TrustRadius: an HG Insights company

Splunk Enterprise

Score8.6 out of 10

560 Reviews and Ratings

Get a Demo

What is Splunk Enterprise?

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Categories & Use Cases

Splunk Enterprise Key Features

Learn about the best (and worst!) features Splunk Enterprise has to offer, as determined by TrustRadius' reviewers.
Based on 560 ratings of Splunk Enterprise's features
View all Splunk Enterprise features

Top Performing Features

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.5

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8.4

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.2

Areas for Improvement

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8.3

  • Behavioral analytics and baselining

    How effectively activity and behavior baselines are established and maintained

    Category average: 7.6

  • Response orchestration and automation

    Quality of built-in response orchestration and automation in Next-Gen SIEM

    Category average: 7.6

Most Frequent Users

Top 3 industries using Splunk Enterprise.
Based on HG Insights installation data
Powered by
View all Reviews
#1 most frequent

Professional, Scientific, and Technical Services

27.6%

390 installations of 1,413

Platform agnostic tracking and monitoring of systems

Director Cybersecurity Business, Benelec Infotech Pvt Ltd (51-200 employees)
Verified Review
#2 most frequent

Finance and Insurance

13.5%

191 installations of 1,413

Reduced downtime. By centralizing log and machine data, it enables teams to troubleshoot and resolve IT issues much faster, often reducing MTTR by 50-80 %.

zOS Performance & Capacity analyst, UBS (10,001+ employees)
Verified Review
#3 most frequent

Information

13.0%

183 installations of 1,413

I use Splunk Enterprise in my organization and company to gather logs and data and analyze them.

Developper, CGI (10,001+ employees)
Verified Review

Splunk Enterprise Reviews

What users are saying about Splunk Enterprise.
View all Splunk Enterprise reviews

Splunk Enterprise Review

Incentivized
Philip Phan
Engineer in Engineering at Undisclosed (10,001+ employees employees)

Use Cases and Deployment Scope

We use this to monitor user log ins, user actions on workstations. if our networking services are online. We have dashboards that were created to show this. We also use it to manage device certificates and to see if they are expired. We use it to monitor network traffic. We also use it for threat detection.

Pros

  • the dashboard customizability
  • AI tools
  • insider threat detection

Cons

  • The search feature of Splunk,
  • How to turn off and turn on Splunk
  • The set up complexity of Splunk
  • Splunk language can be simplified

Return on Investment

  • Splunk has had a positive return of investment
  • Saved us 5+ hours on manual certificate data logging

Usability

Other Software Used

Red Hat Certificate System, Cisco 5520 Wireless Controller, Cisco 5000 Series Enterprise Network Compute System (ENCS 5000)

Review of Splunk Enterprise

Incentivized
Allen Monroy
cyber systems engineer in Engineering at N?A (51-200 employees employees)

Use Cases and Deployment Scope

we use it to monitor real live threats and allows us to provide insight into our data and be able to analyze it in real time. it allows for requirements to be met and for certain events and people actions to be audited. The best use case is to allow for insider threat to be detected further enhancing our security posture of the network.

Pros

  • analyze traffic
  • Insider Threat Detection
  • Real time traffic and parse information to a readable format

Cons

  • Splunk language is a little hard to learn maybe make it more usable friendly
  • include an AI tool that helps with creating dashboard and actually helping enhance and use Splunk better and to assist with writing search strings
  • assist with the peo

Return on Investment

  • insider threat
  • allowed for requirements to be met
  • allows for easy inegration

Usability

Very Good

Incentivized
Damanpreet Singh
Software Developer in Information Technology at Airbus (10,001+ employees employees)

Use Cases and Deployment Scope

I use Splunk Enterprise to monitor logs from our servers and also application logs. We monitors those logs to keep a check on the server and application health (e.g., create an email alert if CPU usage is more than the threshold defined). Also, we have built many custom dashboards to display the keys metrics for applications/infrastructure.

Pros

  • collecting logs from servers
  • parsing machine logs very well
  • Build custom dashboards with visualizations

Cons

  • Support for third-party visualizations in dashboard studio.
  • More AI features in Enterprise version
  • More robust parsing for nested json data

Return on Investment

  • improved the monitoring process
  • Custom dashboard provides solution to apply specific company logics
  • Faster threat detection

Usability

Other Software Used

Zabbix, Palantir Foundry, GitHub

Good observability

Eric GalipaudView profile
Network Ingeneer in Information Technology at G2S (1001-5000 employees employees)

Use Cases and Deployment Scope

Splunk is our primary observability and log aggregation platform in the datacenter. It centralizes logs from multiple systems, supports incident investigation, and provides dashboards and alerts for operational monitoring. We also use it to analyze Tufin usage statistics and track security policy management activity.

Pros

  • well in log aggregation and search performance
  • nice dashboards
  • customization

Cons

  • Resource consumption and performance
  • Licensing and cost

Return on Investment

  • great observability
  • takes some time to configure dashboads, but provides a good visibility

Usability

Alternatives Considered

Cisco Application Centric Infrastructure (Cisco ACI) and Cisco Meraki SD-WAN

Splunk Enterprise

Incentivized
Jerry Martinez
Network Infrastructure Manager in Information Technology at Nusenda FCU (501-1000 employees employees)

Use Cases and Deployment Scope

I feel we are missing out on other things that it can do to help with our network.

Pros

  • It is able to take log and put them into a great dashboard
  • provide loads of info

Cons

  • Help us with network monitoring

Return on Investment

  • It helps out our cyber team but I would like to use it for our networking team

Usability

Splunk Enterprise Alternatives

Products similar to Splunk Enterprise that may also meet your needs.
View all Splunk Enterprise alternatives
SolarWinds Loggly
CompareLearn more
Sematext Infrastructure Monitoring module
CompareLearn more
LogRhythm NextGen SIEM Platform
CompareLearn more