What users are saying about
61 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100
11 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9.2 out of 100

Likelihood to Recommend

Splunk Cloud

I find that Splunk Cloud is well suited for tracking user logins, Server Reboots, failed login attempts, account lockouts, and sorting these items by host or user. We often trace failed user logins to someone having cached credentials on an endpoint which can result in locked accounts that drive the Help Desk ticket volume up unnecessarily.
Jeff Kitchens | TrustRadius Reviewer

Splunk Enterprise Security

If you have Splunk already, definitely consider ES. The ability to do security alerting around the common information model is very useful. In particular, pulling in threat lists automatically and checking for those indicators across all your data sources is awesome. The ability to have alerts that don't display to the analyst but just update the risk on a user or system is great too. It does provide a view of potential incidents and a platform for investigations but I don't feel like these functions are smooth enough to provide much value.
Allan Crittenden Edwards | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Splunk Cloud
8.5
Splunk Enterprise Security
9.5
Centralized event and log data collection
Splunk Cloud
9.3
Splunk Enterprise Security
10.0
Correlation
Splunk Cloud
8.5
Splunk Enterprise Security
10.0
Event and log normalization/management
Splunk Cloud
9.5
Splunk Enterprise Security
10.0
Deployment flexibility
Splunk Cloud
8.2
Splunk Enterprise Security
9.5
Integration with Identity and Access Management Tools
Splunk Cloud
8.5
Splunk Enterprise Security
8.5
Custom dashboards and workspaces
Splunk Cloud
9.7
Splunk Enterprise Security
8.5
Host and network-based intrusion detection
Splunk Cloud
7.7
Splunk Enterprise Security
9.5
Data integration/API management
Splunk Cloud
8.0
Splunk Enterprise Security
9.0
Behavioral analytics and baselining
Splunk Cloud
7.0
Splunk Enterprise Security
10.0
Rules-based and algorithmic detection thresholds
Splunk Cloud
8.0
Splunk Enterprise Security
10.0
Response orchestration and automation
Splunk Cloud
8.0
Splunk Enterprise Security
10.0
Reporting and compliance management
Splunk Cloud
8.5
Splunk Enterprise Security
10.0
Incident indexing/searching
Splunk Cloud
9.5
Splunk Enterprise Security
9.0

Pros

Splunk Cloud

  • With Splunk Cloud you get the advantage of moving from POC to Production in a matter of days rather than in months allowing the Business to gain a lot.
  • Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership)
  • Move from Reactive to Proactive Monitoring
  • Highly secure environment at your finger-tips
Manan Bhatt | TrustRadius Reviewer

Splunk Enterprise Security

  • Correlation searches
  • Notable events
  • Security use cases
Anonymous | TrustRadius Reviewer

Cons

Splunk Cloud

  • Some of their more advanced features, like ITSI, Machine Learning, or Security Analytics, can be very challenging to setup and configure.
  • Splunk Cloud support has been a challenge in the past. They are getting better, but they have had problems responding in a timely manner to issues.
  • These are only some minor observations of things I have had to deal with. In general, Splunk is a solid product that is fantastic to use.
Anonymous | TrustRadius Reviewer

Splunk Enterprise Security

  • The application seems inefficient/resource intensive
  • The default searches and alerts are unlikely to provide much value
Allan Crittenden Edwards | TrustRadius Reviewer

Usability

Splunk Cloud

Splunk Cloud 8.0
Based on 1 answer
Overall, it is very usable. I would like if recent searches were saved for longer because I always have to refer to my notes when I'm looking for something specific and it's been a few weeks. But that's a small issue, and the actual search and browsing interface is easy to use and powerful.
Kevin Smith | TrustRadius Reviewer

Splunk Enterprise Security

Splunk Enterprise Security 10.0
Based on 1 answer
You definitely need to learn how to use Splunk to get the most of the tool. There are many courses available for free to get up to speed on the usability of the tool but it's not that simple. It will take time to digest all the data and to understand how to query for what you are looking for.
Anonymous | TrustRadius Reviewer

Support Rating

Splunk Cloud

Splunk Cloud 7.5
Based on 4 answers
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.
Fraser Clark | TrustRadius Reviewer

Splunk Enterprise Security

Splunk Enterprise Security 9.0
Based on 2 answers
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
Allan Crittenden Edwards | TrustRadius Reviewer

Alternatives Considered

Splunk Cloud

Splunk Cloud blows Sumo Logic out of the water. The experience is night and day. We went from several highly stressed IT security professionals who were unsure if the data they were getting was valuable, to very happy IT security professionals who can now be more proactive and get all the information they need.
Joseph Sweet | TrustRadius Reviewer

Splunk Enterprise Security

We used QRadar a while ago. Perhaps it was just poorly configured but it provided almost no value. It seemed harder to tune for our environment if it was even possible. Also, they didn't value us as a customer. They tried to make us re-purchase the product when they acquired it, even though we already had it in place.
Allan Crittenden Edwards | TrustRadius Reviewer

Return on Investment

Splunk Cloud

  • The biggest return on investment is how quickly logs are now consumed, and how quickly we can follow events that occur in logs.
  • The number of logs that can be consumed by Splunk is much higher than previous solutions.
  • We have much better visibility into our logs, and are able to spot patterns in events with the built-in graphs and reports.
Chase Palmer, CISSP | TrustRadius Reviewer

Splunk Enterprise Security

  • Less time to remediate for security incidents
  • Reduction of noisy alerts for security teams
  • Integration with many sources to gain visibility
Anonymous | TrustRadius Reviewer

Pricing Details

Splunk Cloud

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Splunk Enterprise Security

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Rating Summary

Likelihood to Recommend

Splunk Cloud
8.5
Splunk Enterprise Security
9.0

Usability

Splunk Cloud
8.0
Splunk Enterprise Security
10.0

Support Rating

Splunk Cloud
7.5
Splunk Enterprise Security
9.0

Add comparison