Overview
What is Splunk Enterprise?
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
TrustRadius Insights
Great if you have the money
Splunk Enterprise Rocks !!
Real-time smart meters
Splunk Enterprise in the Cloud empowers me as an analyst
Robust IT Operations and SIEM Management Solution
Great for almost anything
Security/Data Analytics Solution That Comes with SIEM Capabilities
Splunk leads the pack
One Splunk to rule them all!
Splunk Enterprise review
Splunk Enterprise - Log collection & aggregation
Won't you take me to Splunkytown
Excellent product for our cybersecurity team
Splunk Enterprise: A powerful, but expensive tool
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Custom dashboards and workspaces (54)8.585%
- Centralized event and log data collection (53)6.565%
- Event and log normalization/management (53)6.060%
- Correlation (52)6.060%
Reviewer Pros & Cons
Pricing
What is Splunk Enterprise?
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
40 people also want pricing
Alternatives Pricing
What is Blumira?
Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.
Product Demos
Splunk Incident Review Demo
Splunk Threat Intelligence Demo
Splunk Enterprise Security | Splunk Enterprise Installation | Splunk Training | Edureka
Features
Security Information and Event Management (SIEM)
Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools
- 6.5Centralized event and log data collection(53) Ratings
Effectiveness of real-time centralized event and log data collection
- 6Correlation(52) Ratings
Correlation of logs and events to pinpoint significant threats
- 6Event and log normalization/management(53) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
- 7.5Deployment flexibility(49) Ratings
Ability to tune system to maximize threat detection and minimize false positives
- 7.5Integration with Identity and Access Management Tools(49) Ratings
Integration with access control tools like Active Directory and LDAP
- 8.5Custom dashboards and workspaces(54) Ratings
dashboards that can be customized to meet the needs of specific groups
- 7Host and network-based intrusion detection(37) Ratings
Ability to detect both endpoint intrusion and network ingress detection
- 8.3Data integration/API management(5) Ratings
Ease and quality of data integrations between SIEM and other systems
- 7.8Behavioral analytics and baselining(4) Ratings
How effectively activity and behavior baselines are established and maintained
- 7.8Rules-based and algorithmic detection thresholds(4) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
- 6.9Response orchestration and automation(4) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
- 7.9Reporting and compliance management(4) Ratings
Ease and quality of reporting and compliance functions
- 8.9Incident indexing/searching(5) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is Splunk Enterprise?
Splunk Enterprise Integrations
Splunk Enterprise Competitors
Splunk Enterprise Technical Details
Operating Systems | Unspecified |
---|---|
Mobile Application | No |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(455)Community Insights
- Pros
- Cons
- Recommendations
Valuable Log Gathering and Summarization: Users have expressed positive opinions about Splunk's ability to gather and summarize log messages from multiple sources. Many reviewers find this feature valuable, as it allows them to easily access and analyze log data in a centralized location without the need for manual aggregation.
Simplicity and Advanced Search Capabilities: Splunk's reporting functionality is highly regarded by users for its simplicity and advanced search capabilities. Several reviewers appreciate how easy it is to use Splunk's reporting features, while also being able to perform complex searches that provide detailed insights into their data.
Effective Web Traffic Catching and Dashboards: The effectiveness of Splunk in catching web traffic and providing helpful dashboards is another aspect praised by users. Many reviewers highlight how Splunk's web monitoring capabilities enable them to track website activity effectively, while the intuitive dashboards allow for quick visualization and analysis of important metrics.
Confusing User Interface: Some users have reported that the user interface in Splunk can be perplexing, leading to difficulties in quickly performing tasks and navigating the software.
Limited Integration with Excel: Users have expressed their desire for improved integration between Splunk and Excel when it comes to creating reports and dashboards. They feel that better connectivity and seamless data transfer would enhance their workflow.
Steep Learning Curve: Several users have mentioned the complexity of Splunk's architecture, requiring a dedicated team of engineers to effectively manage and optimize its performance. This steep learning curve can pose challenges for new users who may need additional time and resources to fully grasp the intricacies of the platform.
Based on user reviews, the following recommendations emerged for using Splunk:
-
Ensure the correct subscription: Users emphasized the importance of having the correct subscription for Splunk to avoid login issues and fully utilize its features. They recommend careful planning of the deployment and learning as much as possible before implementing a large installation.
-
Thoroughly investigate anomalies: While Splunk's great dashboards for troubleshooting are praised, users advise against relying solely on system alerts generated by Splunk. They suggest continuing to investigate any anomalies and carefully setting up sources and background data in Splunk.
-
Utilize Splunk's log analysis capabilities: Many users recommend Splunk as a valuable tool for log analysis and improving the quality of current processes. They find it helpful for debugging integration issues and consider it suitable for large-scale applications/systems. Users appreciate its ability to connect to individual boxes and view multiple logs simultaneously.
It should be noted that some users suggest that there may be better and cheaper alternatives for small to medium-sized businesses, while others propose improvements to the search result UI and pricing structure to attract more users in the industry.
Attribute Ratings
Reviews
(26-50 of 69)Excellent tool for analyzing logs
- Splunk log analysis helped us understand backend error much better than ever and improved number of errors/ week significantly after resolving those.
- Charting vendor calls/service helped us understanding default looping/logic which in turn reduce vendor calls and vendor bill/call.
