TrustRadius
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.https://dudodiprj2sv7.cloudfront.net/product-logos/Rs/AC/1TUEB784F6M4.jpegGreat tool to handle all your server and network monitoring needsWe use Splunk Enterprise across the entire company to collect log data that allows us to see up/down times of servers and applications. We have customized Splunk a good bit and it is one of the main tools we rely to monitor our server environment and troubleshoot issues when an app/server is down or having errors.,Monitoring of log data to gauge server status and health Dashboards that allows us to view data about servers in our environment MOnitoring for fraud/cyber security threats and risks,We really like the product but there is a steep learning curve and training is definitely required Our environment is setup so that you have to be fairly technical to navigate it and get value from it. We need to make our dashboards/reports less technical so the business users get more value from the tool Tool is very module driven so you are constantly having to add modules and costs to get new functinality,9,Splunk has allowed us to reduce losses via fraud. We have actually be able to monetize how much money it has saved us. This alone has allowed the tool to pay for itself. Splunk provides key machine data easily. This data is used for all sorts of processes throughout the company and is very valuable to other systems/departments. Splunk has allowed us to closely monitoring and catch items before they impact our large customer facing applications. It is hard to quantify, but this has saved us money by keeping more customers happy.,Dynatrace, SolarWinds Network Performance Monitor, CA APM and ThousandEyes,Ivanti ITSM Service Desk, powered by Heat (formerly LANDESK Service Desk), Workday Human Capital Management, MS SharePointOne of the best Log Analysis application available in the market!Splunk is a very powerful analytics tool. As of now, we are using Splunk on an experimental basis in our department but so far the results are pretty great. So we are planning to expand its use on an organizational level. We use Splunk for various things but mainly we use it to monitor and investigate Blackboard system startup issues by analyzing log files. We have written Splunk search strings to list out all the Blackboard system startup errors in a mannerly fashion and later raise it to the concerned department. After starting to use Splunk, it made very easy to find the exact cause of the issue.,Powerful Data Analytics application Excellent and very informative dashboard Defining Field Extractor is very easy and also you can use them to search again Can analyze large amount of data very effectively,Need technical expertise to use Splunk. I will recommend watching training videos before integrating Splunk into your organization. Lacks offline and email features It's a great application but it is bit costly,8,Saves time and effort fining critical system issues Reduces security cost The return on this investment has paid for itself with the ability to customize reporting.,Sumologic,Datadog, SisenseSplunk is a great tool for helping make sense of logsI'm using Splunk to aggregate logs from various servers and devices within my department. While I don't interact with it daily, or even weekly a lot of times, I do use it heavily when faculty or staff come to me asking when users were logged in, when there are any questionable incidents on websites, etc.,Log aggregation is extremely well done. Whether sending it logs over Syslog, mounting log directories over NFS, or using their log forwarding service. Searching. I'm an amateur at best when searching and aggregating logs. The reporting functionality is amazing.,I would love some better wizards to help build canned reports based off common data sets. An easy way to back out integrating a log that suddenly balloons you over your license limits. An easier way to help Splunk parse log types. You can give Splunk any data you have, but unless you're able to tell it how the random log is formatted, your ability to search on it is limited.,9,Awesome ROI for me. Again, while I don't use the software daily, when I do use it, it beats the pants off manually searching logs. Allows me to provision less storage for logs on my servers, as I can have Splunk ingest and then archive/remove logs from those servers.,OmniFocus, SlackSplunk Enterprise ReviewSplunk is mainly used to log analysis and alerting of events, both business and technical events,Business event alerting Technical Event alerting Graphing of information found in the data,Users CAN write queries that are non-optimized causing both performance problems or unexpected (as in not what they wanted) results. It would be great if Splunk engineers could come up with some way to 'model' the queries and instruct users on query performance gave x number of records... and possibly an example of results - say using 100-1000 records - so that the user can see what they're going to get.,10,We make each user group pay for the data that their systems index. We have not had any negative reactions indicating that the tool doesn't meet their needs,NoneSplunk ReviewSplunk is used across the whole organization and is used for logging. We log all of our web traffic thru Splunk and we use it to monitor what events are taking palce on our site. The business problem we solve for is not having to build an inhouse logging tool.,Catching web traffic Dashboards are helpful Search capability is great,The dropped logs can be frustrating our instance only retains data for 3 months,9,Saves on the engineering cost of building an inhouse logging system
Unspecified
Splunk Enterprise
184 Ratings
Score 8.5 out of 101
TRScore

Splunk Enterprise Reviews

Splunk Enterprise
184 Ratings
Score 8.5 out of 101
Show Filters 
Hide Filters 
Filter 184 vetted Splunk Enterprise reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-25 of 36)
  Vendors can't alter or remove reviews. Here's why.
Matt Overton profile photo
August 10, 2018

Splunk Enterprise Review: "Great tool to handle all your server and network monitoring needs"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Splunk Enterprise across the entire company to collect log data that allows us to see up/down times of servers and applications. We have customized Splunk a good bit and it is one of the main tools we rely to monitor our server environment and troubleshoot issues when an app/server is down or having errors.
  • Monitoring of log data to gauge server status and health
  • Dashboards that allows us to view data about servers in our environment
  • MOnitoring for fraud/cyber security threats and risks
  • We really like the product but there is a steep learning curve and training is definitely required
  • Our environment is setup so that you have to be fairly technical to navigate it and get value from it. We need to make our dashboards/reports less technical so the business users get more value from the tool
  • Tool is very module driven so you are constantly having to add modules and costs to get new functinality
Splunk does a great job of collecting and monitoring machine data. We have use it to reduce fraud/cyber crime loses and we have been able to see a measurable return since using the product for this purpose. It is very extensible so you can continue expanding what the tool does over time. There is added expense with this, but it may be worth it in the end.
Read Matt Overton's full review
Rahul Shinde profile photo
February 21, 2018

Splunk Enterprise Review: "One of the best Log Analysis application available in the market!"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is a very powerful analytics tool. As of now, we are using Splunk on an experimental basis in our department but so far the results are pretty great. So we are planning to expand its use on an organizational level. We use Splunk for various things but mainly we use it to monitor and investigate Blackboard system startup issues by analyzing log files. We have written Splunk search strings to list out all the Blackboard system startup errors in a mannerly fashion and later raise it to the concerned department. After starting to use Splunk, it made very easy to find the exact cause of the issue.
  • Powerful Data Analytics application
  • Excellent and very informative dashboard
  • Defining Field Extractor is very easy and also you can use them to search again
  • Can analyze large amount of data very effectively
  • Need technical expertise to use Splunk. I will recommend watching training videos before integrating Splunk into your organization.
  • Lacks offline and email features
  • It's a great application but it is bit costly
Splunk is a great data analytics tool for you if you have a large amount of data to analyze. Splunk provides accurate and real-time analysis of data through its dashboard. But if you not quite a technical person or not willing to learn Splunk before using it, I will not recommend it to you. Also, Splunk is less appropriate for static data.
Read Rahul Shinde's full review
Ryan Stasel profile photo
March 28, 2018

Splunk Enterprise Review: "Splunk is a great tool for helping make sense of logs"

Score 9 out of 10
Vetted Review
Verified User
Review Source
I'm using Splunk to aggregate logs from various servers and devices within my department. While I don't interact with it daily, or even weekly a lot of times, I do use it heavily when faculty or staff come to me asking when users were logged in, when there are any questionable incidents on websites, etc.
  • Log aggregation is extremely well done. Whether sending it logs over Syslog, mounting log directories over NFS, or using their log forwarding service.
  • Searching. I'm an amateur at best when searching and aggregating logs. The reporting functionality is amazing.
  • I would love some better wizards to help build canned reports based off common data sets.
  • An easy way to back out integrating a log that suddenly balloons you over your license limits.
  • An easier way to help Splunk parse log types. You can give Splunk any data you have, but unless you're able to tell it how the random log is formatted, your ability to search on it is limited.
Honestly, I can't think of an instance where Splunk isn't well suited for a task. They offer a free license that will handle up to 500MB/day, which unless you're logging against AD, or Exchange, is probably plenty to trial the software. There are examples where I've grabbed a copy for home to help troubleshoot issues with my home network and the network devices supported sending to a Syslog server.

The only issue most users are going to have is cost once you start figuring out the amount of data you're going to be aggregating, the licensing costs can get rather steep.
Read Ryan Stasel's full review
Larry Helms profile photo
March 21, 2018

"Splunk Enterprise Review"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is mainly used to log analysis and alerting of events, both business and technical events
  • Business event alerting
  • Technical Event alerting
  • Graphing of information found in the data
  • Users CAN write queries that are non-optimized causing both performance problems or unexpected (as in not what they wanted) results. It would be great if Splunk engineers could come up with some way to 'model' the queries and instruct users on query performance gave x number of records... and possibly an example of results - say using 100-1000 records - so that the user can see what they're going to get.
It is best used for both business data analysis, reporting and graphing. But it also does well when alerting on events. Users, however, mistakenly assume that alerting can be/is real-time. Unfortunately, even though indexing is very fast, it can take some time to index and then issue alerts. This is NOT a problem if you properly train users about what to expect and how to properly use the tool.
Read Larry Helms's full review
Sameer Gupta profile photo
January 30, 2018

Splunk Enterprise: "Splunk Review"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is used across the whole organization and is used for logging. We log all of our web traffic thru Splunk and we use it to monitor what events are taking palce on our site. The business problem we solve for is not having to build an inhouse logging tool.
  • Catching web traffic
  • Dashboards are helpful
  • Search capability is great
  • The dropped logs can be frustrating
  • our instance only retains data for 3 months
I think Splunk makes a ton of sense for a company that is looking for an out of box logging tool. Splunk does a good job of letting you log various parameters across your site and easily search and query for the said events.
Read Sameer Gupta's full review
No photo available
April 05, 2018

Splunk Enterprise Review: "Great for almost anything"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use this across our different departments for security, app performance monitoring, host monitoring, data intelligence, correlation, alerting and much more. It's a Swiss Army Knife of IT products.
  • The power of it. It's a very good tool that does amazing things. Nothing comes close to it.
  • It can ingest any data and present it in a digestible, searchable format.
  • Flat file format makes it very fast and the best visualizations I've seen.
  • It can be cost prohibitive, but I still think it's worth it.
  • Training users is a little bit steeper, but once they have it, it's very powerful.
Overall security monitoring: It can take data in and correlate it across very different datasets. Some tools require you to ingest and format it their way, but being able to do ad-hoc searching during an incident has proven to be very valuable.
Read this authenticated review
No photo available
December 01, 2017

Splunk Enterprise Review: "My Dive into using Splunk"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used across our whole organization. We try to have all/most of our logs get pulled into splunk to be able to use the splunk UI to search across information. We are able to give employees access to splunk and allow them to diagnose issues without giving them explicit access to production servers or other production locations.
  • Allow for separation of control where we don't let some employees have access to production but still can diagnose issues.
  • Common location to go for all logs even if the logs themselves aren't in the same place.
  • Ability to ingest logs from different locations without having to change the code to put logs in a certain place (pro and con).
  • At times some queries can run slowly if indices are not on a portion of the query you use.
  • Setup time initially can be difficult if your logs aren't stored in common locations or in a common way to write the log.
  • Ability to ingest logs from different locations without having to change code to put logs in a certain place (pro and con).
  • Searches can be a bit more difficult to look through if your log isn't pulled in a manner that is easy to read through splunk.
Scenarios, where Splunk is well suited, would be a larger organization where multiple teams have their own logs and a web ops team is trying to come in and get a central location to be able to ingest and report on those logs

Scenarios, where Splunk wouldn't be as well suited, would be a small org where all their logs are in one place, easy to find and report on.
Read this authenticated review
Trung Pham profile photo
September 14, 2017

Splunk Enterprise Review: "Splunk for new users"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used extensively in our technology department. Many applications use Splunk to monitor business activity, system resources, exceptions/failures, and to overall system status. Splunk addresses more technology-related problems but it does provide the business greater transparency into the applications which in turn gives both the business and the developer's peace of mind.
  • SPLUNK has a quick learning curve and can be easily self-taught. For example, there are plenty of resources available such as tutorials and search tools. There is really no prerequisite for learning how to use Splunk.
  • SPLUNK Enterprise provides plenty of useful documentation and user support which makes it easy for anyone to learn and start using SPLUNK in a very short period of time. There are also examples and user feedback that is helpful if you need more advanced implementations.
  • SPLUNK is very powerful, yet simple. For instance, you can set up a dashboard in one day provided you have admin rights and access to the data you want to Splunk.
  • Even though there is a search tool as a help function, you still have to read through many documentation to find the answers you're looking for and sometimes you don't find it. The help function in Splunk could be improved to be more intuitive or have a built-in help per report, panel or dashboard.
  • Creating a Splunk dashboard is rather straightforward however, customization is not. Splunk could be improved to provide more tools or features for customization such as adding colors and font options for text and graphs or graphics.
  • My dashboard has a lot of useful information and I want the important panels and reports at the top but there is no easy way to do this. Perhaps Splunk could be improved to allow features such as adding URL links to other dashboards or some other clever way to emphasize the important data in my dashboard without compromising space.
Splunk is well suited for applications or companies that process and store large data. Some of these applications may be legacy but as long as you can retrieve this data, then you can use Splunk to transform this data into meaningful reports or dashboards. In addition, Splunk is great for a 24/7 monitoring operations tool that can be set up to send alerts for production support. Splunk is less suited for applications that may already have a GUI because the Splunk features would be less superior than what a graphical user interface could provide in terms of features and customization.
Read Trung Pham's full review
Eric Krueger profile photo
November 13, 2017

Splunk Enterprise Review: "Splunk will make your job easier!!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently have evaluated and are deploying Splunk Enterprise to replace our older SIEM device. This will allow us to monitor our critical systems and allow for scalability as we continue to grow. Using this product has saved us time and money as it is used across our whole company's three locations. The flexibility and tools offered with Splunk make our jobs easier. Also, there are great forums and a cool wiki for best practices using Splunk.
  • Monitoring is made easy and putting out reports for upper management is a breeze.
  • With Splunk analytics we are better able to track our employees usage of systems for auditing purposes.
  • Checking on performance through Splunk's monitoring makes our management of resources a lot easier and resources are put where needed most.
  • Some of the start up in Splunk requires more than we would otherwise like.
  • We wish there was more customizable reporting.
  • Splunk sales engineers could be a bit more friendly and easier to work with.
Splunk Enterprise meets all of our needs under one platform. The cost savings along without sacrificing functionality have made our choice to go with Splunk an easy decision. The functionality and cost savings alone have made upper management happy to deploy this system in our environment and the return on this investment has paid for itself.
Read Eric Krueger's full review
Viktor Mulac profile photo
August 31, 2017

Splunk Enterprise Review: "Splunk in a production environment is a must-have today"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Production line quality monitoring and searching for patterns, leading to outages. Usually scan and fix tasks, finding an event, that leads to an outage.

Two main ways of using Splunk prevail: ad-hoc analysis, and monitoring and alerting.

In some applications with two production lines, Splunk connected directly to the controllers and monitored data in real time. In other applications, we analyzed logs from 5 systems, among others application server logs, database server logs, production line measuring PCs. In total 5 systems had to communicate and an error on DB server sometimes caused outages on the production line. Splunk helped to find patterns in these incidents. We then set up a monitoring app to provide early indication of a potential upcoming outage.
  • Parsing huge amounts of data, structuring data, or at least helping to find a structure
  • Very good performance.
  • Very good graphical representation of data, findings, report creation
  • I really cannot, since after a year we are still discovering more and more possibilities with the product. One specific wish of a manager was: can we work with the reports offline? (e.g. on the airplane) we have not found a reasonable way of doing this. The only thing we came up with was exporting data and rendering specific reports in flash (web viewer) and somehow simulating reports within limited (predefined) boundaries
Trained analyst, with e.g. python knowledge, regular expressions knowledge, etc. will do his tasks quite quickly.

