Splunk Enterprise Review
Updated December 12, 2025

Splunk Enterprise Review

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

Splunk Light (legacy)

Overall Satisfaction with Splunk Enterprise

Splunk Enterprise is basically used for log management in our organisation. All the unix server,windows server, backups, db and other asset logs are written into Splunk Enterprise. These logs are mostly used for troubleshooting, audit purposes and sometimes to figure out the trend of particular occurance. In one of the case I have seen that feed is sent to Splunk Enterprise and then tickets are being created from that feed, which is one of unique use case I have seen

Pros

  • Log Management
  • Prepare reports for audit
  • trend analysis
  • Troubleshooting
  • Monitoring

Cons

  • Representation of data like different visual
  • Agentless communication.
  • Direct connection to database and pull the feed
  • More features in interface
  • Single tool to store all the logs
  • One place to find evidences for audit
  • One place shop for data analytics
I worked in multiple financial institutions where Splunk Enterprise is used in large scale. I see it's impact on our day to day task and use everywhere. It's one stop shop for various purposes and Multiple and unique use cases make me give this rating to Splunk Enterprise. I would recommend this to other organisations also
Splunk features of storing data and ingestion of logs , indexing of data , data analytics make is superior to other tools.
Definately there is more improvement requirement in terms of visualisation of data but one stop for all features make splunk better than various other tools.
And support provided by organisation is of great help.

Do you think Splunk Enterprise delivers good value for the price?

Yes

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Splunk Enterprise go as expected?

Yes

Would you buy Splunk Enterprise again?

Yes

In log management i have experienced that Splunk Enterprise is very very useful. Most of auditors are relying on Splunk Enterprise for various evidences Based upon market trends and increasing popularity of Splunk Enterprise in financial institutions it is very good tool for log Management, troubleshooting, data analytics and trend to create various reports.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
8.6
Centralized event and log data collection
8
Correlation
9
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
9
Host and network-based intrusion detection
9
Log retention
9
Data integration/API management
9
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
7
Reporting and compliance management
8
Incident indexing/searching
8

Using Splunk Enterprise

10000 - Bellow are the business function who use splunk in there day to day activity by providing various analytic reports and dashboards which helps them in making the decision regarding there activity, task or anything.
More and more functions are getting onboard now
Infrastructure and hosting
Group finance
Private banking
Investment banking
Wealth management
Asset management
50 - People having splunk adminstrative skills who can manage splunk and engineers having knowledge on how to build dashboards and analytics are mainly part of organisation as we are using saas model of splunk
Few people help teams to onboard on splunk. There are few people in each team to install splunk forwarder manually on all the hosts.
  • Log analysis
  • Audit
  • Reports
  • Integration with service now
  • Integration with some internal tools
  • May be integration with audit tools and reports are directly integrated with internal audit tools

Evaluating Splunk Enterprise and Competitors

Not Sure
  • Cloud Solutions
  • Scalability
  • Integration with Other Systems
Integration with other tools is the decision making factor as our organisation has already built multiple internal tools and wish to integrate them into splunk for ease of work.
We are already able to integrate splunk with most of the in house built tools which is helping the engineers to perform there duties
We can look for cost in coming selection process as licence cost is increasing day by day and is making main pain point in the organisation right now.
Due to cost we have limited licence with us which is delaying the onboarding of many teams to splunk therefore cost is only factor point for the future

Splunk Enterprise Support

Our central splunk team used to contact the splunk support team for few queries or issues or enhancement request.
We get the positive response from the support team most of the time

But there are instances when we got the mixed response and our business teams were not happy with the resolution provided
ProsCons
Quick Resolution
Knowledgeable team
None
I was not involved in this process so can't comment more on this

Using Splunk Enterprise

ProsCons
Like to use
Easy to use
Quick to learn
Unnecessarily complex
Inconsistent
Cumbersome
Lots to learn
  • Log Management
  • Indexing
  • Dashboards
  • Installation of splunk forwarder on each host manually

Comments

More Reviews of Splunk Enterprise

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise