Splunk Enterprise Reviews

315 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.8 out of 100

Do you work for this company? Learn how we help vendors

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 61)

Companies can't remove reviews or game the system. Here's why.
April 29, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is being used by mostly IT Department. [It's] being used to monitor security monitoring purpose[s] along with [business-relevant] use case monitoring.
  • Data Normalization
  • Correlation
  • Data Analytics
  • Use Case Development Capability
  • Cost
Splunk Enterprise is mostly suited for organizations where enough budget is available to maintain along with having dedicated resource[s] for it. While [it's] a great tool, you need to skilled resource[s] to get the best out of it.
Read this authenticated review
February 29, 2020
Fraser Clark | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk was initially purchased to be our replacement for our syslog server, but it has grown into much much more and this is because of how easy it is to get logs into Splunk and the flexibility of what can be done with those logs.
We are now using it as a security tool, ingesting logs from lots of different sources and even our cloud platforms.
Currently it is just our IT team that use Splunk.
  • Dashboards/visualisations.
  • Can ingest any type of data.
  • Flexibility with filtering, etc.
  • Steep learning curve.
  • Full stack reporting (though with SignalFX being purchased by Splunk, this is clearly a high priority).
  • Team needed to manage large installations.
Splunk is excellent in most situations where log collection and aggregation is needed. It can work as a small scale syslog server and be built on from that.
The obvious wall is the cost of the product and for that reason I would say smaller businesses would not be suited to this as there are free solutions that could bridge this gap.
If going through a reseller, their support can be very good and I have experienced this.
However, when dealing directly with Splunk for support it can be quite challenging. The support is okay, but has a lot of room for improvement. Sometimes tickets just get no response for weeks with multiple chases. It's very hard to speak to a member of the team that would actually work on your ticket, it's always just frontline who then just send it to the correct team.
Read Fraser Clark's full review
February 19, 2020
ShuYun Du | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to integrate all the logs for each of the applications. Building dashboards and alerts base on the logs by the Application team's requirement. The Application team will be able to search through their log from one centralized place rather than logging into multiple servers to try to define the issue manually. With the Splunk search language, it is very easy to look for possible errors within a certain time frame. Our organization also use Splunk for fraud investigation purpose. We have more than 100 application teams using Splunk today and most of them are using it for troubleshooting purposes when there is an issue that has occurred.
  • Log mining.
  • Able to consume multiple log sources.
  • Provides the possibility to upgrade the Splunk UF from a deployment server.
  • Splunk search language can be very expensive if the users do not know what they are doing.
Splunk is the best tool to use for log mining. It is also good at combining multiple sources of logs together and creates a single pane of glass. It can do lots of APM monitoring however at the end of the day it is more of a log mining tool but not an APM tool. It is best to use for business analyzing, debugging and fraud investigation. When it comes to monitoring part, get a proper APM tool will be a better idea.
It is a great tool that does an excellent job. However, the only downside of Splunk is that the learning curve is not very flat. It requires the user to investigate some time to train a beginner becomes an expert. Also, working on the Splunk Web GUI is very different from working on Splunk infrastructure. Even if the Splunk environment is well designed, you will still need someone to constantly watching the performance of the Splunk instance. Other than this, everything works very well.
Read ShuYun Du's full review
February 18, 2020
Daniel Garrett | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is utilized for creation of dashboards and log queries across many areas.
  • Quick log queries across different types of infrastructure
  • Adaptable dashboards for digesting large amounts of continuous data
  • Easy access and sharing of information via URL links
  • Building Splunk queries can be comber some without intricate knowledge of Splunk and the applications involved
  • Dashboard duplication for different areas can be difficult
  • Capturing all necessary data from cloud platforms is not always straightforward
Real-time and historical log research is a glowing achievement for Splunk. Splunk is also quite effective at dashboard creation and presentation with high level or more granular investigation possible.
Read Daniel Garrett's full review
March 12, 2020
Ahmet Fatih IRKLI | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used across the whole department in our organization for Security information
and event management. It improves our security aspect of the assets by collecting logs. Splunk offers log collection from all types of assets in the environment varying from vulnerability scanning tools to network devices. Centralizing all these logs and managing them from one place is the real deal. It manages huge amounts of log data with a robust operation. Every day our environment creates dozens of logs and Splunk enables us to
see anomalies with alarms.
  • Maximize endpoint logging.
  • Can find and store logs from all types of assets.
  • Customization of dashboards.
  • Creating apps based on your needs.
  • Alarm feature alerts relevant people in the organization.
  • Data visualization.
  • Search queries can be saved for future or even can be converted to apps.
  • Slow interface.
I definitely recommend Splunk Enterprise to security and network teams as it is perfectly scalable for any size environment.
  • Network teams can easily see if there is a problem with the network device.
  • The security team can easily be notified about anomalies that may due to an intrusion.
  • The support team can follow the situation of assets and tools.
  • It can be integrated with most of the tools available on the market.
The support team has helped a lot.
Read Ahmet Fatih IRKLI's full review
April 14, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is our one stop shop for all log data. We send logs from everything from servers, routers, firewalls, switches, sans and applications there to be analyzed and reviewed by different teams. This solves a critical issue by ensuring all teams are working from the same information. Prior to consolidating onto Splunk a number of different sources of truth leading different teams to work with different information.
  • Single source of truth for all log files.
  • Alerting system based on captured log data.
  • Reporting/Dashboard system to present data.
  • Complex overall architecture.
  • Long implementation time.
  • High cost.
  • Requires on-going staff time to keep running effectively.
Splunk is a great fit for organizations that need to consolidate log data. It's also a great fit for organizations that need to provide access to data to different teams of engineers. We send all of our log data to Splunk, index and report on it then provide access to different teams based on need.
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Read this authenticated review
March 06, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Currently our bank has different departments with their own Splunk infrastructure. We are currently building a larger infrastructure to incorporate all departments to join this centralized infrastructure with Splunk Enterprise. As Splunk is used for log analyzing, it is used for reports on different metrics built from logs collected from different servers. We try to consolidate the logs and put results onto a more centralized data center set as well.
  • Log analyzing.
  • Reports.
  • Forecast (ML model).
  • Stability on some components (e.g. indexers).
  • Complexity of install and maintenance of infrastructure.
Splunk is good for log analyzing from enterprise level of applications on different logs and consolidating results as reports. We can use such data to make forecasts for future trends if issues would occur more or less frequently.

