunk review by Jainil D.
Jainil D.
Validated Reviewer
Verified Current User
Review Source
content

"A fabulous tool for log analysis !"

What do you like best?

Its capabilities to index huge amount of data into events within seconds, the various apps and add on, and its visualizations. It facilitates real time analysis and can index any type of data, also the hardware requirements of splunk are very less. Splunk does not require any database to store its indexed events. A lot of support and help is available in the community. Its really very easy to set up and can take data input from various sources like remote hosts, logs, scripts, files, network etc. Moreover there is a free version as well which allows to index 500 MB of data per day. Lastly, its user interface is very user friendly.

What do you dislike?

I really disliked the fact that we have to restart splunk whenever configuration files are changed, though i understand the reason behind it, still, restart takes quite a lot of time. Also search processing language takes some time to learn, it has a lot of commands. The splunk learning curve is big and can take more than a month to learn splunk thouroughly. Normalizing data is challenging in splunk. And many addons are Common Information model (CIM) compatible in splunk.

Recommendations to others considering the product

Splunk provides great support, and there are rich set of facilities it provides, also it generates amazing visualizations.

What business problems are you solving with the product? What benefits have you realized?

I am using splunk to analyze network traffic through logs and efficient management of resources on the basis of splunk visualizations, alerts, reports etc.

Sign in to G2 to see what your connections have to say about Splunk Enterprise Security
Splunk review by Executive Sponsor in Information Technology and Services
Executive Sponsor in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"A powerful log aggregation solution with immensely useful tools built-in for popular applications."

What do you like best?

Configuration design: Thoughtful and mature documentation and design of the application regarding enterprise-class scaling on network storage.

-POWERFUL tools: The user interface lends itself to learning more about your organization from the logs you collect, through metrics of trends of the logs being gathered. There are also specific modules/add-ons for popular applications to provide more value and event-based monitoring, all without having to develop in-house dashboards and intelligence of those logs.

- Customization: You can create your own queries of logs, and event-based alerts.

What do you dislike?

Price: This product is not free for more than the minimal use. Pricing can be very expensive, relative to open source offerings. That is the trade-off you pay for not having in-house development of open source offerings. As this product is priced based on gigabytes of indexed logs, it is important to understand the scope of licensing necessary for your environment to determine if it is a good fit for your organization.

What business problems are you solving with the product? What benefits have you realized?

XRAY vision on your production instances. Every day we code our applications so that we will be splunk friendly with our app log statements. For example "featureX=value" allows you to query for every customer that engaged with featureX.

What Security Information and Event Management (SIEM) solution do you use?

Thanks for letting us know!
Splunk review by Andrew Y.
Andrew Y.
Validated Reviewer
Review Source
content

""Powerful and overhwelming SIEM""

What do you like best?

Its abilities to list tremendous measure of information into occasions inside seconds, the different applications and extra, and its representations. It encourages continuous examination and can list any sort of information, likewise the equipment necessities of splunk are less. Splunk does not require any database to store its recorded occasions. A great deal of help and help is accessible in the network. Its extremely exceptionally simple to set up and can take information contribution from different sources like remote hosts, logs, contents, records, organize and so forth. In addition there is a free form also which permits to list 500 MB of information for each day. In conclusion, its UI is very client friendly.The truth that we can total and relate any occasions that we need is an integral asset in distinguishing and ceasing malignant movement on or against our system

What do you dislike?

I truly hated the way that we need to restart splunk at whatever point arrangement documents are changed, however I comprehend the explanation for, regardless it, restart takes a considerable amount of time. Likewise look handling language sets aside some opportunity to learn, it has a great deal of directions. The splunk expectation to absorb information is enormous and can take over a month to learn splunk thouroughly. Normalizing information is trying in splunk. What's more, numerous addons are Common Information display (CIM) good in splunk.

Recommendations to others considering the product

Get Splunk Enterprise for nothing to experiment with your utilization case, as a rule your confirmation of idea could undoubtedly be utilized as last examination application that you need at your Enterprise. The documentation is exhaustive for each theme from establishment, organization, look, advancement, and so on. In this way, you can give it a try.But still, recall this is a generally new administration and they are chipping away at including highlights while keeping the security of the Cloud. In the event that you are a genuine Splunk administrator, maybe complete a Self-Service Cloud alternative so you can complete things quicker.

What business problems are you solving with the product? What benefits have you realized?

We are utilizing splunk to log all our web and application logs. Utilizing this log we are having an extraordinary straightforwardness at the season of posthumous an issue to investigate the example and investigate as needs be. Our splunk condition is utilized to help investigate issues, screen for security occurrences, and has even helped our police division situate in trouble individual's speedy enough to give mediation.

Splunk review by paul R.
paul R.
Validated Reviewer
Review Source
content

"An incredible device which fills some needs.""

What do you like best?

It has exceptionally educational dashboard which enables us to see information about servers in our condition. It gives visuals to the client when we select graphical portrayal, enabling us to change signs into visual outlines for example pie outlines, diagrams, tables, and so on. It is anything but difficult to scale with extensive informational collections. It underpins different sorts of information with ongoing analyzing.Splunk is extremely simple to introduce and they give bundle to both linux and windows based opertaing framework. establishment is simple simply unfasten the bundle and set the way and you are prepared to utilize

What do you dislike?

It tends to be CPU serious if not cautious. Early discharges were a great deal carriage, yet remediation's were brisk and brief. The heap on our quests, a few inquiries take for eternity. In some cases we have incredible trouble with motivating different items to parse logs accurately into splunk.pretty costly

Recommendations to others considering the product

Get Splunk Enterprise for nothing to experiment with your utilization case, much of the time your evidence of idea could undoubtedly be utilized as last investigation application that you need at your Enterprise. The documentation is careful for each theme from establishment, organization, look, improvement, and so forth. Along these lines, you can give it a try.It merits the exertion and speculation to ensure your frameworks and information impression. There are different instruments that are accessible in the market that won't break your bank, anyway you get what you pay for. This apparatus gets you a total 360 degree perspective on the information impression. Anyway there will be an expectation to absorb information to get and you will probably find that you are immediately overpowered by the measure of things you can do. Particularly when you begin getting data from different sources and wish to associate that data into dashboards and applications

What business problems are you solving with the product? What benefits have you realized?

Totaling, and completing an example coordinating of occasions that can fill us in as to whether any vindictive action is occurring. It gives us a total view into our general security pose with fitting drill downs into explicit information to perceive what's going on in the association. Gathering and breaking down information with Splunk is simple. Be that as it may, there are different items out there - Graylog, the ELK stack - which are free and do a similar thing - just with more work. Be that as it may, when you manufacture your dashboard, you are a great idea to go - toss as much information at it as you need.

Splunk review by Rmn  C.
Rmn C.
Validated Reviewer
Review Source
content

"Amazing tool to analyze huge logs accurately"

What do you like best?

The UI is so simple and interactive that you provide a simple search string and this powerful tool looks at your terabytes sized logs and show you result in an index form and that too in seconds. It also helps our OPS team to perform a log forensics.

What do you dislike?

This tool becomes very expensive if you have huge logs and if the logs keep on increasing so will the price to use this tool. The support from SPLUNK team is not that great.

Recommendations to others considering the product

Better response from the SPLUNK support team. May be change the price model a bit so that you can have more customers. I believe most the companies don't use this tool because it is so expensive.

What business problems are you solving with the product? What benefits have you realized?

It helps us identify problems in our production environment. The alerts help us identify malicious activity since we have alerts set for certain events.

Splunk review by Christopher S.
Christopher S.
Validated Reviewer
Verified Current User
Review Source
content

"Very powerful and overhwelming SIEM"

What do you like best?

The fact that we can aggregate and correlate any events that we want is a powerful tool in identifying and stopping malicious activity on or against our network

What do you dislike?

The pricing will put you into a higher tier than you need and can quickly grow exponentially if you don't know how to prune the data being brought in before it's saved to the database.

Recommendations to others considering the product

You will not be able to just jump into Splunk and start using it. You will likely find that you are quickly overwhelmed by the amount of things you can do. Especially when you start bringing in information from various sources and wish to correlate that information into dashboards and apps. In order to get the most out of the product in the quickest amount of time (instead of fumbling around in the dark) you'll want to get training as soon as possible.

What business problems are you solving with the product? What benefits have you realized?

Aggregating security information in one single place in order to report and alert on malicious activity within the network

Splunk review by Swapnil S.
Swapnil S.
Validated Reviewer
Review Source
content

"Splunk Data Security To Your Rescue"

What do you like best?

Ability in the user interface for searching logs and processes, intuitive dash boarding, and a very robust alert module. Getting better visualization of threats in our environment via alerts are some of the features that make this a great tool.

Splunk itself is completely awesome. It has really improved the security teams ability to perform log forensics and confirm true positives.

What do you dislike?

It can be CPU intensive if not careful. Early releases were a lot buggy, but remediation's were quick and concise. The load on our searches, some queries take forever. Sometimes we have great difficulty with getting other products to parse logs correctly into splunk.

Also, Their Support form is not too good. It's confusing and sometimes redundant, or irrelevant.

