Splunk Enterprise
October 24, 2025
Splunk Enterprise
Score 8 out of 10
Vetted Review
Verified User
Software Version
Splunk Light (legacy)
Overall Satisfaction with Splunk Enterprise
Splunk Engerprise is used to collect various security logs but for our organization we usually send account login information to Splunk Enterprise to gather analytics of how many people logged in, unsuccessful logins, and also account logouts. Daily reports are generated and are presented at our daily team meetings for management.
Pros
- Splunk Enterprise is able to store large amounts of logs
- Splunk Enterprise able to search efficiently through it's log database
- Splunk Enterprise is able to create reports of user lockouts
Cons
- Splunk Enterprise does not integrate well will all vendors
- Splunk Enterprise's virtual machine option has log limitations
- Splunk Enterprise could offer better connectivity with the cloud
- Splunk Enterprise can generate a user lockout report of thousands
- Splunk Enterprise can correlate account lockouts with password spray attacks
- Splunk Enterprise can detect compromise in an account
Splunk Enterprise stacks similarly to IBM's qradar and outperforms both Palo Alto's Panorama and Cisco's Secure Firewall Management Center in regards to storing large amounts of logs and the ability for quick searches. Splunk Enterprise handles queries of data effectively and quicklyand can correlate between security events and can integrate with security tools like Shodan and WhoAmI to identify threats.
Do you think Splunk Enterprise delivers good value for the price?
Yes
Are you happy with Splunk Enterprise's feature set?
Yes
Did Splunk Enterprise live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise go as expected?
Yes
Would you buy Splunk Enterprise again?
Yes
Comments
Please log in to join the conversation