TrustRadius
Splunk Light is the lightweight log search and analysis tool for small IT environments.https://media.trustradius.com/product-logos/kr/EJ/MUMQZL73E9LM.pngSplunk Light: A great log management solution for small installations.We installed Splunk Light to get our feet wet with centralized log management. The primary use was in our network and security department. Splunk Light allowed us to quickly and easily search across all of our device logs, as well as gave us the ability to correlate log entries between machines. It also helped us satisfy our compliance requirements for logging.,Monitoring and Alerting: Creating custom actions based on log entries was the largest unexpected bonus for us. While we had other software configured to do this job Splunk was easy to implement and could be managed by a larger number of our team members. Cross-Device Analysis: Seeing data from all of your devices in one location makes following event chains much easier. Vendor Specific Add-ons: There is a large library of vendor-specific add-ons for the software allowing for automatic formatting and action for certain types of logs, greatly reducing the man-hours required to get started.,Splunk Light doesn't include the ability to create data models or tables without paying for a large upgrade. This is a rather basic feature, I wish it had been included. High Availability is another basic feature that is excluded, greatly limiting Splunk Light's usefulness.,6,Splunk Light allowed us to get started in the SIEM world. It allowed us to get a feel for what features we need and don't need. Splunk Light made diagnosing the root cause of errors easier, as it was simple to correlate logs from multiple sources.,FortiSIEM, Elasticsearch, Logstash and LogglySplunk Light is a great starting point to event log indexing and repositoryCurrently we use it for compliance purposes. As per the policy we are required to maintain a record of authentication, authorization, and other security and audit logs surrounding the scope of the compliance. We are currently using Splunk Light to meet these compliance needs. Our auditor has been very pleased with the results of the reports we were able to generate using Splunk Light. We also use it to proactively fix issues that arise like locked AD, RSA, and other accounts that are being monitored.,Indexing Logs Powerful Searching features Alerting us of very detailed alerts Custom indexing options,Splunk Light does not scale very well Need to purchase Splunk Enterprise if you ever wish to use 3rd-party applications Very Basic. I wish Splunk Light came with a bit more capabilities out of the box,8,Splunk Light has had a positive impact on our overall business objective of having a central log repository. Splunk Light is able to help us hunt down the reasons for account lock outs and has thus had a positive impact on time to resolution of helpdesk issues. Splunk Light had a positive impact on reporting and showing our auditor specific events he was looking for.,,Darktrace, Rapid7 Nexpose, Microsoft System Center Configuration ManagerProactive log monitoring with Splunk LightSplunk Light is used by the engineering team. The main use case it targets - is proactive log monitoring. We wanted to integrate a system, which does log monitoring(application + system logs) and send us alerts if the system identifies errors or warning. Additionally, the solution needed to be HIPAA compliant. So instead of Splunk Enterprise or Splunk Cloud, we ended up choosing Splunk Light, as we can manage the infra on our own.,Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data. Dashboards provide insights into historical data Love how Splunk indexes all of the data and provides keys to search on,Splunk light limits number of users to 5. Wish there was a flexible license, where one could add more users. Splunk light does not let you add > few realtime alerts. Wish there was a flexible license, where one could add as many realtime alerts as wanted. Better insight into daily ingestion values,8,Helped us be more proactive about issues Helped us understand our system usage Helped us invest in areas we previously did not think of,ELK Stack and New Relic APM,JIRA Software, Slack, TrelloSplunk it!We have used splunk light in the past for log analysis of Cisco routers, firewalls and switches to determine path issues. This was mainly used within the network infrastructure group. The alerting was the main benefit when trying to determine intruder detection and the path the intruder was trying to take.,Though it was a little hard at first, creating the dashboards from the raw data became the big benefit. Setup of alerts was, again a little confusing but over time with the real time alert became useful. The building of dashboards for the security team for tracking intruders.,The big one is writing the dashboards based off the raw data.,6,The intrusion detection with the real-time alert has been a huge positive impact. Log search has helped us in tracking certain internal issues. Dashboards for quick glance to show the upper management has saved us time on explaining where more protection is needed.,Cisco Sourcefire SNORT, NetScout nGeniusONE, WhatsUp Gold and Cisco IPS Sensor,WhatsUp Gold, Cisco Sourcefire SNORT, NetScout nGeniusONE
Unspecified
Splunk Light
16 Ratings
Score 7.5 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Splunk Light Reviews

Splunk Light
16 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.5 out of 101
Show Filters 
Hide Filters 
Filter 16 vetted Splunk Light reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-4 of 4)

  Vendors can't alter or remove reviews. Here's why.
No photo available
March 15, 2019

Review: "Splunk Light: A great log management solution for small installations."