In the beginning, when starting to learn Splunk, you have to deal with tons of error messages, (mostly resolved by Google discussions).
Read Viktor Mulac's full review
No photo available
April 17, 2017

Splunk Enterprise Review: "Splunk - Visibility into What's Really Going on in Your Network"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used to capture logs from all Windows, Linux, and firewall devices in our enterprise. Currently it is being used by the IT infrastructure department only, but our hope is to make it available to other departments to follow trends in our business. Splunk addresses the issue of visibility into the network. It actually gives IT professionals access to view what is taking place on the network, and it provides something to look at in order to address issues occurring behind the scenes.
  • It gathers logs very well from almost all machine types - most SIEM related products don't do this quite as well.
  • It provides visuals to the user, giving you the ability to transform logs into visual charts (e.g. pie charts, graphs, tables, etc.).
  • Splunk is very quick in reporting and alerting on anomalies. There is little delay.
  • Splunk can be very expensive, and it is best to size out your environment first before procuring. Planning is key, and make sure to buy a license that is at least 2-3 times what you think you need.
  • There is a learning curve to Splunk. It takes a bit to get up to speed with the application.
  • Support is very good, but they will almost never tell you to ways to not use up your license. I had to figure that out myself, and ended up cutting out some useless logs that used over 50 % of my license.
In a corporate environment, especially in a financial sector, I would actually go with a product like RSA Security Analytics. But that is not necessarily the rule of thumb and is not the case for all financial companies. In higher ed, for example, I recommend Splunk because of the ability to monitor trends of students that can help them to get better grades, help the university to grow, and streamline registration processes.
Read this authenticated review
Kenneth Taitingfong profile photo
December 02, 2015

Splunk Enterprise Review: "Splunk - the most flexible SIEM tool on the market."

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is currently the SIEM for IT operations and IT security providing log aggregation and security event correlation for multiple departments. The IT operation groups use Splunk to trend operational data, trouble shoot issues, and send automated alerts when certain triggers are met. The security department utilizes Splunk for investigations and event management, leveraging automated alerts and dashboards. For our organization, Splunk provides the "single pane of glass" for users across several IT departments while also serving as our compliance tool for PCI-DSS and SOX.
  • Splunk is flexible and extensible, able to ingest logs from disparate systems using disparate formats and disparate file types. If the ability exists to make the logs human readable (either natively or via a script), Splunk can ingest it.
  • Splunk's flexibility in how you parse, format, and enhance your data is amazingly deep. When you start event typing, tagging, aliasing, and creating data models, you start to really open up Splunk's capabilities.
  • Splunk scales very well in large environments. Adding additional indexers as your environment grows is pretty trivial and its ability to do multi-site clustering and search head clustering provides load balancing and redundancy that's inherent to the product.
  • Splunk's search language goes very deep. To do some of the more advanced formatting or statistical analysis, there's a bit of a learning curve. Splunk training for learning the search language and manipulating your data can cost anywhere from $500.00 to $1500.00 (although a good number of free training exists).
  • Splunk's dashboard capabilities are pretty decent but to do more exciting visualizations requires a bit of development using simple XML, Java script, and CSS.
  • Splunk releases minor revisions very quickly but because of the sheer number of bugs we've run into, we've upgraded our environment four times in nine months.
Splunk is well suited in both small and very large environments almost regardless of the types of devices. However, depending on how Splunk is architected, it can require a number of devoted engineers to onboard, normalize, and present the data. So for organizations that are unable to-provide dedicated resources, the day-to-day operations and backend duties can be overwhelming. Since Splunk is so flexible, it's easy to overwhelm its available resources when a large number of inefficient searches are running. Splunk users need to be trained to not run "sloppy" searches. The community help forums are a wealth of information but in some cases, without professional support, you're going to be lost. The Splunk licensing can also be costly and in some situations, Splunk virtual environments don't perform well.
Read Kenneth Taitingfong's full review
Rick Yetter profile photo
November 11, 2015

Splunk Enterprise Review: "Splunk in a nutshell"

