Splunk Enterprise Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
257 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.7 out of 100

Do you work for this company? Manage this listing

TrustRadius Top Rated for 2019

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 52)

Kuntal Das | TrustRadius Reviewer
November 20, 2019

Splunk: The log expert

Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is a brilliant tool that we use in the University of Colorado, Denver to analyze logs obtained from various sources. Our team is responsible for maintaining the security of our campus and the University of Colorado, Anschutz medical campus.

The log sources are typically firewall logs, email logs, logs from the Intrusion detection system (IDS), logs of different services running on the google cloud, etc. It offers a very easy interface and a query language. We can build our own alarm rule and UI within it for visualization. The rules will run at a time defined by the user and will send metrics to the email. It helped in automating blacklisting as now we can get the most troublesome IP addresses and block them in a minute. It also helped us in tracing a list of most vulnerable on the campus. The most powerful feature is the correlation of log sources. Correlation of log sources is a very taxing process for any software. Splunk handles this gracefully. By correlating firewall traffic, wireless and IDS traffic we once spotted a machine that had a trojan in it and was trying to spread itself laterally through open SMB ports.
  • It is very useful in creating custom rules for analyzing system logs and display relevant information. The query language is very easy to learn.
  • We can create custom UI to visualize the output of our data. The interface is very flexible. It also allows the sharing of rules among users.
  • There is an open online community to help others. Stackoverflow also has a splunk community. These resources make it more convenient to learn.
  • They can introduce a query builder for non-technical users.
  • The query error messages could be more specific.
Pros: Splunk is very well suited if you have multiple log sources of related data. All of them can be correlated and tasks can be automated based on the requirement. Other than alerts, Splunk can also run a specific script of your choice, based on some defined conditions.
Cons: If you have a few logs but a large number of log sources, Splunk can be very expensive.
Read Kuntal Das's full review
PAULIUS BUCINSKAS | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise tool is being used across our Digital department. Using this tool we are able to search and analyze event logs of our customer sessions. We can see the error trends of our Digital Services. Set up alerts for multiple KPIs and create dashboards for monitoring the health of our Digital products.
  • Captures multiple different information about a customer and his/her session.
  • Intuitive and informative search options.
  • Option to set up precise alerts for different KPIs.
  • The speed of the tool could be improved.
  • It could store and allow to search for historical data older than 60 days (may be related to our company license).
  • Dashboard creation could be more user-friendly.
When needed to search for some specific event information triggered by end-user or by any other service, Splunk Enterprise tool can give that information and by reviewing the log of the event you can find a lot of needed information that could help you to find the solution or resolve the issue on the spot.
Read PAULIUS BUCINSKAS's full review
Johann Davila | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is used by our Engineering Department. Splunk has been a valuable and useful tool for our company to monitor errors occurring at all times. We love the real-time monitoring system that helps us detect errors and get the right people to handle them when needed to get things back up and running.
  • Love the real-time monitoring system.
  • Easy to use.
  • I have no suggestions.
It is well suited with real-time monitoring and notifications sent when issues occur. It has been very helpful to monitor issues that applications are having so that we can get the right team to address these issues to get the company back up and running to continue business as normal.
Read Johann Davila's full review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise has been used across University of Minnesota as one of our IT monitoring and alerting tools. This has been a big help for our user base to provide timed email alerts as well as monitoring all of the threshold parameters we set up. We have a dedicated admin to make sure the Splunk agents have been deployed and configured across all the client tools.
  • Timely alerting
  • Sharing with end users automatically
  • Less impact
  • Sometime we see the Splunk agent taking higher CPU from OS prospects
  • Similar issues have been noticed in Oracle Databases
It is very easy to configure on Oracle Databases as well as on MSSQL/Window servers to monitor the pre-configured threshold.
Read this authenticated review
Daniel Garrett | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is utilized for creation of dashboards and log queries across many areas.
  • Quick log queries across different types of infrastructure
  • Adaptable dashboards for digesting large amounts of continuous data
  • Easy access and sharing of information via URL links
  • Building Splunk queries can be comber some without intricate knowledge of Splunk and the applications involved
  • Dashboard duplication for different areas can be difficult
  • Capturing all necessary data from cloud platforms is not always straightforward
Real-time and historical log research is a glowing achievement for Splunk. Splunk is also quite effective at dashboard creation and presentation with high level or more granular investigation possible.
Read Daniel Garrett's full review
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used by the entire organization for searching and reporting and to analyze the logs and entire organization’s data. Splunk is a great tool to work on. It helps in finding various threats inside and outside the organization. Five stars.
  • Versatile
  • Intelligent
  • Reporting
  • Searching
  • Log analysis
  • Costly
  • Needs training to work on
  • Needs hands on experience to get used to
Splunk is the best tool to work on if there is a need for analyzing the logs and the organization’s inside data. The way employees use search engines and browse for their personal use they can be caught easily. Also, if there are some outside threats within the company you can analyze those by setting up alerts.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used by our Infrastructure and Enterprise Monitoring Team and Security Teams to monitor our infrastructure. Monitoring is enabled for the overall health of our systems. Data is collected from multiple data sources. Logs are analyzed and converted to meaningful metrics for the team to proactive monitor and take corrective actions.

Splunk has the ability to correlate data from disparate data sources and provide root cause hence reducing MTTR and improving our SLA's with our customers. The events logged in Splunk help our IT Analyst and Security Analyst take proactive action before impacting the services which our customer uses. The Event Correlation helps us find RCA and improve MTTD and MTTR.
  • Collect data from multiple data sources and correlate. Reduce alert noise from multiple monitoring systems.
  • Monitor alerts and report on data collected. Create custom dashboards.
  • Powerful machine learning and AiOPS functionality.
  • Helps with our security compliance and addresses the security team's need to remain PCI compliant.
  • Splunk data sizing and data collected. Worked with Professional Service to scale our environment.
  • Capacity data storage for Splunk data.
  • TuningSplunk analytics dashboards for performance.
Good for event correlation from multiple data sources, web monitoring, systems and application monitoring. Good as security information and event management tool. It collects data from logs and custom applications helping the business make informed decisions across the organization. Gain insights to drive operational performance and business results. Splunk's rich visualizations make results easy to understand and take necessary actions.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is an excellent logging platform, allowing for short and long term log storage with top tier indexing and searching capabilities. We have deployed Splunk to aggregate all logs and act as a central logging platform throughout the company. This helps us solve operational issues by providing a centralized log monitoring platform to be used by our operations group. It also helps solve regulatory issues by being the central logging platform with strict access controls as well as tiered storage and archiving capabilities.
  • Tight access control via a variety of mechanisms to restrict users to specific logs.
  • Solves regulatory controls by providing access control and archival storage capabilities.
  • Provides a quick mechanism to search across multiple logs for issues between systems.
  • Splunk can be expensive since it's based on the amount of logging you do. The capabilities definitely make up for the cost, but there is a high bar to entry.
  • Splunk can be overly confusing for new users. The capabilities are quite vast and sometimes daunting.
Splunk is an excellent central logging system. For companies concerned about the cost, you can combine Splunk with an open-source logging engine such as rsyslog and only ingest the logs you need to search. Splunk is an excellent tool for handling web and systems logging and can help quickly identify issues in both.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used to monitor both Prod as well as all our lower environments. It is used for analyzing logs and tracing transactions. We write Splunk queries and create dashboards for monitoring several Key Performance Indicators. We first analyze metrics over a particular period of them to understand the trend and then set up alerts on these metrics for threshold violations.
  • Simplifies analyzing of big logs finds and helps in finding issues faster.
  • Splunk Alerts are great to be notified of possible issues so that necessary actions can be taken to avoid it from becoming a problem to our end users.
  • Dashboard reports can be scheduled to be generated and share with key stakeholders.
  • Comparison of two or more time series data in a single graph.
  • Search and make suggestions on Splunk commands as we type on the search window.
Simplifies analyzing of big logs finds and helps in finding issues faster. Splunk Alerts are great to be notified of possible issues so that necessary actions can be taken to avoid it from becoming a problem to our end users. Dashboard reports can be scheduled to be generated and share with key stakeholders.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to consolidate all our logging and I use it primarily for problem debugging and dashboarding.
  • It does very well at providing a central repository for logging.
  • Provides a convenient tool for problem research, debugging and analysis.
  • One issue is that users who might find dashboards useful don’t have permissions due to licensing.
  • Dashboard creation is a bit confusing.
Not so great for applications that don’t write much useful info to logs.
Read this authenticated review
Rounak Jangir | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is not used across my organization. It is being used by some of us and for some specific task. And yes, it is also used by other departments as well but according to their need. Specifically, we are using this tool for monitoring the application logs and doing some analysis over it. Splunk provides a very easy way to search your logs and perform some basic analysis.
  • Log search is very good with this tool.
  • Splunk search query language is just very good. You can easily run some analysis using this language
  • Generating reports is a very good feature of this tool.
  • Detecting anomalies and reporting them is just fantastic.
  • Splunk requires some learning to use all of its features. Understanding its SPL is not very easy, and it will take long enough time to learn it.
  • Regular expression is a bit tedious to learn and then use, it needs a good understanding of regular expression.
  • I don't know why, but sometimes its search keeps on going forever and then I had to manually kill that job to start it again.
If you need to search and need to do some analysis on top of that, then Splunk is a great thing to use. And also if you want to generate reports from them and want alerts on some specific activity, then Splunk should be your first choice. I have used this tool for this purpose but can't say in which scenario it would not fit.
Read Rounak Jangir's full review
Priti Asai / Thakkar | TrustRadius Reviewer
December 14, 2018

Monitor your monitors...

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is used for application logs monitoring and system health checks for production environment and performance environment.
  • Best tool to do log monitoring and creating intuitive dashboards and charts
  • Best for setting up alerting for application logs
  • The tool needs to integrate AI to understand the system logs and alerting should be based on the auto learning.
For anything related to the application backend logs and monitoring, it's very appropriate to use, based on which we can create various dashboards / charts. For server health / monitoring, Splunk logs are not very helpful. It completely relies on log statements, if statement is not formatted in standard format, and it gives inaccurate results.
Read Priti Asai / Thakkar's full review
Dhruba Jyoti Nag | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk Enterprise is used by the organization to primarily analyze data. It looks at data generated by various on-premise systems and provides meaningful insights out of them. Many advanced features like custom reporting are used by business analysts on a regular basis to determine the course of action. Last but not least, it is also used to execute daily support tasks like log analysis.
  • Data Analytics
  • Reporting
  • Indexing search data
  • Searching machine-generated data at realtime to forecast trends
  • Splunk is expensive.
  • To use Splunk effectively, people must learn SPL.
  • Splunk is good at what it does, but to create an efficient analytics systems other products like SW monitoring tools need to be used in conjunction.
Splunk is an excellent analytical tool and if SPL is mastered correctly, it can be very powerful too and much more efficient than competing tools. It can be easily used by Business Analysts to get real-time insights if reports are set up for them. However, when it comes to monitoring systems, a lot of configurations are required, and that makes it not the ideal one-stop solution.
Read Dhruba Jyoti Nag's full review
Matt Judice | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Splunk to catalog all incoming quote requests, booking requests and booking responses (effectively we catalog all successful transactions and errors). My team uses these logs to troubleshoot connections with our partners. We also use this to analyze the behavior of our customers to make sure they are operating as we expect them to. I use this tool every day, for several hours per day, to do my job.
  • logging server data
  • easy to use commands to parse data
  • automated reporting
  • real-time reporting that will alert when a condition is met
  • Not a Splunk problem, but we don't have enough space to store as much data as we would like
Logging server activity, logging transaction data, really any scenario where things or data points can be saved and parsed later.
Read Matt Judice's full review
Matt Overton | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Splunk Enterprise across the entire company to collect log data that allows us to see up/down times of servers and applications. We have customized Splunk a good bit and it is one of the main tools we rely to monitor our server environment and troubleshoot issues when an app/server is down or having errors.
  • Monitoring of log data to gauge server status and health
  • Dashboards that allows us to view data about servers in our environment
  • MOnitoring for fraud/cyber security threats and risks
  • We really like the product but there is a steep learning curve and training is definitely required
  • Our environment is setup so that you have to be fairly technical to navigate it and get value from it. We need to make our dashboards/reports less technical so the business users get more value from the tool
  • Tool is very module driven so you are constantly having to add modules and costs to get new functinality
Splunk does a great job of collecting and monitoring machine data. We have use it to reduce fraud/cyber crime loses and we have been able to see a measurable return since using the product for this purpose. It is very extensible so you can continue expanding what the tool does over time. There is added expense with this, but it may be worth it in the end.
Read Matt Overton's full review
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is used in our enterprise to analyze monitoring and analytics data. We have thousands of micro services and APIs in our organization. All these APIs emit log data that is used to aggregate and analyze using Splunk. It also helps in end-to-end tracking of flows and data across services, in troubleshooting errors, and in generating metrics. Splunk is also used generating and configuring alerts.
