Skip to main content
TrustRadius
Splunk User Behavior Analytics (UBA)

Splunk User Behavior Analytics (UBA)

Overview

What is Splunk User Behavior Analytics (UBA)?

Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Splunk User Behavior Analytics (UBA)?

Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

27 people also want pricing

Alternatives Pricing

What is Teramind?

Teramind helps organizations track user behaviors to detect insider threats and prevent data leaks. The software lets users monitor and record the activities of employees, remote users, external contractors both onsite and offsite in real-time. Teramind’s monitoring features can track…

Return to navigation

Product Details

What is Splunk User Behavior Analytics (UBA)?

Splunk UBA provides advanced and insider threat detection using unsupervised machine learning helping organizations find unknown threats and anomalous user behavior across devices and applications. Splunk UBA extends the power of Splunk Enterprise Security — an analytics-driven SIEM — enabling organizations to act on high fidelity threats while optimizing threat detection for targeted incident response.

Splunk User Behavior Analytics (UBA) Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(6)

Attribute Ratings

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
In previous years, we were just relying on correlation rules which were throwing more number of false positive alerts in Splunk and which in turn creates more incidents if any ticketing tool is integrated with Splunk. This was causing more issues while handling high number of incidents with less resources as a part of the team. Aim was to reduce false positive which this product resolved our issue.
  • Capture more number of anomalies.
  • Create real threats.
  • Create only true positive incidents.
Splunk User Behavior Analytics application is necessary when any company wants to capture the threat based on user behavior instead of just counting the number of occurrences of particular event. With Splunk UBA, we can analyse number of anomalies captured and which in turn creating threats which are nearly true positive.
  • Observe more number of anomalies in an organization.
  • Investigate threat created from anomaly.
  • Create nearly true positive incidents.
  • Fewer team members to work on real threats.
  • Less time required to deal with real incidents.
  • Easy to implement across the network.
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Splunk is used for application monitoring and data analytics purposes in our organization. It's being used by our department, and we use the Splunk mainly for application monitoring to check for error logs, alerts, and uptime for the application.
  • Monitor and troubleshoot for any system errors.
  • Get the insights on application data sets and do some predictive analysis.
  • Performance-wise, it can be improved. Queries take a long time.
  • Dataset exploration - More data visualization charts can be added.
Splunk is well suited for applications with large amounts of data, and large enterprise applications. Especially if the application has interconnected modules, it helps us to analyze and monitor the application greatly.
  • A must-have tool for the enterprise application development.
  • It helps to give predictive analysis on the data, and in turn, helps to drive business decisions.
Splunk UBA is a great debugging tool, and it helps me analyze the application logs and get a better idea about the problem. It also helps in analyzing the user behavior in a nutshell over the entire application.
Return to navigation