Recommendations to others considering the product

Get Splunk Enterprise for free to try out your use case, in most cases your proof of concept could easily be used as final analytics app that you need at your Enterprise. The documentation is very thorough for every topic from installation, administration, search, development, etc. So, you can give it a try.

But still, remember this is a relatively new service and they are working on adding features while keeping the security of the Cloud. If you are a real Splunk admin, perhaps do a Self-Service Cloud option so you can get things done faster.

What business problems are you solving with the product? What benefits have you realized?

We are building out new automations and use cases for splunk on a weekly basis. benefits I realize concise precisely as - Breadth of services, Product functionality and performance and Strong services expertise.

Splunk review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"Analyse large Dataset"

What do you like best?

The best part I like about Splunk is that it is easy to deploy. You can a simple utility call Splunk lite to push your data from your servers to the main Splunk engine.The way Splunk indexes your data is very good. Which in returns good analytic results. The dashboard layout is usefull and is very customizable. Integration via ES and other plugins allows us to spend time on one single pane of glass, do a pivot investigation and drill way down into the logs that were ingested. Metadata is easy to find, the logs are parsed neatly and are relatively easy to read once you get used to them

What do you dislike?

The community could use better visibility, a central repository for splunk queries would be nice. We always need to wait a bit for latest release to be adopted at Enterprise level because of the unforeseen bugs.x.0.0 releases are frequently buggy, but they get patches out fairly quickly.

What business problems are you solving with the product? What benefits have you realized?

We are using splunk to log all our web and application logs. Using this log we are having a great ease at the time of post mortem an issue to take a look at the pattern and troubleshoot accordingly. Our splunk environment is used to help troubleshoot problems, monitor for security incidents, and has even helped our police department locate in distress person's quick enough to provide intervention.

My team is initial helpdesk support, so we use it to find out what servers a users Active Directory account is locked out of, track the server, or track the MAC Address of a device that has locked them out of a radius server/wireless connection

Splunk review by Usman S.
Usman S.
Validated Reviewer
Review Source
content

"A powerful log aggregation solution "

What do you like best?

- Free to use for small 500MB or less daily ingress, quite nice for small use cases and learning

- No development work required to deploy and provide value.

- Deployment flexibility: client agents are available to use, or clientless configurations for multiple OS platforms. It's also very easy to deploy, not just flexible. its a very simple affair.

What do you dislike?

PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses.

What business problems are you solving with the product? What benefits have you realized?

Splunk allows us to see exactly what is going on in production! we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time.

Splunk review by Bharadwaj (Brad) C.
Bharadwaj (Brad) C.
Validated Reviewer
Review Source
content

"Great Platform with lot of blings!"

What do you like best?

Aggregating, and doing a pattern matching of events that can let us know if any malicious activity is taking place. Installation is fairly simpler and the user interface is quite friendly.

What do you dislike?

Pretty expensive!!! However you get what you pay for. If you have a higher data set, then the cost is on the higher end. Customizing and configuring to your needs takes quite a bit of time.

Recommendations to others considering the product

It's worth the effort and investment to protect your systems and data footprint. There are other tools that are available in the market that won't break your bank, however you get what you pay for. This tool gets you a complete 360 degree view of the data footprint. However there will be a learning curve to get and you will likely find that you are quickly overwhelmed by the amount of things you can do. Especially when you start bringing in information from various sources and wish to correlate that information into dashboards and apps

What business problems are you solving with the product? What benefits have you realized?

Aggregating, and doing a pattern matching of events that can let us know if any malicious activity is taking place. It gives us a complete view into our overall security posture with appropriate drill downs into specific data to see what's happening in the organization. Collecting and analyzing data with Splunk is very easy. But there are other products out there - Graylog, the ELK stack - which are free and do the same thing - just with more work. But once you build your dashboard, you are good to go - throw as much data at it as you want.

Splunk review by Matt F.
Matt F.
Validated Reviewer
Review Source
content

"Great Platform - but really expensive"

What do you like best?

Installation is very easy with Splunk. They really take the guess work out of it. Adding additional modules is also very easy. Pointing data to it is also easy. But that ease comes with a cost.

What do you dislike?

It's simply too expensive. Their price (at the time of this writing) is based on data consumption. So the more you use it, the more it costs. At the end of the day, that cost benefit just wasn't there.

Recommendations to others considering the product

If you have a very, very small shop, then the free 500MB a day license will work for you. We have about 13,000 users, and from our DC's aloe consume about 15 GB of log data a day. I switched to Graylog, built my own dashboard, and it works great. While I'm a fan of Splunk, I'm not a fan of the price. If cost doesn't mater, then you should really check it out.

What business problems are you solving with the product? What benefits have you realized?

Collecting and analyzing data with Splunk is very easy. But there are other products out there - Graylog, the ELK stack - which are free and do the same thing - just with more work. But once you build your dashboard, you are good to go - throw as much data at it as you want.

Splunk review by User
User
Validated Reviewer
Review Source
content

"Splunk Enterprise Security : A great tool which serves many purposes."

What do you like best?

It has very informative dashboard which allows us to view data about servers in our environment. It provides visuals to the user when we select graphical representation, giving us the ability to transform logs into visual charts e.g. pie charts, graphs, tables, etc. It is easy to scale with large data sets. It supports various types of data with real time analyzing.

What do you dislike?

It is very costly. If the dynamic data is huge it affects the speed thus making it slow at times. Searches can a bit too much to understand, especially regular expressions and search syntax which itself are very complex to understand. The learning curve to Splunk is steep since takes a bit to get up to speed with the application.

Recommendations to others considering the product

Splunk does a great job of collecting and monitoring machine data. It provides accurate and real-time analysis of data through its dashboard.They even offer a free license that will handle up to 500MB/day, which makes it has an great option for Students to start with the software. It makes a ton of sense for a company that is looking for an out of box logging tool. Splunk is well suited in both small and very large environments almost regardless of the types of devices.

What business problems are you solving with the product? What benefits have you realized?

Splunk is a very powerful analytics tool. The main purpose of splunk is to log analysis and alerting of events It allow us to monitor our critical systems and allow for scalability as we continue to grow.

Splunk review by Industry Analyst / Tech Writer
Industry Analyst / Tech Writer
Validated Reviewer
Review Source
content

"Splunk Application"

What do you like best?

It allows users to process and index their production data in their own raw format.

It allows indexing tools that allows to locate a specific data in a large pool of data. Easy to deploy on multiple OS platforms. Various aggregation tools for various use-cases. Can create customization based on your log query and event based alerts.

What do you dislike?

The enterprise editions comes with a huge price which can be a turn down as compared to other open source tools like the ELK stack. As the product is priced on the gigabytes of indexed logs stored, one need to have a clear idea on the business requirement to determine if it is a good fit for your organization.

What business problems are you solving with the product? What benefits have you realized?

We code our applications in such a way that our log statements are Splunk friendly. For eg. featureX=value allows to query every user who has featureX

Splunk review by User
User
Validated Reviewer
Review Source
content

"Splunk Enterprise Security review"

What do you like best?

Splunk is very easy to install and they provide package for both linux and windows based opertaing system. installation is very easy just unzip the package and set the path and you are ready to use. The best part is there are thousand of splunk apps and add ons that can be used which can greatly reduce your effort. For visualization of data splunk provides out the box feature to create graphs and dashboards. Splunk also has the functionality to trigger alert once it meet certain criteria.

What do you dislike?

To search the data you need to learn yet another languaage i.e SPL-splunk processing langauage. They are not open source and free trial is also only for one month and once it expires you have to buy the license which is very costly.

Recommendations to others considering the product

Splunk is a great app specially if you are looking to analyze the data and get the insights from it and then present it to the user with dashboards and reporting.

What business problems are you solving with the product? What benefits have you realized?

Every day we generate logs in the magnitude of petabytes which is impossible by any human being to read trying to find out threat. By using splunk we overcome this challenge as splunk will analyse the logs and present to us if it detect any anomaly behavior.

Splunk review by Francois G.
Francois G.
Validated Reviewer
Verified Current User
Review Source
content

"Amazing Tool"

What do you like best?

Having instant access to log file and monitoring on several servers. This is huge as we don't want to give Production credentials to developers by example but we want them to be able to access the logs for debugging.

What do you dislike?

Interface could use a little help from a UX expert. It is a little clunky. Once you get use to it , it is fine but it is not intuitive.

Recommendations to others considering the product

Try it out, you will be convinced

What business problems are you solving with the product? What benefits have you realized?

Providing our developer access to production server logs without granting them SSH access to the servers.

Splunk review by User
User
Validated Reviewer
Verified Current User
Review Source
content

"Great for visualizing data in enterprise microservice applications."

What do you like best?

I like the visual dashboards of different levels of granularity. Easy to set up for from a backend developers point of view as it is compatible with existing popular enterprise frameworks using microservice architecture (Spring Boot). Great common ground for software developers interacting with data analysts as layout is in terms that both understand.

What do you dislike?

A bit of a learning curve for the UI as it has lots of features and levels of data granularity , but at good that there's plenty of documentation.

Recommendations to others considering the product

Good support. Basically industry standard.

What business problems are you solving with the product? What benefits have you realized?

Big data analysis. Storing and visualizing metrics and service logs.

Splunk review by samant k.
samant k.
Validated Reviewer
Verified Current User
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"Configuring logs and analysis was never this easy"

What do you like best?

One can configure their own query to get related data on dashboard , Helps alot on analysis

What do you dislike?

The inline change in data structure can break the whole query , also configuring is little cumbersome

What business problems are you solving with the product? What benefits have you realized?

Analyzing application logs , this helps in easy and fast triage of any issue within application .

Mostly on production environment

Splunk review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Review Source
content

"Splunk is the future for all web applications"

What do you like best?

In the past, we were never able to find out when production issue happens what was the reason behind it but now with the help of Splunk we can easily say that now no production issue can ever scare us unlike before.

What do you dislike?

Well I have just started using this so as of now dont see any features which are not good....only thing would be the tutorials are limited so we need to learn a lot on our own.

Recommendations to others considering the product

If you have customer facing applications then with the help of splunk all your prouction issues can be worry free.

What business problems are you solving with the product? What benefits have you realized?

So in the past couple of years I have worked with telecom companies and each one used to have customer facing applications which had to be running 24/7 without any kind of interruption. When we came to hear about the advantages it could bring to us we were totally dumbfounded. Hence forth we quickly connected it with our applications and now any kind of production issues, we never have any issue in figuring out where the issue has occured with the logs that splunk provides us at run time.

Splunk review by Joshua S.
Joshua S.
Validated Reviewer
Verified Current User
Review Source
content

"New Splunk ES Install"

What do you like best?

The power of Splunk ES brings all of your security related data together like no other SIEM I have seen.

What do you dislike?

The minimum time to properly configure and install ES including data normalization is 4-5 weeks.

Recommendations to others considering the product

Splunk Enterprise Security is worth the investment for security awareness and response for your organization.

What business problems are you solving with the product? What benefits have you realized?

Splunk Enterprise Security gives us a complete view into our overall security posture with appropriate drill downs into specific data to see what's happening in the organization.

Splunk review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"Straight-forward Functionatliy"

What do you like best?

Splunk has a very user-friendly interface, allowing you to easily search by many filters and key phrases to find the data you are looking for. Overall, it includes functionality that is straightforward, and I would say it is one of the best known products of its type.

What do you dislike?

As some state, Splunk can be pretty complex, and it takes time to learn the Splunk searching processing language, or SPL. Load times can be quite slow.

Recommendations to others considering the product

Splunk is a great tool and definitely worth considering, although there are other similar tools in the same market, Splunk is at the top.

What business problems are you solving with the product? What benefits have you realized?

We are using Splunk to analyze and monitor software logs from our application.

Splunk review by User in Computer Software
User in Computer Software
Validated Reviewer
Verified Current User
Review Source
content

"Very powerful monitoring tool"

What do you like best?

Very good tool to search monitor analyze data.very easily dashboard can be created for monitoring purpose.

What do you dislike?

Its not a open source tool.many teams do not use this due to high cost.

Recommendations to others considering the product

Very good monitoring tool ... Nice dash boards can be created to simplify the monitoring . Rules can be setup to trigger email notification ..

What business problems are you solving with the product? What benefits have you realized?

Splunk makes searching old and real-time data simple .

We use this to search /monitor logs. This helps to solve production issues very quickly.

Dash boards can be created to simplify the monitoring . And automation rules can be set to send email notification.

Splunk review by Consultant
Consultant
Validated Reviewer
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"USe it for what it is good at"

What do you like best?

The main benefit is the ability to ingest many different sources, match it to the CIM and use disparate information across your logs to form a picture of what is happening.

What do you dislike?

unfortunately the incident management component is quite terrible. the way you drill down often requires you to rewrite queries in order to get the events that form a notable event. The interface was written by somoene who does not have to do the work. managing multiple notable events is now better with the case management, but still a struggle for workflows.

Recommendations to others considering the product

Make sure you sort out what use cases are important to you.

What business problems are you solving with the product? What benefits have you realized?

Quick visibility of security related events and identify unknown information.

Splunk review by User in Internet
User in Internet
Validated Reviewer
Verified Current User
Review Source
content

"Logs made easy"

What do you like best?

I'm amazed on how fast and reliable splunk is when managing high volume logs. The indexing and response time is impressive, just what is needed for when you're trying to figure out what is happening with your applications.

What do you dislike?

I don't think I have a concrete issue to report. Splunk has always served its purpose with flying colors

Recommendations to others considering the product

Learn how to query correctly the logs, that will save you a lot of time.

What business problems are you solving with the product? What benefits have you realized?

We can check any log fast, see patterns, time of outages etc. Splunk is a really useful tool for monitoring

Splunk review by User
User
Validated Reviewer
Review Source
content

"A decent Tool"

What do you like best?

