1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise
Splunk enterprise stable solution
January 05, 2024

Splunk enterprise stable solution

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Software Version

Other

Overall Satisfaction with Splunk Enterprise

Splunk Enterprise is used in the company by the IT department. Mainly to monitor security events on process-relevant systems where the degree of security must be as high as possible. Monitoring and rapid response helps reduce downtime of vital systems.
  • Ingest data and present it in a easy to read and process format
  • Correlation
  • Analysis and presentation of data
  • Ease of operation and maintenance compared to other solutions of its kind
  • Easier to implement and maintain than other solutions
  • It would be useful to have more standardization of some of the information stored
  • An expensive solution
  • Documentation could be more accurate and up-to-date
  • Improve safety
  • Centralized repository
  • Improve reliability

Do you think Splunk Enterprise delivers good value for the price?

Not sure

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise go as expected?

Yes

Would you buy Splunk Enterprise again?

Yes

It will be suitable for large organizations. Easier to train users and scales well. Unfortunately, it will be too expensive for small businesses and enterprises.It is a consistent solution. By combining multiple tools from the same company, you can get a stable environment.My experience shows that it is not the most flexible solution on the market. Before selecting a SIEM solution, gather requirements and choose a solution according to your needs. If your organization has standard needs, Splunk will not be a bad choice.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
7.6
Centralized event and log data collection
6
Correlation
8
Event and log normalization/management
8
Deployment flexibility
6
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
9
Host and network-based intrusion detection
7
Log retention
9
Data integration/API management
7
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
7
Reporting and compliance management
8
Incident indexing/searching
8

Splunk Enterprise Training

  • Online Training
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.