Skip to main content
TrustRadius
Splunk User Behavior Analytics (UBA)

Splunk User Behavior Analytics (UBA)

Overview

What is Splunk User Behavior Analytics (UBA)?

Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Splunk User Behavior Analytics (UBA)?

Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

28 people also want pricing

Alternatives Pricing

What is ManageEngine ADAudit Plus?

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…

Return to navigation

Product Details

What is Splunk User Behavior Analytics (UBA)?

Splunk UBA provides advanced and insider threat detection using unsupervised machine learning helping organizations find unknown threats and anomalous user behavior across devices and applications. Splunk UBA extends the power of Splunk Enterprise Security — an analytics-driven SIEM — enabling organizations to act on high fidelity threats while optimizing threat detection for targeted incident response.

Splunk User Behavior Analytics (UBA) Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(5)

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why

Must use Splunk UBA to improve security posture

Rating: 10 out of 10
January 14, 2022
Verified User
Vetted Review
Verified User
Splunk User Behavior Analytics (UBA)
4 years of experience
In previous years, we were just relying on correlation rules which were throwing more number of false positive alerts in Splunk and which in turn creates more incidents if any ticketing tool is integrated with Splunk. This was causing more issues while handling high number of incidents with less resources as a part of the team. Aim was to reduce false positive which this product resolved our issue.
  • Capture more number of anomalies.
  • Create real threats.
  • Create only true positive incidents.
Splunk User Behavior Analytics application is necessary when any company wants to capture the threat based on user behavior instead of just counting the number of occurrences of particular event. With Splunk UBA, we can analyse number of anomalies captured and which in turn creating threats which are nearly true positive.
  • Observe more number of anomalies in an organization.
  • Investigate threat created from anomaly.
  • Create nearly true positive incidents.
  • Fewer team members to work on real threats.
  • Less time required to deal with real incidents.
  • Easy to implement across the network.
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.

Great tool for application monitoring

Rating: 9 out of 10
January 18, 2020
Verified User
Vetted Review
Verified User
Splunk User Behavior Analytics (UBA)
1 year of experience
Splunk is used for application monitoring and data analytics purposes in our organization. It's being used by our department, and we use the Splunk mainly for application monitoring to check for error logs, alerts, and uptime for the application.
  • Monitor and troubleshoot for any system errors.
  • Get the insights on application data sets and do some predictive analysis.
Splunk is well suited for applications with large amounts of data, and large enterprise applications. Especially if the application has interconnected modules, it helps us to analyze and monitor the application greatly.
  • A must-have tool for the enterprise application development.
  • It helps to give predictive analysis on the data, and in turn, helps to drive business decisions.
Splunk UBA is a great debugging tool, and it helps me analyze the application logs and get a better idea about the problem. It also helps in analyzing the user behavior in a nutshell over the entire application.
Return to navigation