An analytic-driven SIEM solution, great tool for SIEM, safe & secured.
February 16, 2022

An analytic-driven SIEM solution, great tool for SIEM, safe & secured.

Vedant Gupta | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Splunk Enterprise Security enables us to search, analyze, and visualize the data gathered from the components of your IT infrastructure or business. it's a very effective log analyzer and the part I love most is the infrastructure monitoring. this product is highly promising for the future and extremely helpful for professionals.

Pros

  • A very effective log analyzer and the part I love most is the infrastructure monitoring.
  • Splunk provides a very flexible solution for helping you gather huge amount of data.
  • Data retrieval and visualisation is nice and easy.

Cons

  • spluk is used for datamining, particularly bad password attempts.
  • Splunk is widely used for the manipulation of data and we encounter the use of this tool almost twice a week.
  • Splunk security has been extremely helpful in maintaining important documents safe.
  • Even though it's the most used tool especially in business works and similar to that.
Everything has its pros and cons, Splunk being the growing product is very helpful. Some drawbacks need to get improved in future which will make it more flexible and stable in the market.
Splunk offers centralized visibility across cloud, hybrid, and on-premises environments, which is absent in the case of Loggly. Splunk also offers robust and comprehensive features with advanced capabilities

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

No

Did implementation of Splunk Enterprise Security (ES) go as expected?

No

Would you buy Splunk Enterprise Security (ES) again?

Yes

We've used the software to detect layer 7 attacks, unearth issues we didn't realize were happening, and give us end-to-end insight into our stack.

Splunk Enterprise Security (ES) Feature Ratings

Centralized event and log data collection
7
Correlation
6
Event and log normalization/management
7
Deployment flexibility
7
Integration with Identity and Access Management Tools
5
Custom dashboards and workspaces
8
Host and network-based intrusion detection
8
Log retention
6
Data integration/API management
7
Behavioral analytics and baselining
6
Rules-based and algorithmic detection thresholds
7
Response orchestration and automation
8
Reporting and compliance management
7
Incident indexing/searching
7

Comments

More Reviews of Splunk Enterprise Security (ES)