Quick and easy to use once you get used to Splunk's query language. Can provide scalable analytics to upper management and make quick and easy data driven decisions for the day-to-day software development. You can do a personal level of A/B testing with your own code to determine whether the changes you made leave an increase in errors, etc.

What do you dislike?

Nothing really, just that queries sometimes take time to load and they can get queued when you need that information right away. Sometimes the query built in functions don't quite work as expected and

Recommendations to others considering the product

Ensure that you provide your people with the training they need to use the product effectively.

What business problems are you solving with the product? What benefits have you realized?

Security of customer data when signing up for accounts. This enables us to ensure our customer data is safe.

Splunk review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
content

"Making sense of your logs"

What do you like best?

The ability drill down to the smallest of the issue you face on a daily basis

What do you dislike?

Its sometime a heck slow to index data on the system making it difficult o get the required data

Recommendations to others considering the product

I would recommend the companies have access to splunk and make sure they are making use of their logs s

What business problems are you solving with the product? What benefits have you realized?

We solve a wide variety of issues using the splunk from firewalls issues to application errors and malwares

Splunk review by User
User
Validated Reviewer
Review Source
content

"SIEM made simple and fast with Splunk"

What do you like best?

Splunk makes it easy to put data in and get data out - exactly what you would hope for from this kind of product. Dashboards are easy to create and share. Data is easy and fast to query because of the Splunk indexing engine.

What do you dislike?

Splunk uses its own proprietary query language to its one extra thing to learn before you can begin to get value out of the system. Also, while there are several types of dashboards you can make, they are not super flexible to customize out of the box so you have to rely on third party extensions.

What business problems are you solving with the product? What benefits have you realized?

Logging network activity and having it available for analysis

Splunk review by User in Computer Software
User in Computer Software
Validated Reviewer
Review Source
content

"An eye into the production environment"

What do you like best?

When you work in an environment with all the servers are locked down from level 3 support, SPLUNK was the only way to view what's going on in the production system. If your enterprise system is all SPLUNK enable you can easily track down exactly where the issue is.

What do you dislike?

SPLUNK does have a learning curve but once you master certain queries you will see the light!

Recommendations to others considering the product

Get it to improve customer support

What business problems are you solving with the product? What benefits have you realized?

Level 3 support doesn't need to access each server directly but rather access logs from ALL servers at once! You get to view the production systems together at your finger tip.

Splunk review by Juan Carlos Q.
Juan Carlos Q.
Validated Reviewer
Review Source
content

"Spunk herramienta robusta"

What do you like best?

Me ha gustado mucho la sencillez en la instalación, y en su uso una vez instalado.

Es destacable la posibilidad de implementar apps adicionales.

What do you dislike?

El consumo de recursos podría ser mejor, y podría tener implementado varias apps por defecto.

Recommendations to others considering the product

Tener en cuenta la cantidad de información a analizar.

What business problems are you solving with the product? What benefits have you realized?

Gracias a la madurez del sistema, es un buen candidato para analizar grandes flujos de información, y crear alertas en base a esa información.

Splunk review by Executive Sponsor
Executive Sponsor
Validated Reviewer
Review Source
content

"Amazing capability (at a price!)"

What do you like best?

I love that pretty much ANY logs from other applications can be ingested into Splunk. The ability to search and find data during a forensic investigation is critical and can help find a root cause.

What do you dislike?

The cost. $10K per 10GB of log data ingestion. The more you ingest the greater the value, and you want to add more, but the cost keeps going up and up.

Recommendations to others considering the product

Drive down the price (this should be so much cheaper), or other companies will disrupt the market share Splunk has (open source are working on alternatives)

What business problems are you solving with the product? What benefits have you realized?

Security Incident and Event Management

Splunk review by Abhishek D.
Abhishek D.
Validated Reviewer
Review Source
content

"Splunk - A tool you dont want to miss "

What do you like best?

Me and my team have been using splunk for quite some time now, we are using it for our multiple clients, the ease with we can create reports in splunk is very impressive

What do you dislike?

We are using it for a long time now, and it has been a quite satisfying journey so far.

Recommendations to others considering the product

Nothing specific

What business problems are you solving with the product? What benefits have you realized?

Reporting, log analysis

Splunk review by Kalyan M.
Kalyan M.
Validated Reviewer
Review Source
content

"It is efficient but one has to learn how to use it "

What do you like best?

Just by running a simple query it gives us the exact logs

What do you dislike?

First of all before one starts using it they have to learn the syntax. It is kind of different from your regularquerying style. But once you get the hang of it it is easy to use.

