Splunk Enterprise: A powerful, but expensive tool
February 26, 2020
Splunk Enterprise: A powerful, but expensive tool
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise
Splunk Enterprise is used as a repository for all our server and network infrastructure logs. This allows us to go to one place to review logs and potentially find a relationship between different systems with specific issues. For example, seeing failed login attempts to our switches and learning that a server was using old credentials.
- Robust collection of plugins to support specific applications
- Relatively easy to use
- Strong and helpful support
- Difficult to master
- Can be very complicated to implement into an environment
- Very expensive
- Great for the smaller teams as one individual can easily find issues across multiple systems from one location.
- The amount of time and manpower saved may not be enough to make up for the overall cost of Splunk Enterprise.
- Less time required trying to locate specific issues from logs.
The Solarwinds SIEM solutions are much more bare-bones and don't offer as many features as Splunk Enterprise. Still, they are also infinitely more affordable and provide precisely what's required for small to medium environments. Implementation is straight forward even for larger environments, and technical support is decent if issues. Overall it comes down to price. For an organization of 100 people, it's hard to recommend Splunk Enterprise when they can use a Solarwinds solution that falls under budget.
Do you think Splunk Enterprise delivers good value for the price?
Yes
Are you happy with Splunk Enterprise's feature set?
Yes
Did Splunk Enterprise live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise go as expected?
Yes
Would you buy Splunk Enterprise again?
Yes