1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security (ES) Reviews
  4. User Review of Splunk Enterprise Security (ES)
Splunk for the win.
Updated May 31, 2022

Splunk for the win.

Jorge Ortega | TrustRadius Reviewer
Score 1 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We implemented Splunk Enterprise to monitor our network and employee users. We use Splunk to be on top of cyber security, which lets me monitor our firewall and any suspicious activity employees do. It alerts me when a user gets locked out or if a user is taking privileged actions, It also lets me know who is trying to access our network from the outside world.
  • Monitoring Users.
  • Monitoring firewalls and switches.
  • Alerting on specific activities.
  • Smaller learning curve.
  • Additional apps.
  • More informational help.
  • CIP compliance.
  • Faster intrusion detection.
  • Intrusion prevention.
Splunk has a huge window for ingestion of data of the various amounts of products. It would be nice more companies would make their own custom app without integrating with Splunk for the less experienced person to ingest data into Splunk. Trying to make your own dashboard or add-on has a big learning curve.
  • SolarWinds Security Event Manager (SEM)

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Not sure

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

No

Did implementation of Splunk Enterprise Security (ES) go as expected?

No

Would you buy Splunk Enterprise Security (ES) again?

Yes

SolarWinds Security Event Manager (SEM), SolarWinds Kiwi Syslog Server
Splunk Enterprise is less suited for businesses with fewer employees or where cybersecurity is not a big factor for them. It is well suited for mid-sized businesses to keep on top of everything that's going on within the business. It Alerts me when an employee gets locked out and alerts me when an external IP address is trying to access our firewall.

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)
7.9
Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
9
Deployment flexibility
5
Integration with Identity and Access Management Tools
5
Custom dashboards and workspaces
4
Host and network-based intrusion detection
10
Log retention
8
Data integration/API management
8
Behavioral analytics and baselining
6
Rules-based and algorithmic detection thresholds
7
Response orchestration and automation
9
Reporting and compliance management
10
Incident indexing/searching
10

Splunk Enterprise Security (ES) Support

I tried contacting support several times and they were not helpful.
ProsCons
No escalation required
Slow Resolution
Poor followup
Difficult to get immediate help
Need to explain problems multiple times
Slow Initial Response
Haven't