Won't you take me to Splunkytown
February 29, 2020

Won't you take me to Splunkytown

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise

We're using Splunk Enterprise to assist us with IT Operations and IT Security. We came to look at Splunk because when I entered the company I found over 500 devices with no centralized logging in any way, no ability to pinpoint problems across the whole organization whether historic or predictable and things like this. Splunk is helping us deliver a predictable, robust operation of our infrastructure instead of reacting to problems and working to find just what was affected and when.

We believe we can apply Splunk to other data, in time, specifically aiding the company with analyzing financial information, but this is not yet an active project.

Pros

  • Fast, efficient
  • Solid community of experts and training materials
  • Ingests data from many sources, with a large number of partner relationships

Cons

  • There is a high learning curve. If you go to a Splunk demo or class, get inspired, then install it yourself, you'll have no idea what you're meant to do. It's not intuitive to the first-time user in any way.
  • Pricing can be confusing. People ask how much data you want to ingest, and you don't know until after you've been using Splunk. It's not easy to sign up and start without guesswork.
  • I found online help pages are broken or out-of-date, or incomplete. e.g. pages on setting up the Java-based SQL Server driver don't even tell you where to download it or where to install it.
  • Ability to proactively deal with security threats before they become a problem.
  • Able to identify everything affected right away when a problem occurs.
  • Able to drill into problems, including historic problems, and work out the root causes.
  • No negative impacts.
We found the Splunk support team were experts and friendly, though the online documentation could stand to be reviewed and broken links, etc., fixed.

Do you think Splunk Enterprise delivers good value for the price?

Yes

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise go as expected?

No

Would you buy Splunk Enterprise again?

Yes

Splunk Enterprise is well-suited for any requirement to aggregate vast sums of data, no matter how structured or unstructured, and search across it all at speed, or report on it with visualizations, etc.

It's not suited for scenarios where you want to report on a single set of data, say, in a traditional way, for example, a typical scheduled report out of a finance system.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
8.9
Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
8
Host and network-based intrusion detection
9

Comments

More Reviews of Splunk Enterprise

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise