Splunk - versatile tool for log ingestion.
Updated December 11, 2025

Splunk - versatile tool for log ingestion.

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Software Version

Splunk Light (legacy)

Overall Satisfaction with Splunk Enterprise

I have used Splunk for log ingestion, indexing, snoop alerting, searching, and troubleshooting production issues. Understand API response times to find bottlenecks and improve performance. It is a great product for tying logs from various microservices, as long as they follow a similar pattern and have a unique ID to tie them together.

Pros

  • Log Indexing.
  • Searching
  • Custom log report/dashboard capability.

Cons

  • Room for improvement in export capability.
  • Better reporting.
  • Splunk metrics via API.
  • Helps in the quick turnaround of production issues.
  • API performance monitoring.
  • Integration with ITSM to ensure processes are working and within the agreed SLA.
Applications and processes I owned were significantly more stable, continuously monitored, and less prone to errors once onboarded in Splunk. Thanks to Snoop Alerting, we were aware of possible outages before they happened.
They do provide an overwhelming level of information, which is hard to use.

Do you think Splunk Enterprise delivers good value for the price?

Yes

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise go as expected?

Yes

Would you buy Splunk Enterprise again?

Yes

Log ingestion, indexing. Much needed while troubleshooting issues. Performance improvements, API throughput monitoring. Continuous monitoring via Splunk snoop alerting. Integration with enterprise ITSM.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
6.4
Centralized event and log data collection
9
Correlation
5
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
6
Host and network-based intrusion detection
5
Log retention
6
Data integration/API management
5
Behavioral analytics and baselining
5
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
5
Reporting and compliance management
5
Incident indexing/searching
8

Using Splunk Enterprise

100 - The infrastructure team and Application development teams have alerting set to proactively respond to possible outages or systemic issues.
  • Log ingestion
  • Snoop alerting
  • real-time issue alerting based on KPIs
  • Integrate it with ITSM to generate an incident based on an alert and notify teams
  • Call via API within app

Evaluating Splunk Enterprise and Competitors

Yes - Dynatrace
  • Scalability
  • Integration with Other Systems
  • Ease of Use
Ease of use and integeration with ITSM
i think we did well the first time

Using Splunk Enterprise

ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • Log ingestion
  • searching
  • Export data
  • systemic integeration using API
Yes, but I don't use it

Comments

More Reviews of Splunk Enterprise

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise