Very Good
February 19, 2026

Very Good

Damanpreet Singh | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Software Version

Splunk Light (legacy)

Overall Satisfaction with Splunk Enterprise

I use Splunk Enterprise to monitor logs from our servers and also application logs. We monitors those logs to keep a check on the server and application health (e.g., create an email alert if CPU usage is more than the threshold defined). Also, we have built many custom dashboards to display the keys metrics for applications/infrastructure.

Pros

  • collecting logs from servers
  • parsing machine logs very well
  • Build custom dashboards with visualizations

Cons

  • Support for third-party visualizations in dashboard studio.
  • More AI features in Enterprise version
  • More robust parsing for nested json data
  • improved the monitoring process
  • Custom dashboard provides solution to apply specific company logics
  • Faster threat detection
It is pretty much useful for logs parsing and writing custom logics in SPL. Once you know how to leverage SPL, then you can pretty much deep dive into the data for various purposes like anomaly detection, measuring the key performance indicators for infrastructure components, applications, and pretty much anything you can imagine with your data.

Do you think Splunk Enterprise delivers good value for the price?

Yes

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise go as expected?

Yes

Would you buy Splunk Enterprise again?

Yes

For machine/server logs, Splunk Enterprise is probably the best solution available out there in the market. It has pretty solid logs parsing capabilities. The thing is to use it as a monitoring tool and not as a data lake (to archive huge amounts of data for long periods). The custom dashboards support is also pretty solid.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
9.3
Centralized event and log data collection
9
Correlation
9
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
10
Host and network-based intrusion detection
10
Log retention
8
Data integration/API management
9
Behavioral analytics and baselining
Not Rated
Rules-based and algorithmic detection thresholds
10
Response orchestration and automation
Not Rated
Reporting and compliance management
10
Incident indexing/searching
9

Comments

More Reviews of Splunk Enterprise

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise