Overview
What is Splunk Enterprise?
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
TrustRadius Insights
Great if you have the money
Splunk Enterprise Rocks !!
Real-time smart meters
Splunk Enterprise in the Cloud empowers me as an analyst
Robust IT Operations and SIEM Management Solution
Great for almost anything
Security/Data Analytics Solution That Comes with SIEM Capabilities
Splunk leads the pack
One Splunk to rule them all!
Splunk Enterprise review
Splunk Enterprise - Log collection & aggregation
Won't you take me to Splunkytown
Excellent product for our cybersecurity team
Splunk Enterprise: A powerful, but expensive tool
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Custom dashboards and workspaces (54)8.585%
- Centralized event and log data collection (53)6.565%
- Event and log normalization/management (53)6.060%
- Correlation (52)6.060%
Reviewer Pros & Cons
Pricing
What is Splunk Enterprise?
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
40 people also want pricing
Alternatives Pricing
What is Blumira?
Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.
Product Demos
Splunk Incident Review Demo
Splunk Threat Intelligence Demo
Splunk Enterprise Security | Splunk Enterprise Installation | Splunk Training | Edureka
Features
Security Information and Event Management (SIEM)
Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools
- 6.5Centralized event and log data collection(53) Ratings
Effectiveness of real-time centralized event and log data collection
- 6Correlation(52) Ratings
Correlation of logs and events to pinpoint significant threats
- 6Event and log normalization/management(53) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
- 7.5Deployment flexibility(49) Ratings
Ability to tune system to maximize threat detection and minimize false positives
- 7.5Integration with Identity and Access Management Tools(49) Ratings
Integration with access control tools like Active Directory and LDAP
- 8.5Custom dashboards and workspaces(54) Ratings
dashboards that can be customized to meet the needs of specific groups
- 7Host and network-based intrusion detection(37) Ratings
Ability to detect both endpoint intrusion and network ingress detection
- 8.3Data integration/API management(5) Ratings
Ease and quality of data integrations between SIEM and other systems
- 7.8Behavioral analytics and baselining(4) Ratings
How effectively activity and behavior baselines are established and maintained
- 7.8Rules-based and algorithmic detection thresholds(4) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
- 6.9Response orchestration and automation(4) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
- 7.9Reporting and compliance management(4) Ratings
Ease and quality of reporting and compliance functions
- 8.9Incident indexing/searching(5) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is Splunk Enterprise?
Splunk Enterprise Integrations
Splunk Enterprise Competitors
Splunk Enterprise Technical Details
Operating Systems | Unspecified |
---|---|
Mobile Application | No |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(455)Community Insights
- Pros
- Cons
- Recommendations
Valuable Log Gathering and Summarization: Users have expressed positive opinions about Splunk's ability to gather and summarize log messages from multiple sources. Many reviewers find this feature valuable, as it allows them to easily access and analyze log data in a centralized location without the need for manual aggregation.
Simplicity and Advanced Search Capabilities: Splunk's reporting functionality is highly regarded by users for its simplicity and advanced search capabilities. Several reviewers appreciate how easy it is to use Splunk's reporting features, while also being able to perform complex searches that provide detailed insights into their data.
Effective Web Traffic Catching and Dashboards: The effectiveness of Splunk in catching web traffic and providing helpful dashboards is another aspect praised by users. Many reviewers highlight how Splunk's web monitoring capabilities enable them to track website activity effectively, while the intuitive dashboards allow for quick visualization and analysis of important metrics.
Confusing User Interface: Some users have reported that the user interface in Splunk can be perplexing, leading to difficulties in quickly performing tasks and navigating the software.
Limited Integration with Excel: Users have expressed their desire for improved integration between Splunk and Excel when it comes to creating reports and dashboards. They feel that better connectivity and seamless data transfer would enhance their workflow.
Steep Learning Curve: Several users have mentioned the complexity of Splunk's architecture, requiring a dedicated team of engineers to effectively manage and optimize its performance. This steep learning curve can pose challenges for new users who may need additional time and resources to fully grasp the intricacies of the platform.
Based on user reviews, the following recommendations emerged for using Splunk:
-
Ensure the correct subscription: Users emphasized the importance of having the correct subscription for Splunk to avoid login issues and fully utilize its features. They recommend careful planning of the deployment and learning as much as possible before implementing a large installation.
-
Thoroughly investigate anomalies: While Splunk's great dashboards for troubleshooting are praised, users advise against relying solely on system alerts generated by Splunk. They suggest continuing to investigate any anomalies and carefully setting up sources and background data in Splunk.
-
Utilize Splunk's log analysis capabilities: Many users recommend Splunk as a valuable tool for log analysis and improving the quality of current processes. They find it helpful for debugging integration issues and consider it suitable for large-scale applications/systems. Users appreciate its ability to connect to individual boxes and view multiple logs simultaneously.
It should be noted that some users suggest that there may be better and cheaper alternatives for small to medium-sized businesses, while others propose improvements to the search result UI and pricing structure to attract more users in the industry.
Attribute Ratings
Reviews
(1-5 of 5)Robust IT Operations and SIEM Management Solution
Splunk has the ability to correlate data from disparate data sources and provide root cause hence reducing MTTR and improving our SLA's with our customers. The events logged in Splunk help our IT Analyst and Security Analyst take proactive action before impacting the services which our customer uses. The Event Correlation helps us find RCA and improve MTTD and MTTR.
- Collect data from multiple data sources and correlate. Reduce alert noise from multiple monitoring systems.
- Monitor alerts and report on data collected. Create custom dashboards.
- Powerful machine learning and AiOPS functionality.
- Helps with our security compliance and addresses the security team's need to remain PCI compliant.
- Splunk data sizing and data collected. Worked with Professional Service to scale our environment.
- Capacity data storage for Splunk data.
- TuningSplunk analytics dashboards for performance.
- Centralized event and log data collection
- 90%9.0
- Correlation
- 90%9.0
- Event and log normalization/management
- 100%10.0
- Deployment flexibility
- 90%9.0
- Integration with Identity and Access Management Tools
- 90%9.0
- Custom dashboards and workspaces
- 90%9.0
- Host and network-based intrusion detection
- 90%9.0
- Improved MTTR for all our incidents.
- Reduced alert noise with powerful correlation engine.
- Performance Analytics dashboards.
- Network, Systems and Application Monitoring.
- Aggregation of Machine Data from different sources.
- Meaningful dashboards based on data collected to aid decision making.
- Integration with ticketing tools to automate ticket generation.
- Reduce noise from multiple monitoring tools.
- Automating actions based on alerts triggered.
- More Automation and invest in self healing Infrastructure.
- Price
- Product Features
- Product Usability
- Product Reputation
- Vendor Reputation
- Positive Sales Experience with the Vendor
- Third-party professional services
- Collecting Logs from some Storage Systems.
- Reporting
- Event and alert Correlation
- Ease of collecting Log from any sources
- Managing the data collected from a storage standpoint.
Using Splunk in Educational Sectors
- Timely alerting
- Sharing with end users automatically
- Less impact
- Sometime we see the Splunk agent taking higher CPU from OS prospects
- Similar issues have been noticed in Oracle Databases
- Centralized event and log data collection
- 90%9.0
- Correlation
- 90%9.0
- Event and log normalization/management
- 90%9.0
- Deployment flexibility
- 90%9.0
- Integration with Identity and Access Management Tools
- 80%8.0
- Custom dashboards and workspaces
- 80%8.0
- Host and network-based intrusion detection
- 80%8.0
- So far we are happy with this tool's features.
- Monitoring all of our Oracle databases and servers
- Monitoring all of MSSQL databases
- Monitoring all of MySql databases and its application
- Easier to configure the agent
- Easier to share the reports to any specific audience
- Easier to re-configure and add more features
- Including more applications and servers to have the Splunk coverage
- Sharing those important alerts after release from any patching or upgrades
- Educating the end users to take actions to reduce those daily alerts
- Price
- Product Features
- Product Reputation
- Vendor Reputation
Don't know how to live without Splunk for so long
- During our software development, Splunk is used for troubleshooting issues. With its ability to provide consolidated log messages for a specific period of time and transaction mode to correlate all relevant messages, it helps us pinpoint the root cause of the issue.
- Our operational staff relies on Splunk to provide timely alerts of issues and health monitoring of our entire operation.
- Our security team can easily perform audits as required using Splunk archives online instead of pulling backup tapes and tediously search though all relevant records of interests.
- Indexer replication is overly complicated
- Splunk increased our development productivity many folds
- Faster turnaround for finding the root cause of issues
- Implemented in-house
Good Tool for log mining
- Finding Oracle stats
- Getting request types based on users i.e. sorting capabilities
- Creating reports and charting based on data
- UI could be improved i.e. the query text-area behavior
- Creating reports publicly and deleting them is little non-intuitive for users
- Definitely helps to find a particular requests given a time-frame.
Big data indexing - Splunk
- search is amazing
- search is fast
- search is customizable
- reporting is great
- works well for my users
- Better customer service
- Quicker troubleshooting
- Better uptime