Splunk for the win.
Updated May 31, 2022

Splunk for the win.

Jorge Ortega | TrustRadius Reviewer
Score 1 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We implemented Splunk Enterprise to monitor our network and employee users. We use Splunk to be on top of cyber security, which lets me monitor our firewall and any suspicious activity employees do. It alerts me when a user gets locked out or if a user is taking privileged actions, It also lets me know who is trying to access our network from the outside world.
  • Monitoring Users.
  • Monitoring firewalls and switches.
  • Alerting on specific activities.
  • Smaller learning curve.
  • Additional apps.
  • More informational help.
  • CIP compliance.
  • Faster intrusion detection.
  • Intrusion prevention.
Splunk has a huge window for ingestion of data of the various amounts of products. It would be nice more companies would make their own custom app without integrating with Splunk for the less experienced person to ingest data into Splunk. Trying to make your own dashboard or add-on has a big learning curve.
  • SolarWinds Security Event Manager (SEM)

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Not sure

Are you happy with Splunk Enterprise Security (ES)'s feature set?


Did Splunk Enterprise Security (ES) live up to sales and marketing promises?


Did implementation of Splunk Enterprise Security (ES) go as expected?


Would you buy Splunk Enterprise Security (ES) again?


SolarWinds Security Event Manager (SEM), SolarWinds Kiwi Syslog Server
Splunk Enterprise is less suited for businesses with fewer employees or where cybersecurity is not a big factor for them. It is well suited for mid-sized businesses to keep on top of everything that's going on within the business. It Alerts me when an employee gets locked out and alerts me when an external IP address is trying to access our firewall.

Splunk Enterprise Security (ES) Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Custom dashboards and workspaces
Host and network-based intrusion detection
Log retention
Data integration/API management
Behavioral analytics and baselining
Rules-based and algorithmic detection thresholds
Response orchestration and automation
Reporting and compliance management
Incident indexing/searching

Splunk Enterprise Security (ES) Support

I tried contacting support several times and they were not helpful.
No escalation required
Slow Resolution
Poor followup
Difficult to get immediate help
Need to explain problems multiple times
Slow Initial Response