Recommendations to others considering the product

Learn how to setup alerts and how to query splunk

What business problems are you solving with the product? What benefits have you realized?

Easy to filter the logs

Splunk review by Nicholas S.
Nicholas S.
Validated Reviewer
Review Source
content

"Splunk is great for larger business"

What do you like best?

Splunk has a very intuitive search feature. If you are looking for either a single or multiple logs or the contents therein, you are in for a treat!

What do you dislike?

The setup for it is lengthy and at sometimes clumsy.

Recommendations to others considering the product

It's an investment, but a worthy one.

What business problems are you solving with the product? What benefits have you realized?

Logging was an issue for us until we started using Splunk.

Splunk review by Santhi Sushma K.
Santhi Sushma K.
Validated Reviewer
Review Source
content

"Useful product"

What do you like best?

The interface is very user friendly and has best UI design. But, Slows down at times

What do you dislike?

Slows down at times. But the interface is very user friendly and has best UI design.

Recommendations to others considering the product

The interface is very user friendly and has best UI design.

What business problems are you solving with the product? What benefits have you realized?

I have not used it much. But got training for it during work period. The interface is very user friendly and has best UI design.

Splunk review by Administrator in Wholesale
Administrator in Wholesale
Validated Reviewer
Verified Current User
Review Source
content

"Great potential, but huge cost."

What do you like best?

Automates a lot of the correlation ideas that require work.

What do you dislike?

Configuration requirements are extensive, and you need to either have a lot of people ready to review events constantly or have the resources to automate as much as possible, or both. The amount of data sources needed and cost in licensing is non-trivial.

What business problems are you solving with the product? What benefits have you realized?

Compliance requirements, automated detection of malicious events, insight into internal user actions

Splunk review by User
User
Validated Reviewer
Verified Current User
Review Source
content

"Search Is complicated but works well"

What do you like best?

The search feature is powerful but a bit difficult to use for novice users as it takes awhile to pick up the tricks that truly make it powerful

What do you dislike?

The learning curve is a bit steeper than other search products like Elastic Search ELK Kibana.

What business problems are you solving with the product? What benefits have you realized?

Ingest logs from applications to then make searchable. It does a good job for this use case.

Splunk review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"Simple and informational"

What do you like best?

The data about the websites accessed by the users and applications used by them can be easily found out.

What do you dislike?

Sometimes the required information cannot be found even if the correct parameters are entered.

What business problems are you solving with the product? What benefits have you realized?

We are able to zero on machines infected and are able to easily find out the root cause. With the help of this, we are cleaning them.

Splunk review by Steven Y.
Steven Y.
Validated Reviewer
Review Source
content

"How to Get Overwhelmed By Logs"

What do you like best?

This tool does what is supposed to, capture every possible thing.

What do you dislike?

This tool captures far too many logs, I think our company configures it badly but search for logs is not helpful.

Recommendations to others considering the product

AWS and Azure have just as good tools in my opinion.

What business problems are you solving with the product? What benefits have you realized?

Logging for our production applications.

Splunk review by Consultant
Consultant
Validated Reviewer
Verified Current User
Review Source
content

"Great for reading logs and acting on it aggressively "

What do you like best?

Immediately sends exceptions via email to act on it

What do you dislike?

Slow User interface. Large file logs can be indexed better for performance

Recommendations to others considering the product

Very nice tool when you would like efficient real time monitoring

What business problems are you solving with the product? What benefits have you realized?

Fixing online exceptions on on the fly

Splunk review by Consultant in Information Technology and Services
Consultant in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content
Business partner of the vendor or vendor's competitor, not included in G2 scores.

"Great log Analysis tool"

What do you like best?

a crisp view of different logs and analytics

What do you dislike?

ease of use and installation process can be improved

What business problems are you solving with the product? What benefits have you realized?

i work for a huge telecomminications client and they have huge infrastructure where different api's get triggeded from different layers and to analyze those logs splunk helps us a lot

Splunk review by User
User
Validated Reviewer
Review Source
content

"SPLUNK"

What do you like best?

The best is the flexibility of SPLUNK - you can configure reporting/alerting on everything you want. It's all depends on your log files.

It's a great tool for monitoring.

User friendly.

What do you dislike?

The biggest cons is the cost. It's a bit pricy.

Some reports it takes time to generate.

Recommendations to others considering the product

I would definitely recommend SPLUNK.

What business problems are you solving with the product? What benefits have you realized?

We are using it for monitoring - reporting and alerting purposes - to have statistics. As well it's one of the main tools investigation Production issues.

Splunk review by Venkatesh  V.
Venkatesh V.
Validated Reviewer
Review Source
content

"Very useful to configure the enterprise software applications"

What do you like best?

