Splunk Enterprise Reviews and Ratings

Rating: 8.4 out of 10

Score

8.4 out of 10

Community insights

TrustRadius Insights for Splunk Enterprise are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Valuable Log Gathering and Summarization: Users have expressed positive opinions about Splunk's ability to gather and summarize log messages from multiple sources. Many reviewers find this feature valuable, as it allows them to easily access and analyze log data in a centralized location without the need for manual aggregation.

Simplicity and Advanced Search Capabilities: Splunk's reporting functionality is highly regarded by users for its simplicity and advanced search capabilities. Several reviewers appreciate how easy it is to use Splunk's reporting features, while also being able to perform complex searches that provide detailed insights into their data.

Effective Web Traffic Catching and Dashboards: The effectiveness of Splunk in catching web traffic and providing helpful dashboards is another aspect praised by users. Many reviewers highlight how Splunk's web monitoring capabilities enable them to track website activity effectively, while the intuitive dashboards allow for quick visualization and analysis of important metrics.

Reviews

87 Reviews

Splunk Enterprise

Rating: 8 out of 10

Incentivized

October 24, 2025

Use Cases and Deployment Scope

Splunk Engerprise is used to collect various security logs but for our organization we usually send account login information to Splunk Enterprise to gather analytics of how many people logged in, unsuccessful logins, and also account logouts. Daily reports are generated and are presented at our daily team meetings for management.

Pros

Splunk Enterprise is able to store large amounts of logs
Splunk Enterprise able to search efficiently through it's log database
Splunk Enterprise is able to create reports of user lockouts

Cons

Splunk Enterprise does not integrate well will all vendors
Splunk Enterprise's virtual machine option has log limitations
Splunk Enterprise could offer better connectivity with the cloud

Likelihood to Recommend

Splunk Enterprise is well suited for large enterprise solutions for a company with many systems and endpoints to dump large amounts of security logs. Splunk Enterprise has plenty of storage to keep the logs of security events well over 30 days and has the ability to generate reports of user login and lockouts.

Verified User

Engineer in Engineering (10,001+ employees)

Vetted Review

7 years of experience

Splunk Enterprise You are awesome

Rating: 9 out of 10

Incentivized

October 23, 2025

Use Cases and Deployment Scope

Splunk Enterprise is used for overall machine log collection, transform the data for better analysis and then use them for various analytical capabilities like dashboarding, monitoring, alerting and reporting.

Data is collected from various sources and is transformed to get a overall operational visibility and quantify key metrices like availability, latency, throughput and identify patterns in application, infrastructure and network logs. The overall visibility helps us to easily identify common issues, proactively capture points of failures, identify network attacks and resolve issues quickly to improve customer satisfaction. It also gives us a chance to improve our services by identifying areas which can be optimized by refactoring code, updating configs or move to better underlying technologies.

Pros

Collection of logs from multiple sources like cloud, network, applications in different formats and aggregating to get a clear business picture.
Splunk Enterprise design is intuitive and seems to be developed by a multidisciplinary team which makes it easier to read logs in their raw format, extract new fields, develop dashboards and alerts. Autoextracted fields, dashboard sharing, simple alert design are some of examples which are very well thought and designed.
Splunk Enterprise is fast, even though it handles loads of data , the parsing and indexing done at core level helps us to quickly sift through data , this makes it critical in troubleshooting and fixing issues on priority.
We have apps for specific use cases like networking, threat detection, machine learning, NLP . Splunk Enterprise also allows to create customized apps to cater to team or organization specific use case. These can also be used to limit which users can access the data in the respective apps

Cons

Splunk Enterprise remains high cost tool specially if the amount of data ingested is huge.
Built in AI capabilities should be improved
Takes some time to learn SPL, Splunk Enterprise own language for queries. However once mastered make the overall usage very easy.

Likelihood to Recommend

Splunk Enterprise is a goto tool for anyone working with multiple sources of machine data. I really like how logs are pre-parsed to highlight all required fields and more can be extracted if required. We dont have to write complex code to extract json or xml data which is a real pain area in some of the similar softwares. Dashboards can be scheduled on email to stakeholders as daily reports and can also be exported and imported as XML.

We can also create macros which are small code blocks which can be resused at multiple places.

Verified User

Manager in Information Technology (1001-5000 employees)

Vetted Review

6 years of experience

Splunk could use some spark

Rating: 8 out of 10

Incentivized

October 22, 2025

Use Cases and Deployment Scope

Primarily used for logging and track application error events.

Splunk is super good in terms of search and how fast results are populated with easy to use queries. There's a great deal of community support to find whatever required setup the org needs to achieve results.

Pros

Indexing and search jobs
Scheduled automation
Dashboards and bird's eye views

Cons

UI improvements
More amicable license terms
Better integration with other third party vendors.

Likelihood to Recommend

Log reporting

Error troubleshooting

<div>Dashboards</div><div>Alerting and integration to messaging apps.</div>

Verified User

Engineer in Information Technology (201-500 employees)

Vetted Review

5 years of experience

Splunk Enterprise Review

Rating: 8 out of 10

Incentivized

October 22, 2025

Use Cases and Deployment Scope

Splunk technology is used for business and web analytics, application management, compliance, and security. It correlates, captures, and indexes real-time data, from which it creates alerts, dashboards, graphs, reports, and visualizations.

Pros

robust log management and aggregation capabilities, efficiently handling and retaining logs for extended periods.
It is a power full tool to help tracing calls, using filters and customizable indexes.
It enables organizations to build artificial intelligence (AI) into their data strategies and gain operational intelligence from their machine data.

Cons

Deploying Splunk can become expensive when managing large volumes of data.
The tool’s dashboards are not as reliable as other tools such as Tableau.
The cost associated with Splunk Enterprise Security is high, and many users express concerns about the licensing model and overall expenses.

Likelihood to Recommend

it offers robust log management and aggregation capabilities, efficiently handling and retaining logs for extended periods.Optimizing searches to improve speed can be tricky and impractical.

Challenges exist in managing data onboarding and integration, especially when dealing with diverse and numerous data sources

Nitin Umbardand

Director Cybersecurity Business in Information Technology at Benelec Infotech Pvt Ltd (51-200 employees)

Vetted Review

5 years of experience

Splunk Enterprise The Powerhouse with a Price and a Purpose

Rating: 10 out of 10

Incentivized

October 22, 2025

Use Cases and Deployment Scope

Splunk enterpirse serves as a central hub for machine-generated data across entire organization. It is deployed on-premise, allowing us to ingest, index and manage data from thousands of sources. we primarily use Splunk for multiple purposes like - 1) centralized loggin and monitoring. 2) searching and analysis. 3) proactive alaering and visualization. Splunk is critial for solving major business challenges related to visibiliy, efficiency and risk management. like -Lack of operational visibility. - Slow incident response and troubleshooting. - Ineffective threat detection.

Pros

Flexible, schema-on-read architecture. Splunk is uniquely adept at ingesting unstructured, semi-structured and structured data without a predefined schema.
Massive data volume scalability
Reliable universal forwarders- which are highly reliable and resource-efficent agents that collect data from anysystem.

Cons

cost and pricing structure - a frequent area of concern, especially for organizations with rapidly growing data volumes. Ingest-based licensing. High total cost of ownership.
Learning curve and user experience -despite its power, Splunk presents a steep learning curve for new users particualry around its Search processing language.
Storage and data retention - for long term data retention, Splunk's native architecture presents performance and cost trade-offs.

Likelihood to Recommend

Scenarios where Splunk is well suited - 1) Security information and event management is and industry-leading SIEM solution. one of the use case for this is -A global financial org needs to monitor threats after breach and maintain audit trails for regulatory compliance.

Scenarios where Splunk is less appropriate - Startups and small business with limited budgets. - Long term, low-access data archival.

Verified User

Consultant in Information Technology (10,001+ employees)

Vetted Review

5 years of experience

Splunk - versatile tool for log ingestion.

Rating: 8 out of 10

Incentivized

October 21, 2025

Use Cases and Deployment Scope

I have used Splunk for log ingestion, indexing, snoop alerting, searching, and troubleshooting production issues. Understand API response times to find bottlenecks and improve performance. It is a great product for tying logs from various microservices, as long as they follow a similar pattern and have a unique ID to tie them together.

Pros

Log Indexing.
Searching
Custom log report/dashboard capability.

Cons

Room for improvement in export capability.
Better reporting.
Splunk metrics via API.

Likelihood to Recommend

Log ingestion, indexing. Much needed while troubleshooting issues. Performance improvements, API throughput monitoring. Continuous monitoring via Splunk snoop alerting. Integration with enterprise ITSM.

Verified User

Vice-President in Information Technology (5001-10,000 employees)

Vetted Review

8 years of experience

Splunk Enterprise Review

Rating: 9 out of 10

Incentivized

October 21, 2025

Use Cases and Deployment Scope

Splunk Enterprise is basically used for log management in our organisation. All the unix server,windows server, backups, db and other asset logs are written into Splunk Enterprise. These logs are mostly used for troubleshooting, audit purposes and sometimes to figure out the trend of particular occurance. In one of the case I have seen that feed is sent to Splunk Enterprise and then tickets are being created from that feed, which is one of unique use case I have seen

Pros

Log Management
Prepare reports for audit
trend analysis
Troubleshooting
Monitoring

Cons

Representation of data like different visual
Agentless communication.
Direct connection to database and pull the feed
More features in interface

Likelihood to Recommend

In log management i have experienced that Splunk Enterprise is very very useful. Most of auditors are relying on Splunk Enterprise for various evidences Based upon market trends and increasing popularity of Splunk Enterprise in financial institutions it is very good tool for log Management, troubleshooting, data analytics and trend to create various reports.