Setup and maintenance would not be easy, so always plan ahead. Also always do health check for stability on some of the Splunk components such as indexers and HFs.
Support is good and responsive. Even sometimes not the best answers are given from support, they will follow up for questions or issues after. We just lack time to implement all suggested solutions and may not be able to update Splunk version fast enough due to processes that we need to carry.
Read this authenticated review
February 28, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We're using Splunk Enterprise to assist us with IT Operations and IT Security. We came to look at Splunk because when I entered the company I found over 500 devices with no centralized logging in any way, no ability to pinpoint problems across the whole organization whether historic or predictable and things like this. Splunk is helping us deliver a predictable, robust operation of our infrastructure instead of reacting to problems and working to find just what was affected and when.

We believe we can apply Splunk to other data, in time, specifically aiding the company with analyzing financial information, but this is not yet an active project.
  • Fast, efficient
  • Solid community of experts and training materials
  • Ingests data from many sources, with a large number of partner relationships
  • There is a high learning curve. If you go to a Splunk demo or class, get inspired, then install it yourself, you'll have no idea what you're meant to do. It's not intuitive to the first-time user in any way.
  • Pricing can be confusing. People ask how much data you want to ingest, and you don't know until after you've been using Splunk. It's not easy to sign up and start without guesswork.
  • I found online help pages are broken or out-of-date, or incomplete. e.g. pages on setting up the Java-based SQL Server driver don't even tell you where to download it or where to install it.
Splunk Enterprise is well-suited for any requirement to aggregate vast sums of data, no matter how structured or unstructured, and search across it all at speed, or report on it with visualizations, etc.

