1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security (ES) Reviews
  4. User Review of Splunk Enterprise Security (ES)
SIEM is a word not even used when you realize what Splunk Enterprise Security can do for your Security Teams!
July 18, 2021

SIEM is a word not even used when you realize what Splunk Enterprise Security can do for your Security Teams!

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We use Splunk Enterprise Security as our main log management solution, but it also is being used as a correlation engine and use cases developer. The main scope for the solution is to provide a single pane of glass for the Incident Response Team so they will be able to see correlated events from different sources and will be able to catch and respond to threat events faster!
  • Correlation searches
  • Notable events
  • Security use cases
  • Console administration
  • Log management
  • Integration with more security vendors
  • Less time to remediate for security incidents
  • Reduction of noisy alerts for security teams
  • Integration with many sources to gain visibility

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

This tool is perfect for any Enterprise Level Company that wants to have their Security Monitoring and Response teams focused on the important things by avoiding the need to look for threats on many different security tools at the same time. IT can also be used as a single source for information when an attacker has already taken advantage and your team needs to perform threat hunting activities.

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)
9.6
Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
10
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
9
Host and network-based intrusion detection
9
Log retention
10
Data integration/API management
9
Behavioral analytics and baselining
10
Rules-based and algorithmic detection thresholds
10
Response orchestration and automation
10
Reporting and compliance management
10
Incident indexing/searching
9

Splunk Enterprise Security (ES) Support

They are very responsible and are always willing to help with any questions and concerns as well as with issues. They also provide their knowledge to resolve issues from existing customers that can also affect other clients. I would really recommend that your Professional Services Team get your environment set up and ready.

Using Splunk Enterprise Security (ES)

You definitely need to learn how to use Splunk to get the most of the tool. There are many courses available for free to get up to speed on the usability of the tool but it's not that simple. It will take time to digest all the data and to understand how to query for what you are looking for.