Alerts and error logs that receives via emails

What do you dislike?

Searching in splunk through queries is kind of difficult

What business problems are you solving with the product? What benefits have you realized?

Applications availability is must needed in my company and with the help of splunk we do maintain applications with out any downtime

Splunk review by Tamara A.
Tamara A.
Validated Reviewer
Review Source
content

"Mixed experience, ended up switching"

What do you like best?

Splunk made searching within our logs easy.

What do you dislike?

After a change in leadership, we ended up going to a different service that provided a lot of the same functionality but cost less.

What business problems are you solving with the product? What benefits have you realized?

We were using Splunk Enterprise to index our logs and make it easy to search so that we could detect problems with the application earlier.

Splunk review by User
User
Validated Reviewer
Review Source
content

"Real time logging. Love it"

What do you like best?

I love how it is real time. Haven't gotten a chance to play around with is features because it seems like quite the science.

What do you dislike?

Show source takes forever to load and it also loads a snippet of errors in that time period instead of just what you selected site source for. Majority of the time I found the accompanying errors annoying and almost always unrelated

What business problems are you solving with the product? What benefits have you realized?

Our app run on different servers so it's good to see all the loss in a central place

Splunk review by Administrator
Administrator
Validated Reviewer
Review Source
content

"Splunk review"

What do you like best?

The ease of use for report creation and alerts. Customers are unaware of the information that can be provided to them until we, the splunk administrators, provide a quick tutorial of the what we can provide.

What do you dislike?

I do like the product and there are no real negatives but the licensing, when using an annual license, the renewal doesnt' start after the expiration date of the existing license.

What business problems are you solving with the product? What benefits have you realized?

We use mostly for internal authentication review

Splunk review by Sharayu A.
Sharayu A.
Validated Reviewer
Review Source
content

"Good"

What do you like best?

It has great support community. All support available is very god

What do you dislike?

It is very complex. Difficult to find a specific thing. New user will find it difficult to navigate through different search options, this is my personal experience and it might differ.

What business problems are you solving with the product? What benefits have you realized?

Data monitoring

Splunk review by User in Computer Software
User in Computer Software
Validated Reviewer
Review Source
content

"Splunk Enterprise Security for Peace of Mind"

What do you like best?

All the dashboards and displays are very helpful in monitoring real time risks. Alerts are timely and makes it easy to track and resolve threats.

What do you dislike?

There is a learning curve to using this tool because there are so many features, and sometimes it's hard to find the right features.

What business problems are you solving with the product? What benefits have you realized?

It helps us see what is happening in all of our data centers across the whole organization, and benefits in giving us peace of mind.

Splunk review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Review Source
content

"Flexible and Great Data Security Product"

What do you like best?

Real time monitoring of endpoints, networks to analyse logs, malware , threats and other incidents.

Alert management systems can be assigned to alert us about events.

Dashboards can be customized according to the need.

Captured data can be exported in different formats.

Even data logged in the past can be captured.

What do you dislike?

License prices are based on Volume and lifetime and is slightly expensive.

What business problems are you solving with the product? What benefits have you realized?

Real time monitoring of logs to detect threats, errors and other incidents based on location.

Customized dashboards for different projects and data analysis.

Splunk review by Administrator
Administrator
Validated Reviewer
Review Source
content

"Splunk analytics"

What do you like best?

It is very user friendly and helps analyse the machine date quickly with its features like dashboard knowledge objects etc .

What do you dislike?

If we have to get certified in this the entry level certification is free but after that it's a bit tough to get training and material for getting used to the tool

What business problems are you solving with the product? What benefits have you realized?

As already aadi we can analyse our machine date and build easy reports for analysis.

Splunk review by Jas H.
Jas H.
Validated Reviewer
Review Source
content

"Best"

What do you like best?

Easy to use. Easy to search. Easy to upgrade.

What do you dislike?

Reports are exported in csv file which are geanarally hard to read. Need pdf's for easy understanding.

What business problems are you solving with the product? What benefits have you realized?

Checking logs and anf threat.

Splunk review by User in Recreational Facilities and Services
User in Recreational Facilities and Services
Validated Reviewer
Verified Current User
Review Source
content

"Use in a Tech Support Rol"

What do you like best?

Endless ways to customize search and specify a search from 900,000 events to 1. Amazing

What do you dislike?

Not a whole lot, maybe more in app recommendations/suggestions for new users

What business problems are you solving with the product? What benefits have you realized?

I use splunk to search for events to help troubleshoot common issues with email deliverability

Kate from G2

Learning about Splunk Enterprise Security?

I can help.
* We monitor all Splunk Enterprise Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.