Verified User

Engineer in Engineering (10,001+ employees)

Vetted Review

10 years of experience

Enterprise monitoring tool which is quite fast to find logs and create alerts

Rating: 6 out of 10

October 20, 2025

Use Cases and Deployment Scope

We use Splunk Enterprise for event bus where teams communicate to each other via Pub/Sub. Its topic conventions are making it easier for us to use wildcard subscriptions, filter on specific events etc. Having exclusive and non-exclusive queues are also a nice separation to spread the load or helping to keep the order depending on which you choose.

Pros

Easy queue definitions and subscriptions
Delivery guarantee of events
UI is helpful to monitor things a bit

Cons

UI doesn't show stuck events/messages, would be nice to see them directly.
Permission management to the queues would be simpler and more granular

Likelihood to Recommend

Splunk is well suited if you want to be robust but not 100% correct. It is fast and convenient.

However if you like to pass messages including users payment details etc. I definitely suggest something else where you as consumer can decide what to do with messages. To me it is a bit weird that publishers can set whether a message can go to DLQ or not.

Verified User

Engineer in Product Management (10,001+ employees)

Vetted Review

3 years of experience

Splunk: The Good The Bad and The SPL

Rating: 9 out of 10

Incentivized

October 20, 2025

Use Cases and Deployment Scope

Splunk Enterprise is our main tool for data analytics, observability and monitoring. Our company produces petabytes of data, so splunk provides an awesome tool to not only monitor the logs that are produced by our services bit also to create dashboards for monitoring and alerting. We regularly create alerts using splunk queries and use them to find out of there is something wrong with our products. It addresses the following business problems:Loss of revenue, by means of making sure we are not giving customers degraded experience. Data driven decision making: Allows business analysts to analyze splunk dashboards and make sure that they can do appropriate analysis and take appropriate decisions for revenue growth.

Pros

Configurable and sophisticated way of alerting on certain conditions observed via logs
Ability to create amazing dashboards to showcase current performance and allows us to monitor system health.
ability to do anomaly detection using AIOps and Machine learning to find out proactively if there is anything wrong with the system

Cons

Difficult to learn SPL (Search processing language) for newcomers to splunk. Should have made it easy to understand
Splunk is mainly log-centric, so to add stuff like distributed tracing we need to purchase premium applications (like Splunk APM)
Dashboard creation can be a bit messy experience for people that dont know how to do it fast. The drag-and-drop model seems outdated and UI can certainly do better in terms of usability.

Likelihood to Recommend

I will give it 9. And its best suited for large organizations with high stakes and lot of data. Which precisely need near complex, real-time monitoring, and alerting. Especially in places where some errors, if left unattended can cause customer and revenue loss. It is useful where cost is secondary to having the capability of this sort of monitoring.

It may be less suitable for startups which dont have a lot of data, and are cost sensitive. It is also not very suitable if we dont have requirement for precision dashboarding and monitoring.

Verified User

Employee in Engineering (10,001+ employees)

Vetted Review

1 year of experience

Splunk Enterprise is a winner

Rating: 10 out of 10

Incentivized

June 16, 2025

Use Cases and Deployment Scope

It is a very ease to use tool. You can write custom query and visualize date by building customer dashboards. It is a center repository for all Infrastructure devices. It can integrate with service now to generate a customer alert. It has apps for the different vendors which can be also easily deployed.

Pros

Data parsing
Data sorting
Data visualization

Cons

Out of box dashboard
Out of box queries

Likelihood to Recommend

Splunk Enterprise is well suited for end to end integration. You can configure application and infrastructure to minimize the troubleshooting time. We use Splunk Enterprise for custom alerting with Google chat. BGP up and down or interface up and down. It can not parse the ACI logs as expected. Expensive tool to have.

Verified User

Account Manager in Information Technology (1001-5000 employees)

Vetted Review

7 years of experience

Loading Reviews List....

Video reviews

View playlist

Home
,
Security Information and Event Management (SIEM)
,
Splunk Enterprise
,
Reviews and Ratings

Splunk Enterprise You are awesome

Rating: 9 out of 10

Incentivized

October 23, 2025

Use Cases and Deployment Scope

Pros

Collection of logs from multiple sources like cloud, network, applications in different formats and aggregating to get a clear business picture.
Splunk Enterprise design is intuitive and seems to be developed by a multidisciplinary team which makes it easier to read logs in their raw format, extract new fields, develop dashboards and alerts. Autoextracted fields, dashboard sharing, simple alert design are some of examples which are very well thought and designed.
Splunk Enterprise is fast, even though it handles loads of data , the parsing and indexing done at core level helps us to quickly sift through data , this makes it critical in troubleshooting and fixing issues on priority.
We have apps for specific use cases like networking, threat detection, machine learning, NLP . Splunk Enterprise also allows to create customized apps to cater to team or organization specific use case. These can also be used to limit which users can access the data in the respective apps

Cons

Splunk Enterprise remains high cost tool specially if the amount of data ingested is huge.
Built in AI capabilities should be improved
Takes some time to learn SPL, Splunk Enterprise own language for queries. However once mastered make the overall usage very easy.

Likelihood to Recommend

We can also create macros which are small code blocks which can be resused at multiple places.

Verified User

Manager in Information Technology (1001-5000 employees)

Vetted Review

6 years of experience