  • Used for indexing and collecting machine data and log data from APIs.
  • This data is used to generate graphs, alerts, metrics that is useful to business, technology and operations.
  • It is data source agnostic and is used to log API, batch, db and log data. It runs on AWS for us.
  • The only con might be that it is much costlier than an open source system like ELK (Elastic Logstash Kibana).
We use Splunk heavily for log data collection, indexing for analysis, and monitoring our APIs 24x7. It is very easy for developers to generate indexes on unstructured data and easy for operations folks to create graphs of this data.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is our dumping ground for our logs. We use Splunk to pump the monitoring and statistical logs to, whether for analysis, storage, or for debugging purposes. The main problem it solves is that we have many systems that live in different places, and having one centralized repository for our logging helps us with correlation of bugs to specific times, and monitoring how different infrastructure interacts.
  • Handles inputs from many different sources.
  • Very easy queries.
  • Dashboard support.
  • Scaling story.
  • Query speed.
We've tried the rest, and Splunk Enterprise seems to be the best solution for dumping our logs when you have either a multi-cloud or multi-product solution. It is great for having a centralized logging platform for multiple users to access and allows you to manage your data in many different indexes and control access to those indexes.
Read this authenticated review
Rahul Shinde | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk is a very powerful analytics tool. As of now, we are using Splunk on an experimental basis in our department but so far the results are pretty great. So we are planning to expand its use on an organizational level. We use Splunk for various things but mainly we use it to monitor and investigate Blackboard system startup issues by analyzing log files. We have written Splunk search strings to list out all the Blackboard system startup errors in a mannerly fashion and later raise it to the concerned department. After starting to use Splunk, it made very easy to find the exact cause of the issue.
  • Powerful Data Analytics application
  • Excellent and very informative dashboard
  • Defining Field Extractor is very easy and also you can use them to search again
  • Can analyze large amount of data very effectively
  • Need technical expertise to use Splunk. I will recommend watching training videos before integrating Splunk into your organization.
  • Lacks offline and email features
  • It's a great application but it is bit costly
Splunk is a great data analytics tool for you if you have a large amount of data to analyze. Splunk provides accurate and real-time analysis of data through its dashboard. But if you not quite a technical person or not willing to learn Splunk before using it, I will not recommend it to you. Also, Splunk is less appropriate for static data.
Read Rahul Shinde's full review
Ryan Stasel | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
I'm using Splunk to aggregate logs from various servers and devices within my department. While I don't interact with it daily, or even weekly a lot of times, I do use it heavily when faculty or staff come to me asking when users were logged in, when there are any questionable incidents on websites, etc.
  • Log aggregation is extremely well done. Whether sending it logs over Syslog, mounting log directories over NFS, or using their log forwarding service.
  • Searching. I'm an amateur at best when searching and aggregating logs. The reporting functionality is amazing.
  • I would love some better wizards to help build canned reports based off common data sets.
  • An easy way to back out integrating a log that suddenly balloons you over your license limits.
  • An easier way to help Splunk parse log types. You can give Splunk any data you have, but unless you're able to tell it how the random log is formatted, your ability to search on it is limited.
Honestly, I can't think of an instance where Splunk isn't well suited for a task. They offer a free license that will handle up to 500MB/day, which unless you're logging against AD, or Exchange, is probably plenty to trial the software. There are examples where I've grabbed a copy for home to help troubleshoot issues with my home network and the network devices supported sending to a Syslog server.

The only issue most users are going to have is cost once you start figuring out the amount of data you're going to be aggregating, the licensing costs can get rather steep.
Read Ryan Stasel's full review
Larry Helms | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Splunk is mainly used to log analysis and alerting of events, both business and technical events
  • Business event alerting
  • Technical Event alerting
  • Graphing of information found in the data
  • Users CAN write queries that are non-optimized causing both performance problems or unexpected (as in not what they wanted) results. It would be great if Splunk engineers could come up with some way to 'model' the queries and instruct users on query performance gave x number of records... and possibly an example of results - say using 100-1000 records - so that the user can see what they're going to get.
It is best used for both business data analysis, reporting and graphing. But it also does well when alerting on events. Users, however, mistakenly assume that alerting can be/is real-time. Unfortunately, even though indexing is very fast, it can take some time to index and then issue alerts. This is NOT a problem if you properly train users about what to expect and how to properly use the tool.
Read Larry Helms's full review
Sameer Gupta | TrustRadius Reviewer
January 30, 2018

Splunk Review

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is used across the whole organization and is used for logging. We log all of our web traffic thru Splunk and we use it to monitor what events are taking palce on our site. The business problem we solve for is not having to build an inhouse logging tool.
  • Catching web traffic
  • Dashboards are helpful
  • Search capability is great
  • The dropped logs can be frustrating
  • our instance only retains data for 3 months
I think Splunk makes a ton of sense for a company that is looking for an out of box logging tool. Splunk does a good job of letting you log various parameters across your site and easily search and query for the said events.
Read Sameer Gupta's full review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use this across our different departments for security, app performance monitoring, host monitoring, data intelligence, correlation, alerting and much more. It's a Swiss Army Knife of IT products.
  • The power of it. It's a very good tool that does amazing things. Nothing comes close to it.
  • It can ingest any data and present it in a digestible, searchable format.
  • Flat file format makes it very fast and the best visualizations I've seen.
  • It can be cost prohibitive, but I still think it's worth it.
  • Training users is a little bit steeper, but once they have it, it's very powerful.
Overall security monitoring: It can take data in and correlate it across very different datasets. Some tools require you to ingest and format it their way, but being able to do ad-hoc searching during an incident has proven to be very valuable.
Read this authenticated review
Trung Pham | TrustRadius Reviewer
September 14, 2017

Splunk for new users

Score 9 out of 10
Vetted Review
Verified User
Review Source
Splunk is being used extensively in our technology department. Many applications use Splunk to monitor business activity, system resources, exceptions/failures, and to overall system status. Splunk addresses more technology-related problems but it does provide the business greater transparency into the applications which in turn gives both the business and the developer's peace of mind.
  • SPLUNK has a quick learning curve and can be easily self-taught. For example, there are plenty of resources available such as tutorials and search tools. There is really no prerequisite for learning how to use Splunk.
  • SPLUNK Enterprise provides plenty of useful documentation and user support which makes it easy for anyone to learn and start using SPLUNK in a very short period of time. There are also examples and user feedback that is helpful if you need more advanced implementations.
  • SPLUNK is very powerful, yet simple. For instance, you can set up a dashboard in one day provided you have admin rights and access to the data you want to Splunk.
  • Even though there is a search tool as a help function, you still have to read through many documentation to find the answers you're looking for and sometimes you don't find it. The help function in Splunk could be improved to be more intuitive or have a built-in help per report, panel or dashboard.
  • Creating a Splunk dashboard is rather straightforward however, customization is not. Splunk could be improved to provide more tools or features for customization such as adding colors and font options for text and graphs or graphics.
  • My dashboard has a lot of useful information and I want the important panels and reports at the top but there is no easy way to do this. Perhaps Splunk could be improved to allow features such as adding URL links to other dashboards or some other clever way to emphasize the important data in my dashboard without compromising space.
Splunk is well suited for applications or companies that process and store large data. Some of these applications may be legacy but as long as you can retrieve this data, then you can use Splunk to transform this data into meaningful reports or dashboards. In addition, Splunk is great for a 24/7 monitoring operations tool that can be set up to send alerts for production support. Splunk is less suited for applications that may already have a GUI because the Splunk features would be less superior than what a graphical user interface could provide in terms of features and customization.
Read Trung Pham's full review
Eric Krueger | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently have evaluated and are deploying Splunk Enterprise to replace our older SIEM device. This will allow us to monitor our critical systems and allow for scalability as we continue to grow. Using this product has saved us time and money as it is used across our whole company's three locations. The flexibility and tools offered with Splunk make our jobs easier. Also, there are great forums and a cool wiki for best practices using Splunk.
  • Monitoring is made easy and putting out reports for upper management is a breeze.
  • With Splunk analytics we are better able to track our employees usage of systems for auditing purposes.
  • Checking on performance through Splunk's monitoring makes our management of resources a lot easier and resources are put where needed most.
  • Some of the start up in Splunk requires more than we would otherwise like.
  • We wish there was more customizable reporting.
  • Splunk sales engineers could be a bit more friendly and easier to work with.
Splunk Enterprise meets all of our needs under one platform. The cost savings along without sacrificing functionality have made our choice to go with Splunk an easy decision. The functionality and cost savings alone have made upper management happy to deploy this system in our environment and the return on this investment has paid for itself.
Read Eric Krueger's full review
Viktor Mulac | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Production line quality monitoring and searching for patterns, leading to outages. Usually scan and fix tasks, finding an event, that leads to an outage.

Two main ways of using Splunk prevail: ad-hoc analysis, and monitoring and alerting.

In some applications with two production lines, Splunk connected directly to the controllers and monitored data in real time. In other applications, we analyzed logs from 5 systems, among others application server logs, database server logs, production line measuring PCs. In total 5 systems had to communicate and an error on DB server sometimes caused outages on the production line. Splunk helped to find patterns in these incidents. We then set up a monitoring app to provide early indication of a potential upcoming outage.
  • Parsing huge amounts of data, structuring data, or at least helping to find a structure
  • Very good performance.
  • Very good graphical representation of data, findings, report creation
  • I really cannot, since after a year we are still discovering more and more possibilities with the product. One specific wish of a manager was: can we work with the reports offline? (e.g. on the airplane) we have not found a reasonable way of doing this. The only thing we came up with was exporting data and rendering specific reports in flash (web viewer) and somehow simulating reports within limited (predefined) boundaries
Trained analyst, with e.g. python knowledge, regular expressions knowledge, etc. will do his tasks quite quickly.

In the beginning, when starting to learn Splunk, you have to deal with tons of error messages, (mostly resolved by Google discussions).
Read Viktor Mulac's full review

Feature Scorecard Summary

Centralized event and log data collection (36)
9.2
Correlation (36)
8.7
Event and log normalization (36)
9.0
Deployment flexibility (32)
8.3
Integration with Identity and Access Management Tools (33)
8.0
Custom dashboards and views (37)
9.0
Host and network-based intrusion detection (22)
8.7

About Splunk Enterprise

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Splunk Enterprise Integrations

Splunk Enterprise Competitors

Pricing

  • Has featureFree Trial Available?Yes
  • Has featureFree or Freemium Version Available?Yes
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No

Splunk Enterprise Technical Details

Operating Systems: Unspecified
Mobile Application:No