- Splunk alerting on system resources helped us take necessary actions to tackle the traffic under heavy load condition without impacting user experience.
a very good log handling and analysis tool
- There are a lot of positive impacts that Splunk had made, we have real-time exception alerting which is very useful
- We have report generation out of the logs which again helped us in many ways.
- The only negative thing I can say is that it requires good learning and that takes a long time
Splunk is great for troubleshooting
- Splunk has decreased the amount of time we spend looking for things to fix in other places.
- so far no negative effects
- Splunk Light has had a positive impact on our overall business objective of having a central log repository.
- Splunk Light is able to help us hunt down the reasons for account lock outs and has thus had a positive impact on time to resolution of helpdesk issues.
- Splunk Light had a positive impact on reporting and showing our auditor specific events he was looking for.
Monitor your monitors...
- It has been helping with alerting on certain attacks on site and monitoring server health.
- It slows down during high traffic volume days - ( major 5 days of the year )
Splunk for log collection, indexing, analysis & dashboarding
- Splunk has been used as a one-stop-shop for log collection, indexing, alerting, analytics and dashboarding
- Splunk is a costly software however ROI on our engineering and operations is huge.
- Negative could only be its high licensing costs. It might not be a viable option for all companies.
We've tried the rest and now we're back on Splunk!
- Dashboarding allows us to immediately get value without having to have a query to find things in logs.
- Allows us to troubleshoot bugs faster.
- Having everyone have access to certain indexes is less of a headache for it to manage.
- The impact was tremendous in terms of dollar values. The real-time alerts generated helped salvage many business transactions which would have been a nightmare to deal with later.
- Legacy reporting systems were decommissioned and reporting moved to Splunk which helped in saving maintenance costs.
- The upfront expenditure is Splunk but whether that can be considered negative depends on the organization.
- Splunk has allowed us to reduce losses via fraud. We have actually be able to monetize how much money it has saved us. This alone has allowed the tool to pay for itself.
- Splunk provides key machine data easily. This data is used for all sorts of processes throughout the company and is very valuable to other systems/departments.
- Splunk has allowed us to closely monitoring and catch items before they impact our large customer facing applications. It is hard to quantify, but this has saved us money by keeping more customers happy.
Splunk it!
- The intrusion detection with the real-time alert has been a huge positive impact.
- Log search has helped us in tracking certain internal issues.
- Dashboards for quick glance to show the upper management has saved us time on explaining where more protection is needed.
Splunk is a great tool for helping make sense of logs
- Awesome ROI for me. Again, while I don't use the software daily, when I do use it, it beats the pants off manually searching logs.
- Allows me to provision less storage for logs on my servers, as I can have Splunk ingest and then archive/remove logs from those servers.
Splunk Enterprise Review
- We make each user group pay for the data that their systems index. We have not had any negative reactions indicating that the tool doesn't meet their needs
Proactive log monitoring with Splunk Light
- Helped us be more proactive about issues
- Helped us understand our system usage
- Helped us invest in areas we previously did not think of
Splunk Review
- Saves on the engineering cost of building an inhouse logging system
My Dive into using Splunk
- Splunk has allowed developers to diagnose production issues when access of control was taken away from them to be allowed to view items in production environments and I believe that is invaluable.
- At times some developers weren't super happy about using it, but it was more of the fact that they were used to having production access and not creating their splunk queries to get information.
- Going one place to view logs was very beneficial to have.
Splunk will make your job easier!!
- By going with Splunk we have reduced our overall costs on security without sacrificing and functionality.
- The return on this investment has paid for itself with the ability to customize reporting.
- Support for security has been reduced by having more people able to monitor systems without dedicating their full time to one task.
Splunk for new users
- I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
- Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
- Splunk is very easy to learn and very useful to any program or business application.
Splunk in a production environment is a must-have today
- Avoidance of risks in the production line is hard to translate to money. But the department managers know that this tool helps to mitigate risks. And the team grows.
- After several Proof of Concept mini-projects, Splunk was finally approved as a regular company application: We are now able to link it to live data, not only to use logs. The data science team has grown to four people and we are ready to move from incident localization and fixing to process optimization, proactive monitoring and alerting, finding trends and relationships (what precedes what).
- Overall very positive. It has provided visibility to what is going on within our network.
- One drawback is the time it takes to get up to speed with the application, but this is up to the user, and Splunk education is excellent.
- In my field, IT Security, there are few other friends to have in your back pocket better than Splunk. They are just that good.
Splunk Implementor review
- We implement Splunk for a living.
Got Splunk?
- Improved troubleshooting of the software suite
- Increased visibility into the network logs
Splunk running strong
- Faster trouble shooting times in production.
- Instant reporting of environmental status.
- Granular data metrics.
If you must analyze a ton of data then Splunk is your solution.
- I'm not a data analyst so I can not provide concrete examples on how the business has benefited from implementing Splunk. However, the analysts I have worked with have provided a wealth of support in reducing workstation issues across the enterprise. This alone reduces the time it takes to determine where the exact problem lies between a workstation and the servers it tries to communicate with.
Powerful tool with a big learning curve
- Makes IR (Incident Response) easier
- Empowers users to view their data differently
From a student's heart
- Analytics in no time
- Great decisions
- Problem solving skills