Score 10 out of 10
Vetted Review
Reseller
Review Source
We are a reseller of the product and for our customers we are solving problems from Security, operational intelligence, app development and big data problems.
  • Splunk is great at correlation of data from multiple sources and allows access to critical information without giving access to servers or applications.
  • Splunk is good at integration of data and information from multiple point tools. The ability to have a single pane of glass view in to the IT world is critical to most IT shops.
  • Splunk has a flexible dashboard system built on simple xml. Most users of the product can easily create and manipulate their data into useful dashboards.
  • Splunk is not particularly hard to understand or deploy. The only problem I've really run in to is the 3-6 month use case exhaustion. Customers will have Splunk to solve a particular problem then stop once that problem is fixed. The use cases are only limited to their imagination and can blossom in the right hands.
Splunk for Enterprise Security bar none is the most intuitive and flexible security tool around. The ability to integrate and visualize threat analysis in real time is a key importance to keeping the enterprise secure.
Read Rick Yetter's full review
Andrew Yudin, MBA/CCNP profile photo
December 17, 2015

Splunk Enterprise Review: "Got Splunk?"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Although still in the final implementation stage, Splunk has allowed us to troubleshoot our software suite more efficiently. Our monitoring and engineering team can now rely on the syslog and log correlation capabilities of the Splunk to pinpoint where the issue is.
  • Log correlation
  • Alerting
  • Syslog
  • Would like to see more integrated tools and supported vendors (such as F5, Checkpoint, Palo-Alto, etc.).
Splunk is well suited on medium to large scale networks.
Read Andrew Yudin, MBA/CCNP's full review
Steven Brice profile photo
December 14, 2015

Splunk Enterprise Review: "Splunk running strong"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is currently being used on our JBOSS Fuse ESB/SOA environment within our department. We have three teams constantly using Splunk for development, QA testing and Operations Support. Splunk has dramatically reduced the QA testing/validation times and has also helped reduce the amount of time spent on operational support. Having instant access to production logs and metrics has greatly reduced time spent gathering and manually analyzing log information. Splunk has ultimately reduced the amount of software tools needed to analyze, gather and validate operational metrics of our entire stack of software. One stop shop.
  • Operational out of the box. No need to spend days setting up and configuring an application to ingest and analyze data.
  • Web UI is fluid and flows easily.
  • Additional applications available for integration with Splunk, and most are free.
  • Enterprise Solution that can be up and running in a couple of hours.
  • Enterprise license that fluctuates between license pools, having the ability to grab more space from unused pools.
  • Ability to stop forwarders from indexing data via web console.
  • Archiving of old indexed data could be refined. Current process is bit hard to understand with the different buckets and max times.
Splunk has helped us create some amazing operational dashboards. We now have instant view-ability into our message flows and route traffic. We see errors before they happen. QA is able to create use cases that can be consistently applied in many different testing scenarios. Developers are able to see production logs without having to worry about access issues or non availability into production environments.
Read Steven Brice's full review
Sumant Murke profile photo
December 08, 2015

Splunk Enterprise Review: "For real time data analyzing get splunk."

Score 9 out of 10
Vetted Review
Verified User
Review Source
Spunk is a great tool. We use it for analyzing large chunks of data in the data center where the data is dynamic and continuously incoming from various events generated by all the servers. We also keep track of the data provided by the metrics generated which gives a good insight of what is going wrong in the data center.
  • Easy to scale with large data sets.
  • Real time analyzing.
  • Suport all types of data.
  • Doesn't provide optimized results with smaller size of data.
  • Costly.
Spunk is a great log analyzing tool if the data is quite large and accepts widely used data format. It provides accurate real time analyzing. Most importantly, it is extensible. The problem with the free version is the data indexing limit whereas the professional version is quite costly for an individual.
Read Sumant Murke's full review
Gaurav Kasliwal profile photo
December 08, 2015

Splunk Enterprise Review: "Splunk: Dynamic and Fast compliance tool"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is really useful while analyzing dynamic data. I have been using Splunk for 2 years and I really find it very useful, especially working with bigger datasets. I have used Splunk for my project to analyze and learn different patterns from [my] university dataset. It was really very easy and user friendly to use.
  • Scalability. Splunk is really useful when you are dealing with a dynamic and bigger system and you want to make your system scalable.
  • Reliable. Very reliable.
  • Indexing and speed. Splunk really works very fast, even with bigger datasets.
  • Cost! Splunk is a little costly when it comes to economical comparison.
  • Speed is sometimes less when inflow of dynamic data is huge.
  • Learning curve is there to become master of Splunk.
Graphical display of results is really useful while doing analysis of big data. Really useful for dynamic datasets, like network packet flow analysis. Not ver useful for static data.
Read Gaurav Kasliwal's full review
Ajinkya Karande profile photo
February 25, 2015

Splunk Enterprise Review: "Good Tool for log mining"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Overall the experience with Splunk has been good. Although some aspects of UI are little annoying when the query exceeds certain limit the text-area gets bigger and there is no way of knowing if the query is actually running or just hung up. Considering the amount of data being pumped everyday Splunk is very good tool for analyzing and creating reports. Another aspect which can be enhanced is of creating public dashboards which enables all the users to see them just with a link and also to delete them when not needed. Overall very good tool and have had a positive experience with it.
  • Finding Oracle stats
  • Getting request types based on users i.e. sorting capabilities
  • Creating reports and charting based on data
  • UI could be improved i.e. the query text-area behavior
  • Creating reports publicly and deleting them is little non-intuitive for users
For queries with more than a week's data usually will time-out also sometimes query doing lot of things for a days' worth data can time out. There are options where the process can be executed in the background but there isn't a way of knowing if the job failed to fetch the data.
Read Ajinkya Karande's full review
Michael Brombacher profile photo
February 25, 2015

Splunk Enterprise Review: "Big data indexing - Splunk"

Score 8 out of 10
Vetted Review
Verified User
Review Source
logging, logging, logging... from new systems and applications troubleshooting to auditing and general system issue resolution
  • search is amazing
  • search is fast
  • search is customizable
  • reporting is great
  • works well for my users
Perhaps find out how much space/data it can index.
Read Michael Brombacher's full review
Richard Wilbert, MBA profile photo
May 15, 2014

Splunk Enterprise Review: "Splunk- a great product"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used as an aggregator of our log data to produce reports for activity and audit and to monitor file access. The capabilities of Splunk streamline the level of effort needed to produce reports for auditors. Additionally, it can be setup to monitor file access which can indicate a data breach attempt as an example.
  • Splunk is great for visualizing your data in a format that can indicate trends.
  • Splunk can help you determine root cause and assimilate dissimilar data sources in a consistent manner.
  • Splunk can help you find "the needle in the haystack" problems without having to log into many different devices.
  • Splunk can be setup to look for symptoms that may cause issues in your environment and either alert report or trigger an action.
  • Maybe wizards to help you walk through different tasks might help the beginner.
It is very well suited for large environments that have sensitive data or have a lot of devices. It is also well suited for IT management that likes pretty pictures of how their environment is running. It is very suitable for companies that spend too much of their IT engineers' time on audits, compliance and reporting to groups outside of IT.
Read Richard Wilbert, MBA's full review
Clint Lavender profile photo
July 08, 2014

Splunk Enterprise Review: "Splunk in the Storage Arena"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to monitor (performance, status, capacity, inventory) all our multi-ventor storage equipment. It is the best tool I've found to be able to monitor/alert on any type of equipment & no other tool is able to do what Splunk does.
  • Provide custom dashboards. In our environment, we are prepping for offshore off hours administration & no other tool can provide the exact information we are wanting to monitor in on view.
  • It doesnt matter what vendor. We have this tool monitoring Brocade, EMC, Netapp, Isilon & more exactly the way we want to see status.
  • We are able to alert on exactly what we want to see.
  • The learning curve for the tool is workable.
  • I'd like better ability to make alerts look like what we want to see. better able to pass variables into the alert.
  • I'd like to see Excel integration with the syntax when creating reports/dashboards. So many times I know what I want but excel syntax doesnt work
  • Easier data inputs for syslog & related.
It's suitable for any equipment where related logs can be extracted.
Read Clint Lavender's full review
Bryan Ignatow profile photo
May 16, 2014

Splunk Enterprise Review: "Splunk Excells at Business Visibility"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk was used in a variety of log collection activities for Linux and UNIX systems, both in our company and at our customers companies. It allowed for the easy collection of logs, searching, and automated actions resulting from the messages received. The multi-tier architecture was easy to install and operate, as well as provided significant flexibility for our customer implementations.
  • Gathering log messages from a multitude of sources.
  • Summarizing and gathering important information from those logs.
  • Allows simple and advanced searches, as well as complex automations to be created, gathering more value from existing data.
  • There is a bit of a learning curve for a multi-tier architecture, but with a little work its easy to understand from the instructional materials provided by Splunk.
  • Searches can take a bit to understand, especially regular expressions and search syntax.
  • As always, understanding your data is paramount to being able to derive value from it.
Its the Swiss army knife of log collection and searching. I'd recommend it wholeheartedly. I consider it to be the gold standard for products in this industry. Working with the vendor is easy, as they have a very open and helpful attitude. And you can try the product for free to get a feel for it before investing heavily in it (which you will want to once you decide how it benefits your organization).
Read Bryan Ignatow's full review
Rajesh Jain profile photo
May 14, 2014

Splunk Enterprise Review: "Splunk for Business Intelligence"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is used by our customers either for log analysis, or getting insights in performance issues. Most of the users of Splunk are in Ops -- they are focused on keeping the lights on and getting ahead before the the problem occurs. The main business problems which customers attempt to solve are - Security breaches and Fraud analysis and performance diagnostics.
  • Log Aggregation and Ingestion
  • Search and Analytics
  • Operational Intelligence - identify patterns in performance bottleneck
  • Setting up the log monitors and data ingestion process
  • Search Queries - they have a new Data model and UI, but it needs more improvement
I would suggest that Splunk is best suited if

- If you are drowned in log files and don't have any clue of where your problems are?
- If you are reactive and not looking at patterns or problem bottlenecks?
- Would like to get Business Intelligence from your Operational / Log file or / dynaTrace Performance Data
Read Rajesh Jain's full review
Joshua Fischer profile photo
May 09, 2014

Splunk Enterprise Review: "Splunk is a vital tool for business analysis"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using it primarily a a business analytics tool. We use it to run A/B tests, identify potential fraudsters, troubleshoot site issues and look at overall site behavior broken down by cohort. It's also used to identify issues in real time.
  • It allows people to break down all of your data by any cohorts that you have.
  • It pulls data in real time
  • It's query writing is flexible so you don't have to know exactly what you want before an experiment begins
  • Speed. Queries can take forever to run
  • Reliability, we are regularly having issues with our Splunk set-up going down
  • Complexity, we need a team of engineers to keep it running
Great for companies who care a lot about A/B testing and breaking down the results by cohorts. For very data-focused organizations with strong tech teams
Read Joshua Fischer's full review
Farid Sarwari profile photo
June 09, 2014

Splunk Enterprise Review: "Splunk, the sexy, sporty car that I can't afford."

Score 5 out of 10
Vetted Review
Verified User
Review Source
Used to analyze web logs to find anomalies. It was supposed to make easier to for business to understand impact of various types of campaigns. It was also meant to find problems that may occur as part of application failure or fraud, or phishing attempts. Another application it was meant for is to help IT staff to diagnose problems by having central access for all logs.
  • Analyze weblogs and extract key words
  • Visualize increase or decrease usage
  • Drill down capabilities
  • There should be alternate licensing models for companies with large data
  • Better compression of data stored on disk
  • Lesser penalties for over usage
Price is the biggest draw back for us. We could not justify the cost especially when there are alternate products that cost less and even free products that do most of what we want out of Splunk.
Read Farid Sarwari's full review

Feature Scorecard Summary

Centralized event and log data collection (20)
9.5
Correlation (20)
7.9
Event and log normalization (20)
9.2
Deployment flexibility (18)
8.9
Integration with Identity and Access Management Tools (18)
7.9
Custom dashboards and views (21)
9.4
Host and network-based intrusion detection (13)
8.6

About Splunk Enterprise

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Splunk Enterprise Integrations

Splunk Enterprise Competitors

Pricing

Has featureFree Trial Available?Yes
Has featureFree or Freemium Version Available?Yes
Does not have featurePremium Consulting/Integration Services Available?No
Entry-level set up fee?No

Splunk Enterprise Technical Details

Operating Systems: Unspecified
Mobile Application:No