Splunk Enterprise Security (ES) Reviews & Ratings 2024

Name: Which Threat Intelligence is best for you? Mandiant, Cisco SecureX, Splunk, Crowdstrike Falcon
Uploaded: 2022-10-21T16:23:11.000Z
Duration: 6 min 8 s
Description: Threat intelligence capabilities can be found in a variety of products. In this video, the TrustRadius team goes over 4 leading products in the space, including Splunk Enterprise Security (ES).

Overview

What is Splunk Enterprise Security (ES)?

Splunk Enterprise Security (SIEM) is the company's flagship SIEM product, offered as a premium service to subscribers of Splunk Cloud or Splunk Enterprise.

Recent Reviews

The Power of Splunk Enterprise.

9 out of 10

March 25, 2024

Incentivized

We use Splunk Enterprise in our Organization to achieve the following. Consolidate logs from all sources in one place. Create Custom …

TrustRadius Insights

December 14, 2023

Intuitive User Interface: Users have consistently found the user interface of the product intuitive and easy to use, allowing for quick …

Splunk Enterprise Security: My Review

9 out of 10

October 24, 2023

Incentivized

It's easy to build queries & integrate with other systems and applications. There are a lot of add ons you can integrate to Splunk that …

Highly Recommended!

7 out of 10

September 12, 2023

Incentivized

Splunk Enterprise Security (ES) is integral to our cybersecurity strategy. It swiftly detects and responds to threats, addressing …

Splunk ES Review

7 out of 10

September 12, 2023

Incentivized

I was evaluating Splunk for a potential client. Splunk is a great tool for anyone that needs a SIEM to monitor data, networks, users, etc. …

Splunk ES, a great tool to use with some caveats!

8 out of 10

September 12, 2023

Incentivized

I use the product to help monitor, analyze and potentially mitigate certain security issues that may come up. This includes acting as a …

excellent platform for the collection and management of logs from multiple sources

9 out of 10

September 11, 2023

Incentivized

splunk ES is a very useful and powerful tool as a SIEM platform, we send logs from multiple sources such as winodws servers, linux, RH, …

Splunk ES Review

9 out of 10

September 06, 2023

Incentivized

We use Splunk ES to monitor security-relevant events, create notables for our Analysts to review, and overall improve our organization's …

Secure with Splunk Enterprise Security (ES)

10 out of 10

September 06, 2023

Incentivized

I work for big organization and large infrastructure .Splunk Enterprise Security (ES) helps alot in security prospective and to chase …

a good tool for threat hunting and response

7 out of 10

August 31, 2023

Incentivized

we use ES to analyse the risk of the organization and do actions to mitigate them to enhance our security Level in the environment faced …

Splunk Enterprise Security is a must!

9 out of 10

July 24, 2023

Incentivized

I am a security analyst and so I use it on a day to day basis to triage and troubleshoot alerts and security incidents in my organization. …

Splunk ES Alert Reduction

8 out of 10

July 21, 2023

Incentivized

Our analysts use ES to gain a broad perspective on all the security events coming in from our customer devices. We have multiple internal …

Splunk Enterprise Security (ES) - Clear Market Leader

10 out of 10

July 20, 2023

Incentivized

Use it as the SIEM - data monitoring, threat detection and remediation.

Best siem on the market

9 out of 10

June 05, 2023

Incentivized

The module performs data analysis within our Data Indexers. Everything related to the administration of the elements of operation, …

Automated Reporting and monitoring tool

10 out of 10

May 30, 2023

Incentivized

We use it for reporting error conditions. For example, whenever there is failed authentication beyond an acceptable rate, then we create …

Securing Your Environment with Splunk Enterprise Security.

9 out of 10

May 22, 2023

Incentivized

Our scope is actually quite large as my team is responsible for the protection of tens of thousands of devices. This is accomplished with …

Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features

Centralized event and log data collection (100)
9.3
93%
Custom dashboards and workspaces (102)
9.1
91%
Incident indexing/searching (101)
8.8
88%
Deployment flexibility (101)
8.3
83%

Reviewer Pros & Cons

View all pros & cons

Offers Dashboard Abilities: Helps build complex panels for Dashboards in addition to providing several out-of-the-box panels. Ex: creating panels to c...
Autofill: The query autofill isn't that great. It needs better suggestions for beginners especially.

Verified User

Engineer in Information Technology

Computer Software Company, 1001-5000 employees

Dashboard UI is intuitive and exceptionally educational, so one can easily find whatever they are looking for.
Sometimes, it's very, very slow! It also takes a long time to refresh.

Yash Dabhi

Software Engineer

Maruti Techlabs (Computer Software, 201-500 employees)

Return to navigation

Pricing

View all pricing

Splunk Enterprise Security (ES)

N/A

Unavailable

What is Splunk Enterprise Security (ES)?

Splunk Enterprise Security (SIEM) is the company's flagship SIEM product, offered as a premium service to subscribers of Splunk Cloud or Splunk Enterprise.

Entry-level set up fee?

No setup fee

For the latest information on pricing, visithttps://www.splunk.com/en_us/products/p…

Offerings

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

67 people also want pricing

Alternatives Pricing

Microsoft Sentinel

$2.46

per GB ingested

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

InsightIDR

$5.89

per month per asset

What is InsightIDR?

In addition to their incident response service, Rapid7 offers InsightIDR, a combined XDR and SIEM that provides user behavior and threat analytics.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.5

Avg 7.8

9.3
Centralized event and log data collection
(100) Ratings
Effectiveness of real-time centralized event and log data collection
8.8
Correlation
(99) Ratings
Correlation of logs and events to pinpoint significant threats
8.5
Event and log normalization/management
(100) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
8.3
Deployment flexibility
(101) Ratings
Ability to tune system to maximize threat detection and minimize false positives
8
Integration with Identity and Access Management Tools
(96) Ratings
Integration with access control tools like Active Directory and LDAP
9.1
Custom dashboards and workspaces
(102) Ratings
dashboards that can be customized to meet the needs of specific groups
8.3
Host and network-based intrusion detection
(96) Ratings
Ability to detect both endpoint intrusion and network ingress detection
8.4
Data integration/API management
(98) Ratings
Ease and quality of data integrations between SIEM and other systems
7.9
Behavioral analytics and baselining
(95) Ratings
How effectively activity and behavior baselines are established and maintained
8.7
Rules-based and algorithmic detection thresholds
(96) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
7.4
Response orchestration and automation
(87) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
9.1
Reporting and compliance management
(95) Ratings
Ease and quality of reporting and compliance functions
8.8
Incident indexing/searching
(101) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM

Return to navigation

Product Details

About
Competitors
Tech Details
FAQs

What is Splunk Enterprise Security (ES)?

Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale. Ingest machine data from any source for full visibility to detect malicious threats in an environment. Investigate and correlate activities across multicloud and on-premises sources in one unified view to identify and remediate security incidents. Splunk Enterprise Security supports cloud, on-premises, and hybrid deployment models to meet the needs of the business. When deployed as a cloud-based SIEM, the vendor states Splunk Enterprise Security can deliver improved time to value, allowing teams to focus on higher value security tasks instead of managing infrastructure hardware and manual upgrades.

Splunk Enterprise Security (ES) Video

Threat intelligence capabilities can be found in a variety of products. In this video, the TrustRadius team goes over 4 leading products in the space, including Splunk Enterprise Security (ES).

Splunk Enterprise Security (ES) Competitors

Splunk Enterprise Security (ES) Technical Details

Operating Systems	Unspecified
Mobile Application	No

Frequently Asked Questions

Splunk Enterprise Security (SIEM) is the company's flagship SIEM product, offered as a premium service to subscribers of Splunk Cloud or Splunk Enterprise.

IBM Security QRadar SIEM, LogRhythm NextGen SIEM Platform, and Securonix Next-Generation SIEM are common alternatives for Splunk Enterprise Security (ES).

Reviewers rate Centralized event and log data collection highest, with a score of 9.3.

The most common users of Splunk Enterprise Security (ES) are from Enterprises (1,001+ employees).

Return to navigation

Comparisons

View all alternatives

Compare with

Reviews and Ratings

(250)

January 31st 2024

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Pros
Cons
Recommendations

Intuitive User Interface: Users have consistently found the user interface of the product intuitive and easy to use, allowing for quick completion of tasks. Many reviewers praised its simplicity and user-friendly design.

Efficient Log Correlation: The automation capabilities in XDR were highly appreciated by users as they enable efficient log correlation and turning data into meaningful insights. Several reviewers mentioned that this feature saves them time and enhances their overall productivity.

Comprehensive Security Monitoring: Users highlighted the product's ability to monitor firewall traffic, mail systems, and AWS infrastructure, providing comprehensive security monitoring. This feature was commended for its effectiveness in identifying potential threats from various sources.

User Interface: Users have found the user interface of Splunk Enterprise Security to be confusing and not user-friendly, with a steep learning curve. Some users suggest improving the UI by reducing the number of clicks required.

Troubleshooting and Integration: Several users have experienced difficulty troubleshooting and integrating Splunk with other products. They mention that customizations often require technical support which may not always be on point. There is a need for optimization when it comes to handling multiple data sources.

Default Searches and Alerts: Many users find the default searches and alerts provided by Splunk Enterprise Security to be not valuable and in need of customization. They suggest better alert suppression, improved permissions, and more support for certain tools. Furthermore, users desire a more polished version of the miter coverage dashboard.

Users commonly recommend the following for Splunk Enterprise:

Invest in proper training for personnel to avoid misuse and low performance. Users suggest that investing in training for staff is crucial to ensure effective use of the software and prevent any potential issues or underutilization.
Consider other products in the market and evaluate compatibility with your business needs. While users recommend Splunk Enterprise, they also suggest exploring alternative solutions to determine which one best suits their specific requirements and environment.
Try Splunk Enterprise for free and explore its documentation. Users advise others to take advantage of the free trial offered by Splunk Enterprise and thoroughly explore the product documentation. This will help users evaluate whether the software meets their needs and understand its features before making a purchase decision.

Attribute Ratings

Reviews

(1-25 of 103)

Sort By *

Companies can't remove reviews or game the system. Here's why

March 25, 2024

The Power of Splunk Enterprise.

Verified User

Engineer in Information Technology

Computer Software Company, 1001-5000 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

57.857142857142854%

5.8

Centralized event and log data collection: 90%
9.0
Correlation: 100%
10.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: N/A
N/A
Log retention: 80%
8.0
Data integration/API management: 90%
9.0
Behavioral analytics and baselining: N/A
N/A
Rules-based and algorithmic detection thresholds: N/A
N/A
Response orchestration and automation: N/A
N/A
Reporting and compliance management: N/A
N/A
Incident indexing/searching: 100%
10.0

October 24, 2023

Splunk Enterprise Security: My Review

Yash Dabhi

Software Engineer

Maruti Techlabs (Computer Software, 201-500 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

62.857142857142854%

6.3

Centralized event and log data collection: 90%
9.0
Correlation: 90%
9.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 80%
8.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: N/A
N/A
Log retention: 90%
9.0
Data integration/API management: 90%
9.0
Behavioral analytics and baselining: N/A
N/A
Rules-based and algorithmic detection thresholds: N/A
N/A
Response orchestration and automation: N/A
N/A
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 100%
10.0

September 12, 2023

Highly Recommended!

Verified User

C-Level Executive in Corporate

Information Technology & Services Company, 1-10 employees

Score 7 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

69.28571428571429%

6.9

Centralized event and log data collection: 70%
7.0
Correlation: 60%
6.0
Event and log normalization/management: 70%
7.0
Deployment flexibility: 70%
7.0
Integration with Identity and Access Management Tools: 60%
6.0
Custom dashboards and workspaces: 80%
8.0
Host and network-based intrusion detection: 70%
7.0
Log retention: 60%
6.0
Data integration/API management: 70%
7.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 70%
7.0
Response orchestration and automation: 70%
7.0
Reporting and compliance management: 70%
7.0
Incident indexing/searching: 70%
7.0

September 12, 2023

Splunk ES Review

Sam Babbitt

System/Network Administrator

Babbitt Access Computers (Computer & Network Security, 1-10 employees)

Score 7 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

71.42857142857143%

7.1

Centralized event and log data collection: 70%
7.0
Correlation: 70%
7.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 60%
6.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 80%
8.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 60%
6.0
Data integration/API management: 70%
7.0
Behavioral analytics and baselining: 70%
7.0
Rules-based and algorithmic detection thresholds: 70%
7.0
Response orchestration and automation: 60%
6.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 70%
7.0

September 12, 2023

Splunk ES, a great tool to use with some caveats!

Verified User

Analyst in Information Technology

Banking Company, 1001-5000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

82.85714285714286%

8.3

Centralized event and log data collection: 100%
10.0
Correlation: 90%
9.0
Event and log normalization/management: 100%
10.0
Deployment flexibility: 100%
10.0
Integration with Identity and Access Management Tools: 100%
10.0
Custom dashboards and workspaces: 100%
10.0
Host and network-based intrusion detection: 50%
5.0
Log retention: 100%
10.0
Data integration/API management: 100%
10.0
Behavioral analytics and baselining: 100%
10.0
Rules-based and algorithmic detection thresholds: 50%
5.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: N/A
N/A
Incident indexing/searching: 90%
9.0

September 11, 2023

excellent platform for the collection and management of logs from multiple sources

Verified User

Professional in Information Technology

Internet Company, 5001-10,000 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

79.28571428571429%

7.9

Centralized event and log data collection: 90%
9.0
Correlation: 80%
8.0
Event and log normalization/management: 70%
7.0
Deployment flexibility: 70%
7.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 80%
8.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 70%
7.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 60%
6.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 90%
9.0

September 06, 2023

Splunk ES Review

Verified User

Manager in Information Technology

Computer & Network Security Company, 11-50 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

80%

8.0

Centralized event and log data collection: 90%
9.0
Correlation: 90%
9.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 60%
6.0
Integration with Identity and Access Management Tools: 60%
6.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 100%
10.0
Data integration/API management: 60%
6.0
Behavioral analytics and baselining: 60%
6.0
Rules-based and algorithmic detection thresholds: 60%
6.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 100%
10.0

September 06, 2023

Secure with Splunk Enterprise Security (ES)

Verified User

Team Lead in Information Technology

Hospital & Health Care Company, 5001-10,000 employees

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

85.71428571428571%

8.6

Centralized event and log data collection: 90%
9.0
Correlation: 90%
9.0
Event and log normalization/management: 100%
10.0
Deployment flexibility: 80%
8.0
Integration with Identity and Access Management Tools: 90%
9.0
Custom dashboards and workspaces: 80%
8.0
Host and network-based intrusion detection: 90%
9.0
Log retention: 90%
9.0
Data integration/API management: 70%
7.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 90%
9.0

August 31, 2023

a good tool for threat hunting and response

Verified User

Engineer in Information Technology

Financial Services Company, 10,001+ employees

Score 7 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

57.857142857142854%

5.8

Centralized event and log data collection: 60%
6.0
Correlation: 60%
6.0
Event and log normalization/management: 70%
7.0
Deployment flexibility: 60%
6.0
Integration with Identity and Access Management Tools: 70%
7.0
Custom dashboards and workspaces: 60%
6.0
Host and network-based intrusion detection: 70%
7.0
Log retention: 70%
7.0
Data integration/API management: 50%
5.0
Behavioral analytics and baselining: 40%
4.0
Rules-based and algorithmic detection thresholds: 50%
5.0
Response orchestration and automation: 50%
5.0
Reporting and compliance management: 50%
5.0
Incident indexing/searching: 50%
5.0

July 24, 2023

Splunk Enterprise Security is a must!

Joe Contreras

Senior Security Specialist

San Manuel Casino (Entertainment, 5001-10,000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

58.57142857142857%

5.9

Centralized event and log data collection: 70%
7.0
Correlation: 80%
8.0
Event and log normalization/management: 70%
7.0
Deployment flexibility: 70%
7.0
Integration with Identity and Access Management Tools: 70%
7.0
Custom dashboards and workspaces: 50%
5.0
Host and network-based intrusion detection: 60%
6.0
Log retention: 90%
9.0
Data integration/API management: N/A
N/A
Behavioral analytics and baselining: 50%
5.0
Rules-based and algorithmic detection thresholds: 50%
5.0
Response orchestration and automation: 40%
4.0
Reporting and compliance management: 40%
4.0
Incident indexing/searching: 80%
8.0

July 21, 2023

Splunk ES Alert Reduction

Verified User

Engineer in Engineering

Defense & Space Company, 5001-10,000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

60%

6.0

Centralized event and log data collection: 80%
8.0
Correlation: 80%
8.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 60%
6.0
Integration with Identity and Access Management Tools: N/A
N/A
Custom dashboards and workspaces: 70%
7.0
Host and network-based intrusion detection: N/A
N/A
Log retention: 100%
10.0
Data integration/API management: 100%
10.0
Behavioral analytics and baselining: 70%
7.0
Rules-based and algorithmic detection thresholds: 100%
10.0
Response orchestration and automation: N/A
N/A
Reporting and compliance management: N/A
N/A
Incident indexing/searching: 100%
10.0

July 20, 2023

Splunk Enterprise Security (ES) - Clear Market Leader

Verified User

Administrator in Information Technology

Financial Services Company, 10,001+ employees

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

85%

8.5

Centralized event and log data collection: 100%
10.0
Correlation: 100%
10.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 80%
8.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 90%
9.0
Log retention: 90%
9.0
Data integration/API management: 70%
7.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 80%
8.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 90%
9.0

June 05, 2023

Best siem on the market

Verified User

Technician in Product Management

Machinery Company, 5001-10,000 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

90.71428571428571%

9.1

Centralized event and log data collection: 90%
9.0
Correlation: 100%
10.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 90%
9.0
Custom dashboards and workspaces: 100%
10.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 90%
9.0
Data integration/API management: 100%
10.0
Behavioral analytics and baselining: 90%
9.0
Rules-based and algorithmic detection thresholds: 100%
10.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 90%
9.0

May 30, 2023

Automated Reporting and monitoring tool

Verified User

Professional in Information Technology

Banking Company, 10,001+ employees

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

85.71428571428571%

8.6

Centralized event and log data collection: 80%
8.0
Correlation: 80%
8.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 90%
9.0
Log retention: 90%
9.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 80%
8.0

May 22, 2023

Securing Your Environment with Splunk Enterprise Security.

Verified User

Engineer in Engineering

Information Technology & Services Company, 201-500 employees

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

89.28571428571429%

8.9

Centralized event and log data collection: 100%
10.0
Correlation: 90%
9.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 100%
10.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 100%
10.0
Data integration/API management: 90%
9.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 70%
7.0
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 100%
10.0

March 16, 2023

Control of accounts, malware and anomalies in a single software.

jacod Jones

RPA Engineer

Mr. Cooper (Financial Services, 5001-10,000 employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

100%

10.0

Centralized event and log data collection: 100%
10.0
Correlation: 100%
10.0
Event and log normalization/management: 100%
10.0
Deployment flexibility: 100%
10.0
Integration with Identity and Access Management Tools: 100%
10.0
Custom dashboards and workspaces: 100%
10.0
Host and network-based intrusion detection: 100%
10.0
Log retention: 100%
10.0
Data integration/API management: 100%
10.0
Behavioral analytics and baselining: 100%
10.0
Rules-based and algorithmic detection thresholds: 100%
10.0
Response orchestration and automation: 100%
10.0
Reporting and compliance management: 100%
10.0
Incident indexing/searching: 100%
10.0

January 13, 2023

Amazing solution to maintain the integrity of the investigations.

Verified User

Professional in Product Management

Security & Investigations Company, 5001-10,000 employees

Score 10 out of 10

Vetted Review

Verified User

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

93.57142857142858%

9.4

Centralized event and log data collection: 90%
9.0
Correlation: 90%
9.0
Event and log normalization/management: 100%
10.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 100%
10.0
Custom dashboards and workspaces: 70%
7.0
Host and network-based intrusion detection: 100%
10.0
Log retention: 100%
10.0
Data integration/API management: 90%
9.0
Behavioral analytics and baselining: 100%
10.0
Rules-based and algorithmic detection thresholds: 100%
10.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 100%
10.0
Incident indexing/searching: 90%
9.0

November 08, 2022

Splunk ES help you aggregate to achieve visibility and leverage security intelligence across the organization

Fabio Silva

Senior Network Engineer

Fexco (Financial Services, 1001-5000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

82.85714285714286%

8.3

Centralized event and log data collection: 90%
9.0
Correlation: 90%
9.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 70%
7.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 80%
8.0
Host and network-based intrusion detection: 90%
9.0
Log retention: 80%
8.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: 100%
10.0
Incident indexing/searching: 70%
7.0

October 06, 2022

Great tool with artificial intelligence to manage and mitigate threats.

Verified User

Analyst in Information Technology

Consumer Services Company, 51-200 employees

Score 10 out of 10

Vetted Review

Verified User

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)

N/A

August 02, 2022

Aligning on Splunk means a cheaper and far more flexible security monitoring solution.

Verified User

Professional in Information Technology

Fund-Raising Company, 1001-5000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

79.28571428571429%

7.9

Centralized event and log data collection: 90%
9.0
Correlation: 80%
8.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 70%
7.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 80%
8.0
Data integration/API management: 70%
7.0
Behavioral analytics and baselining: 70%
7.0
Rules-based and algorithmic detection thresholds: 80%
8.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: 70%
7.0
Incident indexing/searching: 80%
8.0

July 21, 2022

Considerations from an ES implementation in SOCs consultant

Giuseppe Cusello

GRC Director

Cyber Partners S.p.A. (Information Technology & Services, 11-50 employees)

Score 10 out of 10

Vetted Review

Reseller Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

72.85714285714286%

7.3

Centralized event and log data collection: 100%
10.0
Correlation: 100%
10.0
Event and log normalization/management: 100%
10.0
Deployment flexibility: 100%
10.0
Integration with Identity and Access Management Tools: 30%
3.0
Custom dashboards and workspaces: 30%
3.0
Host and network-based intrusion detection: 30%
3.0
Log retention: 100%
10.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 80%
8.0
Rules-based and algorithmic detection thresholds: 60%
6.0
Response orchestration and automation: 60%
6.0
Reporting and compliance management: 80%
8.0
Incident indexing/searching: 70%
7.0

July 20, 2022

One SIEM to rule them all

Verified User

Engineer in Information Technology

Banking Company, 10,001+ employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

93.57142857142858%

9.4

Centralized event and log data collection: 100%
10.0
Correlation: 90%
9.0
Event and log normalization/management: 80%
8.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 100%
10.0
Custom dashboards and workspaces: 100%
10.0
Host and network-based intrusion detection: 100%
10.0
Log retention: 100%
10.0
Data integration/API management: 100%
10.0
Behavioral analytics and baselining: 70%
7.0
Rules-based and algorithmic detection thresholds: 80%
8.0
Response orchestration and automation: 100%
10.0
Reporting and compliance management: 100%
10.0
Incident indexing/searching: 100%
10.0

July 19, 2022

Top class security alerting with excellent outbreak handling and precise vulnerability analysis.

Ramu S R

Junior Network Administrator

AMRITA VISHWA VIDYAPEETHAM (Higher Education, 5001-10,000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

86.42857142857142%

8.6

Centralized event and log data collection: 90%
9.0
Correlation: 80%
8.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 80%
8.0
Integration with Identity and Access Management Tools: 80%
8.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 90%
9.0
Log retention: 90%
9.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 90%
9.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 80%
8.0

July 18, 2022

Splunk Enterprise Security tools are Avengers for your software systems.

Verified User

Technician in Engineering

Information Technology & Services Company, 1001-5000 employees

Score 8 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

87.14285714285714%

8.7

Centralized event and log data collection: 80%
8.0
Correlation: 90%
9.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 80%
8.0
Integration with Identity and Access Management Tools: 60%
6.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 100%
10.0
Log retention: 90%
9.0
Data integration/API management: 80%
8.0
Behavioral analytics and baselining: 90%
9.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 90%
9.0
Reporting and compliance management: 100%
10.0
Incident indexing/searching: 90%
9.0

July 15, 2022

Highly precise alert monitoring with detailed logging.

AMJITH LAL S

Senior Network Administrator

AMRITA VISHWA VIDYAPEETHAM (Higher Education, 5001-10,000 employees)

Score 9 out of 10

Vetted Review

Verified User

Incentivized

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM) (14)

87.85714285714286%

8.8

Centralized event and log data collection: 80%
8.0
Correlation: 90%
9.0
Event and log normalization/management: 90%
9.0
Deployment flexibility: 90%
9.0
Integration with Identity and Access Management Tools: 90%
9.0
Custom dashboards and workspaces: 90%
9.0
Host and network-based intrusion detection: 80%
8.0
Log retention: 90%
9.0
Data integration/API management: 90%
9.0
Behavioral analytics and baselining: 90%
9.0
Rules-based and algorithmic detection thresholds: 90%
9.0
Response orchestration and automation: 80%
8.0
Reporting and compliance management: 90%
9.0
Incident indexing/searching: 90%
9.0

Return to navigation

Splunk Enterprise Security (ES)

Microsoft Sentinel

InsightIDR

Microsoft Sentinel

Splunk SOAR

Splunk Enterprise

Splunk User Behavior Analytics (UBA)

FortiAnalyzer

IBM Security QRadar SIEM

Elastic Security

CrowdStrike Falcon

Snort

Splunk Cloud

Community Insights