Overall Satisfaction with Splunk Enterprise Security (ES)
We had a requirement where we needed to collect log reports from multiple servers and the data velocity was huge (Big Data), Splunk assisted us in collecting logs from numerous sources and alerting us when any threats are detected in the logs. We can produce bespoke reports and extract real-time logs much more quickly now. We can actively do threat intelligence and analysis with Splunk Enterprise Security, and the results are presented in an easy-to-understand format. It's a fantastic SIEM solution, and its ability to integrate with practically any network and security device sets it apart from the competition. It aids in the capture of real-time data, security operations, data indexing, and the generation of graphical dashboards using visualizations.
- Threat detection
- Collecting log reports from multiple sources
- Best for Big data architecture
- Pricing is too expensive as there are some open source ELK stack
- It was a bit tricky to configure the tool for multiple sources
- Require documentation regarding the licensing which describes for which business requirement it is best suited
- Although it's expensive but it's worth it, so it has a good ROI
- Faster responses to the threats as the detection is instant.
- Operating cost is minimal.
We have deployed this tool in our cloud with multiple instances. The best part is we can also monitor the logs and check the uptime and downtime of all the servers. The initial setup was very complicated but we resolved it with the help of documentation, it was quite challenging.
Splunk performed great in terms of handling data capacity as compared to its competitors. The indexing and querying are quite faster. We can completely rely on Splunk when it comes to threat detection and log reporting. Although it is a bit expensive in terms of licensing it is a suitable tool for big data architecture.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Did implementation of Splunk Enterprise Security (ES) go as expected?
Would you buy Splunk Enterprise Security (ES) again?
This is a quite powerful SIEM tool and it works seamlessly on Big Data architecture. If the volume of the data is quite high and if there are multiple sources then we can integrate this tool to analyze the threat and log reports and server up and downtime. In the end, we can represent these in graphical representation.