Splunk for the win.
Updated May 31, 2022

Splunk for the win.

Jorge Ortega | TrustRadius Reviewer
Score 1 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We implemented Splunk Enterprise to monitor our network and employee users. We use Splunk to be on top of cyber security, which lets me monitor our firewall and any suspicious activity employees do. It alerts me when a user gets locked out or if a user is taking privileged actions, It also lets me know who is trying to access our network from the outside world.

Pros

  • Monitoring Users.
  • Monitoring firewalls and switches.
  • Alerting on specific activities.

Cons

  • Smaller learning curve.
  • Additional apps.
  • More informational help.
  • CIP compliance.
  • Faster intrusion detection.
  • Intrusion prevention.
As an Electric company, we have to comply with some compliance regulations and Splunk has allowed us to achieve that. It has helped us keep an eye on the bigger picture and produces the required documentation to show compliance. Splunk is a great tool after getting over the learning curve.
Splunk has a huge window for ingestion of data of the various amounts of products. It would be nice more companies would make their own custom app without integrating with Splunk for the less experienced person to ingest data into Splunk. Trying to make your own dashboard or add-on has a big learning curve.
  • SolarWinds Security Event Manager (SEM)

Do you think Splunk Enterprise Security delivers good value for the price?

Not sure

Are you happy with Splunk Enterprise Security's feature set?

Yes

Did Splunk Enterprise Security live up to sales and marketing promises?

No

Did implementation of Splunk Enterprise Security go as expected?

No

Would you buy Splunk Enterprise Security again?

Yes

SolarWinds Security Event Manager (SEM), SolarWinds Kiwi Syslog Server
Splunk Enterprise is less suited for businesses with fewer employees or where cybersecurity is not a big factor for them. It is well suited for mid-sized businesses to keep on top of everything that's going on within the business. It Alerts me when an employee gets locked out and alerts me when an external IP address is trying to access our firewall.

Splunk Enterprise Security Feature Ratings

Security Information and Event Management (SIEM)
7.9
Centralized event and log data collection
10
Correlation
9
Event and log normalization/management
9
Deployment flexibility
5
Integration with Identity and Access Management Tools
5
Custom dashboards and workspaces
4
Host and network-based intrusion detection
10
Log retention
8
Data integration/API management
8
Behavioral analytics and baselining
6
Rules-based and algorithmic detection thresholds
7
Response orchestration and automation
9
Reporting and compliance management
10
Incident indexing/searching
10

Splunk Enterprise Security (ES) Support

I tried contacting support several times and they were not helpful.
ProsCons
No escalation required
Slow Resolution
Poor followup
Difficult to get immediate help
Need to explain problems multiple times
Slow Initial Response
Haven't

Comments

More Reviews of Splunk Enterprise Security

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security Reviews
  4. User Review of Splunk Enterprise Security