It's not suited for scenarios where you want to report on a single set of data, say, in a traditional way, for example, a typical scheduled report out of a finance system.
We found the Splunk support team were experts and friendly, though the online documentation could stand to be reviewed and broken links, etc., fixed.
Read this authenticated review
February 26, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise has been used by our Cybersecurity Department for almost five years to be the single dashboard for our Security Incident and Event Monitoring. On top of that, we are also using the Enterprise Security, and it helps us to focus on the most notable events that need to be followed up asap.
  • Central dashboard for all logs
  • Enterprise Security
  • Better dashboard graphics
Splunk Enterprise is very well suited for correlating all the logs that need to be monitored and to be analyzed. It has performed very well with a vast amount of logs data. Furthermore, Splunk Enterprise can be pumped in and do parsing for numerous security device logs.
However, it needs certain technical skills to be able to correlate the logs and do the query in the Splunk Enterprise.
Support from the Splunk team has been great. They could answer most of our questions with a relatively acceptable time. However, there is a forum that we extensively been utilizing to find answers and some hints. There have been quite successful and great events that Splunk has been organizing, which benefit our team to learn continuously.
Read this authenticated review
February 26, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used as a repository for all our server and network infrastructure logs. This allows us to go to one place to review logs and potentially find a relationship between different systems with specific issues. For example, seeing failed login attempts to our switches and learning that a server was using old credentials.
  • Robust collection of plugins to support specific applications
  • Relatively easy to use
  • Strong and helpful support
  • Difficult to master
  • Can be very complicated to implement into an environment
  • Very expensive
If the organization is looking for a powerful SIEM solution and has the budget, then I would recommend Splunk Enterprise. Using the tool can be as simple or as complicated as you want it. My only hesitation will be the complexity of implementation. For smaller organizations, it shouldn't be an issue, but larger ones may find it challenging to follow Splunk Enterprise's best practices for implementation.
Splunk Enterprise's customer support is amazing. They will go above and beyond even for the smallest issue. Outside of customer support, Splunk Enterprise also has a very active community that will answer more specific questions for unofficial Splunk Enterprise applications. We once ran into an issue with an application plugin and out the answer was provided by a community member.
Read this authenticated review
November 20, 2019
Kuntal Das | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is a brilliant tool that we use in the University of Colorado, Denver to analyze logs obtained from various sources. Our team is responsible for maintaining the security of our campus and the University of Colorado, Anschutz medical campus.

The log sources are typically firewall logs, email logs, logs from the Intrusion detection system (IDS), logs of different services running on the google cloud, etc. It offers a very easy interface and a query language. We can build our own alarm rule and UI within it for visualization. The rules will run at a time defined by the user and will send metrics to the email. It helped in automating blacklisting as now we can get the most troublesome IP addresses and block them in a minute. It also helped us in tracing a list of most vulnerable on the campus. The most powerful feature is the correlation of log sources. Correlation of log sources is a very taxing process for any software. Splunk handles this gracefully. By correlating firewall traffic, wireless and IDS traffic we once spotted a machine that had a trojan in it and was trying to spread itself laterally through open SMB ports.
  • It is very useful in creating custom rules for analyzing system logs and display relevant information. The query language is very easy to learn.
  • We can create custom UI to visualize the output of our data. The interface is very flexible. It also allows the sharing of rules among users.
  • There is an open online community to help others. Stackoverflow also has a splunk community. These resources make it more convenient to learn.
  • They can introduce a query builder for non-technical users.
  • The query error messages could be more specific.
Pros: Splunk is very well suited if you have multiple log sources of related data. All of them can be correlated and tasks can be automated based on the requirement. Other than alerts, Splunk can also run a specific script of your choice, based on some defined conditions.
Cons: If you have a few logs but a large number of log sources, Splunk can be very expensive.
The Splunk support team is very helpful and active when it comes to asking questions or raising issues. It is very rare that we had to contact them as the software is flawless. However, the support we received when a problem happened due to the version update, they reached out to us instantly and recommended steps to fix that.
Read Kuntal Das's full review
November 05, 2019
PAULIUS BUCINSKAS | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise tool is being used across our Digital department. Using this tool we are able to search and analyze event logs of our customer sessions. We can see the error trends of our Digital Services. Set up alerts for multiple KPIs and create dashboards for monitoring the health of our Digital products.
  • Captures multiple different information about a customer and his/her session.
  • Intuitive and informative search options.
  • Option to set up precise alerts for different KPIs.
  • The speed of the tool could be improved.
  • It could store and allow to search for historical data older than 60 days (may be related to our company license).
  • Dashboard creation could be more user-friendly.
When needed to search for some specific event information triggered by end-user or by any other service, Splunk Enterprise tool can give that information and by reviewing the log of the event you can find a lot of needed information that could help you to find the solution or resolve the issue on the spot.
Good and informative "Help" page with a lot of useful information.
Read PAULIUS BUCINSKAS's full review
November 16, 2019
Johann Davila | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is used by our Engineering Department. Splunk has been a valuable and useful tool for our company to monitor errors occurring at all times. We love the real-time monitoring system that helps us detect errors and get the right people to handle them when needed to get things back up and running.
  • Love the real-time monitoring system.
  • Easy to use.
  • I have no suggestions.
It is well suited with real-time monitoring and notifications sent when issues occur. It has been very helpful to monitor issues that applications are having so that we can get the right team to address these issues to get the company back up and running to continue business as normal.
The Support team has been quick to address questions or concerns.
Read Johann Davila's full review
November 22, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise has been used across University of Minnesota as one of our IT monitoring and alerting tools. This has been a big help for our user base to provide timed email alerts as well as monitoring all of the threshold parameters we set up. We have a dedicated admin to make sure the Splunk agents have been deployed and configured across all the client tools.
  • Timely alerting
  • Sharing with end users automatically
  • Less impact
  • Sometime we see the Splunk agent taking higher CPU from OS prospects
  • Similar issues have been noticed in Oracle Databases
It is very easy to configure on Oracle Databases as well as on MSSQL/Window servers to monitor the pre-configured threshold.
It helped us and is still helping to deploy new modules, installing and configuring new databases without worrying about a huge bottleneck or lack of understanding, and monitoring the post-deploy impacts. This has been our main tool across the University IT sectors to utilize all of its monitoring options, and sharing those alerts with end-users as needed.
Read this authenticated review
January 02, 2019
Rounak Jangir | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is not used across my organization. It is being used by some of us and for some specific task. And yes, it is also used by other departments as well but according to their need. Specifically, we are using this tool for monitoring the application logs and doing some analysis over it. Splunk provides a very easy way to search your logs and perform some basic analysis.
  • Log search is very good with this tool.
  • Splunk search query language is just very good. You can easily run some analysis using this language
  • Generating reports is a very good feature of this tool.
  • Detecting anomalies and reporting them is just fantastic.
  • Splunk requires some learning to use all of its features. Understanding its SPL is not very easy, and it will take long enough time to learn it.
  • Regular expression is a bit tedious to learn and then use, it needs a good understanding of regular expression.
  • I don't know why, but sometimes its search keeps on going forever and then I had to manually kill that job to start it again.
If you need to search and need to do some analysis on top of that, then Splunk is a great thing to use. And also if you want to generate reports from them and want alerts on some specific activity, then Splunk should be your first choice. I have used this tool for this purpose but can't say in which scenario it would not fit.
Read Rounak Jangir's full review
December 14, 2018
Priti Asai / Thakkar | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is used for application logs monitoring and system health checks for production environment and performance environment.
  • Best tool to do log monitoring and creating intuitive dashboards and charts
  • Best for setting up alerting for application logs
  • The tool needs to integrate AI to understand the system logs and alerting should be based on the auto learning.
For anything related to the application backend logs and monitoring, it's very appropriate to use, based on which we can create various dashboards / charts. For server health / monitoring, Splunk logs are not very helpful. It completely relies on log statements, if statement is not formatted in standard format, and it gives inaccurate results.
Read Priti Asai / Thakkar's full review
December 10, 2018
Dhruba Jyoti Nag | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used by the organization to primarily analyze data. It looks at data generated by various on-premise systems and provides meaningful insights out of them. Many advanced features like custom reporting are used by business analysts on a regular basis to determine the course of action. Last but not least, it is also used to execute daily support tasks like log analysis.
  • Data Analytics
  • Reporting
  • Indexing search data
  • Searching machine-generated data at realtime to forecast trends
  • Splunk is expensive.
  • To use Splunk effectively, people must learn SPL.
  • Splunk is good at what it does, but to create an efficient analytics systems other products like SW monitoring tools need to be used in conjunction.
Splunk is an excellent analytical tool and if SPL is mastered correctly, it can be very powerful too and much more efficient than competing tools. It can be easily used by Business Analysts to get real-time insights if reports are set up for them. However, when it comes to monitoring systems, a lot of configurations are required, and that makes it not the ideal one-stop solution.
Read Dhruba Jyoti Nag's full review
January 02, 2019
Matt Judice | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to catalog all incoming quote requests, booking requests and booking responses (effectively we catalog all successful transactions and errors). My team uses these logs to troubleshoot connections with our partners. We also use this to analyze the behavior of our customers to make sure they are operating as we expect them to. I use this tool every day, for several hours per day, to do my job.
  • logging server data
  • easy to use commands to parse data
  • automated reporting
  • real-time reporting that will alert when a condition is met
  • Not a Splunk problem, but we don't have enough space to store as much data as we would like
Logging server activity, logging transaction data, really any scenario where things or data points can be saved and parsed later.
Read Matt Judice's full review
August 10, 2018
Matt Overton | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Splunk Enterprise across the entire company to collect log data that allows us to see up/down times of servers and applications. We have customized Splunk a good bit and it is one of the main tools we rely to monitor our server environment and troubleshoot issues when an app/server is down or having errors.
  • Monitoring of log data to gauge server status and health
  • Dashboards that allows us to view data about servers in our environment
  • MOnitoring for fraud/cyber security threats and risks
  • We really like the product but there is a steep learning curve and training is definitely required
  • Our environment is setup so that you have to be fairly technical to navigate it and get value from it. We need to make our dashboards/reports less technical so the business users get more value from the tool
  • Tool is very module driven so you are constantly having to add modules and costs to get new functinality
Splunk does a great job of collecting and monitoring machine data. We have use it to reduce fraud/cyber crime loses and we have been able to see a measurable return since using the product for this purpose. It is very extensible so you can continue expanding what the tool does over time. There is added expense with this, but it may be worth it in the end.
Read Matt Overton's full review
February 21, 2018
Rahul Shinde | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is a very powerful analytics tool. As of now, we are using Splunk on an experimental basis in our department but so far the results are pretty great. So we are planning to expand its use on an organizational level. We use Splunk for various things but mainly we use it to monitor and investigate Blackboard system startup issues by analyzing log files. We have written Splunk search strings to list out all the Blackboard system startup errors in a mannerly fashion and later raise it to the concerned department. After starting to use Splunk, it made very easy to find the exact cause of the issue.
  • Powerful Data Analytics application
  • Excellent and very informative dashboard
  • Defining Field Extractor is very easy and also you can use them to search again
  • Can analyze large amount of data very effectively
  • Need technical expertise to use Splunk. I will recommend watching training videos before integrating Splunk into your organization.
  • Lacks offline and email features
  • It's a great application but it is bit costly
Splunk is a great data analytics tool for you if you have a large amount of data to analyze. Splunk provides accurate and real-time analysis of data through its dashboard. But if you not quite a technical person or not willing to learn Splunk before using it, I will not recommend it to you. Also, Splunk is less appropriate for static data.
Read Rahul Shinde's full review
March 28, 2018
Ryan Stasel | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
I'm using Splunk to aggregate logs from various servers and devices within my department. While I don't interact with it daily, or even weekly a lot of times, I do use it heavily when faculty or staff come to me asking when users were logged in, when there are any questionable incidents on websites, etc.
  • Log aggregation is extremely well done. Whether sending it logs over Syslog, mounting log directories over NFS, or using their log forwarding service.
  • Searching. I'm an amateur at best when searching and aggregating logs. The reporting functionality is amazing.
  • I would love some better wizards to help build canned reports based off common data sets.
  • An easy way to back out integrating a log that suddenly balloons you over your license limits.
  • An easier way to help Splunk parse log types. You can give Splunk any data you have, but unless you're able to tell it how the random log is formatted, your ability to search on it is limited.
Honestly, I can't think of an instance where Splunk isn't well suited for a task. They offer a free license that will handle up to 500MB/day, which unless you're logging against AD, or Exchange, is probably plenty to trial the software. There are examples where I've grabbed a copy for home to help troubleshoot issues with my home network and the network devices supported sending to a Syslog server.

The only issue most users are going to have is cost once you start figuring out the amount of data you're going to be aggregating, the licensing costs can get rather steep.
Read Ryan Stasel's full review
March 21, 2018
Larry Helms | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is mainly used to log analysis and alerting of events, both business and technical events
  • Business event alerting
  • Technical Event alerting
  • Graphing of information found in the data
  • Users CAN write queries that are non-optimized causing both performance problems or unexpected (as in not what they wanted) results. It would be great if Splunk engineers could come up with some way to 'model' the queries and instruct users on query performance gave x number of records... and possibly an example of results - say using 100-1000 records - so that the user can see what they're going to get.
It is best used for both business data analysis, reporting and graphing. But it also does well when alerting on events. Users, however, mistakenly assume that alerting can be/is real-time. Unfortunately, even though indexing is very fast, it can take some time to index and then issue alerts. This is NOT a problem if you properly train users about what to expect and how to properly use the tool.
Read Larry Helms's full review
January 30, 2018
Sameer Gupta | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is used across the whole organization and is used for logging. We log all of our web traffic thru Splunk and we use it to monitor what events are taking palce on our site. The business problem we solve for is not having to build an inhouse logging tool.
  • Catching web traffic
  • Dashboards are helpful
  • Search capability is great
  • The dropped logs can be frustrating
  • our instance only retains data for 3 months
I think Splunk makes a ton of sense for a company that is looking for an out of box logging tool. Splunk does a good job of letting you log various parameters across your site and easily search and query for the said events.
Read Sameer Gupta's full review
November 13, 2017
Eric Krueger | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently have evaluated and are deploying Splunk Enterprise to replace our older SIEM device. This will allow us to monitor our critical systems and allow for scalability as we continue to grow. Using this product has saved us time and money as it is used across our whole company's three locations. The flexibility and tools offered with Splunk make our jobs easier. Also, there are great forums and a cool wiki for best practices using Splunk.
  • Monitoring is made easy and putting out reports for upper management is a breeze.
  • With Splunk analytics we are better able to track our employees usage of systems for auditing purposes.
  • Checking on performance through Splunk's monitoring makes our management of resources a lot easier and resources are put where needed most.
  • Some of the start up in Splunk requires more than we would otherwise like.
  • We wish there was more customizable reporting.
  • Splunk sales engineers could be a bit more friendly and easier to work with.
Splunk Enterprise meets all of our needs under one platform. The cost savings along without sacrificing functionality have made our choice to go with Splunk an easy decision. The functionality and cost savings alone have made upper management happy to deploy this system in our environment and the return on this investment has paid for itself.
Read Eric Krueger's full review
August 31, 2017
Viktor Mulac | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Production line quality monitoring and searching for patterns, leading to outages. Usually scan and fix tasks, finding an event, that leads to an outage.

Two main ways of using Splunk prevail: ad-hoc analysis, and monitoring and alerting.

In some applications with two production lines, Splunk connected directly to the controllers and monitored data in real time. In other applications, we analyzed logs from 5 systems, among others application server logs, database server logs, production line measuring PCs. In total 5 systems had to communicate and an error on DB server sometimes caused outages on the production line. Splunk helped to find patterns in these incidents. We then set up a monitoring app to provide early indication of a potential upcoming outage.
  • Parsing huge amounts of data, structuring data, or at least helping to find a structure
  • Very good performance.
  • Very good graphical representation of data, findings, report creation
  • I really cannot, since after a year we are still discovering more and more possibilities with the product. One specific wish of a manager was: can we work with the reports offline? (e.g. on the airplane) we have not found a reasonable way of doing this. The only thing we came up with was exporting data and rendering specific reports in flash (web viewer) and somehow simulating reports within limited (predefined) boundaries
Trained analyst, with e.g. python knowledge, regular expressions knowledge, etc. will do his tasks quite quickly.

In the beginning, when starting to learn Splunk, you have to deal with tons of error messages, (mostly resolved by Google discussions).
Read Viktor Mulac's full review

Feature Scorecard Summary

Centralized event and log data collection (45)
9.7
Correlation (45)
9.2
Event and log normalization/management (46)
9.3
Deployment flexibility (41)
8.7
Integration with Identity and Access Management Tools (41)
8.6
Custom dashboards and workspaces (47)
9.2
Host and network-based intrusion detection (29)
8.7

What is Splunk Enterprise?

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Splunk Enterprise Integrations

Splunk Enterprise Competitors

Splunk Enterprise Pricing

  • Has featureFree Trial Available?Yes
  • Has featureFree or Freemium Version Available?Yes
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No

Splunk Enterprise Technical Details

Operating Systems: Unspecified
Mobile Application:No

Frequently Asked Questions

What is Splunk Enterprise?

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

What is Splunk Enterprise's best feature?

Reviewers rate Centralized event and log data collection highest, with a score of 9.7.

Who uses Splunk Enterprise?

The most common users of Splunk Enterprise are from Enterprises and the Information Technology & Services industry.