TrustRadius: an HG Insights company

Splunk Enterprise

Score8.6 out of 10

540 Reviews and Ratings

Get a Demo

What is Splunk Enterprise?

Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Splunk Enterprise has to offer, as determined by TrustRadius' reviewers.
Based on 540 ratings of Splunk Enterprise's features
View all features

Top Performing Features

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 8.5

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8.3

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.2

Areas for Improvement

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8.2

  • Behavioral analytics and baselining

    How effectively activity and behavior baselines are established and maintained

    Category average: 7.6

  • Response orchestration and automation

    Quality of built-in response orchestration and automation in Next-Gen SIEM

    Category average: 7.6

Reviews

What users are saying about Splunk Enterprise.
View all reviews

Very Good

Incentivized
Damanpreet Singh
Software Developer in Information Technology at Airbus (10,001+ employees employees)

Use Cases and Deployment Scope

I use Splunk Enterprise to monitor logs from our servers and also application logs. We monitors those logs to keep a check on the server and application health (e.g., create an email alert if CPU usage is more than the threshold defined). Also, we have built many custom dashboards to display the keys metrics for applications/infrastructure.

Pros

  • collecting logs from servers
  • parsing machine logs very well
  • Build custom dashboards with visualizations

Cons

  • Support for third-party visualizations in dashboard studio.
  • More AI features in Enterprise version
  • More robust parsing for nested json data

Return on Investment

  • improved the monitoring process
  • Custom dashboard provides solution to apply specific company logics
  • Faster threat detection

Usability

Other Software Used

Zabbix, Palantir Foundry, GitHub

Good observability

Eric GalipaudView profile
Network Ingeneer in Information Technology at G2S (1001-5000 employees employees)

Use Cases and Deployment Scope

Splunk is our primary observability and log aggregation platform in the datacenter.

It centralizes logs from multiple systems, supports incident investigation, and provides dashboards and alerts for operational monitoring.

We also use it to analyze Tufin usage statistics and track security policy management activity.

Pros

  • well in log aggregation and search performance
  • nice dashboards
  • customization

Cons

  • Resource consumption and performance
  • Licensing and cost

Return on Investment

  • great observability
  • takes some time to configure dashboads, but provides a good visibility

Usability

Alternatives Considered

Cisco Application Centric Infrastructure (Cisco ACI) and Cisco Meraki SD-WAN

Splunk Enterprise is awesome

Incentivized
Leonora Milisa
Cybersecurity Consultant in Information Technology at COMBIS DOO (201-500 employees employees)

Use Cases and Deployment Scope

In our organization, we use Splunk Enterprise for Logs from various devices.

Pros

  • In my opinion, queries are done well in Splunk Enterprise
  • I think that logs are done well in Splunk Enterprise
  • In my experience, automation is done well in Splunk Enterprise

Return on Investment

  • Splunk Enterprise has an awesome impact on our organization's overall business objectives.

Usability

observe

Incentivized
Simon Jones
Solutions in Sales at orange (10,001+ employees employees)

Use Cases and Deployment Scope

In our organization, We use Splunk Enterprise for some specific uses cases on a bespoke basis for customers

Pros

  • In my opinion, observability is done well in Splunk Enterprise

Usability

Good product not able to keep up with AI needs

Incentivized
Verified User
Engineer in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

Manage/maintain a large scale Splunk platform to provide analytical and security needs of the organization. Currently it provides a single pane of window for our security teams to build their threat/risk modeling at the same time integrating with other software to triage security incidents. Besides our developers leverage it for triaging purposes, along with leadership to make decisions based on data points available.

Pros

  • Easy to write SPL queries; people can learn it very quick
  • Run searches against large data set
  • Role based access to limit the data

Cons

  • Lags way behind in AI integration
  • Doesn't handle large dataset properly
  • System guard rails have been dream for admins forever

Return on Investment

  • Licensing cost is high
  • Support has been real bad over the years, and seems to get even worse

Usability

Alternatives Considered

Elastic Security and Datadog

Other Software Used

Datadog, Anthropic Claude, Slack, Google Cloud Platform

Related Products

Products similar to Splunk Enterprise that may also meet your needs.
All comparisons
SolarWinds Loggly
CompareLearn more
Sematext Infrastructure Monitoring module
CompareLearn more
LogRhythm NextGen SIEM Platform
CompareLearn more