Score 6 out of 10
Vetted Review
Verified User
Review Source
We installed Splunk Light to get our feet wet with centralized log management. The primary use was in our network and security department. Splunk Light allowed us to quickly and easily search across all of our device logs, as well as gave us the ability to correlate log entries between machines. It also helped us satisfy our compliance requirements for logging.
  • Monitoring and Alerting: Creating custom actions based on log entries was the largest unexpected bonus for us. While we had other software configured to do this job Splunk was easy to implement and could be managed by a larger number of our team members.
  • Cross-Device Analysis: Seeing data from all of your devices in one location makes following event chains much easier.
  • Vendor Specific Add-ons: There is a large library of vendor-specific add-ons for the software allowing for automatic formatting and action for certain types of logs, greatly reducing the man-hours required to get started.
  • Splunk Light doesn't include the ability to create data models or tables without paying for a large upgrade. This is a rather basic feature, I wish it had been included.
  • High Availability is another basic feature that is excluded, greatly limiting Splunk Light's usefulness.
Splunk Light is highly useful for smaller companies without regulatory requirements for logging of data. It has all of the main features required for basic troubleshooting and log retention for internal use. Splunk Light is not a good fit for large deployments as it's not capable of high availability, data modeling, SSO, or clustering will cause issues.
Read this authenticated review
Brandon Holbrook profile photo
December 17, 2018

Review: "Splunk Light is a great starting point to event log indexing and repository"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Currently we use it for compliance purposes. As per the policy we are required to maintain a record of authentication, authorization, and other security and audit logs surrounding the scope of the compliance. We are currently using Splunk Light to meet these compliance needs. Our auditor has been very pleased with the results of the reports we were able to generate using Splunk Light. We also use it to proactively fix issues that arise like locked AD, RSA, and other accounts that are being monitored.
  • Indexing Logs
  • Powerful Searching features
  • Alerting us of very detailed alerts
  • Custom indexing options
  • Splunk Light does not scale very well
  • Need to purchase Splunk Enterprise if you ever wish to use 3rd-party applications
  • Very Basic. I wish Splunk Light came with a bit more capabilities out of the box
Splunk Light is well suited to check off a compliance box for a central log repository and or basic searching of those logs and basic alerting of events you want to monitor. Splunk Light has helped us be proactive with locked accounts. Most of the time our users don't even know they are locked out when we call them to fix the problem.
Read Brandon Holbrook's full review
Pooja Gada profile photo
March 02, 2018

Review: "Proactive log monitoring with Splunk Light"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Splunk Light is used by the engineering team. The main use case it targets - is proactive log monitoring. We wanted to integrate a system, which does log monitoring(application + system logs) and send us alerts if the system identifies errors or warning. Additionally, the solution needed to be HIPAA compliant. So instead of Splunk Enterprise or Splunk Cloud, we ended up choosing Splunk Light, as we can manage the infra on our own.
  • Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs
  • Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data.
  • Dashboards provide insights into historical data
  • Love how Splunk indexes all of the data and provides keys to search on
  • Splunk light limits number of users to 5. Wish there was a flexible license, where one could add more users.
  • Splunk light does not let you add > few realtime alerts. Wish there was a flexible license, where one could add as many realtime alerts as wanted.
  • Better insight into daily ingestion values
Splunk light is awesome for anyone wanting to do proactive monitoring. It is also really well suited for insights into data with dashboards. Splunk light might not be a great choice if you do not want to manage the infrastructure on your own.
Read Pooja Gada's full review
No photo available
April 10, 2018

Splunk Light Review: "Splunk it!"

Score 6 out of 10
Vetted Review
Verified User
Review Source
We have used splunk light in the past for log analysis of Cisco routers, firewalls and switches to determine path issues. This was mainly used within the network infrastructure group. The alerting was the main benefit when trying to determine intruder detection and the path the intruder was trying to take.
  • Though it was a little hard at first, creating the dashboards from the raw data became the big benefit.
  • Setup of alerts was, again a little confusing but over time with the real time alert became useful.
  • The building of dashboards for the security team for tracking intruders.
  • The big one is writing the dashboards based off the raw data.
The path detection was very useful when an intruder tried to break in our firewalls. Being PCI compliant, a breach within our PCI environment would be dangerous to our customers as well as our day to day business. The real time alert allowed us to monitor and prevent intrusion on the fly.
Read this authenticated review

Splunk Light Scorecard Summary

About Splunk Light

Splunk Light is the lightweight log search and analysis tool for small IT environments.
Categories:  Log Management

Splunk Light Technical Details

Operating Systems: Unspecified
Mobile Application:No