ES is a Magical Tool
February 22, 2022
ES is a Magical Tool
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
In our company we use it as a SIEM tool for security use cases, for example, we have one notable called short live account detection which will tell us if someone created an account and delete that in a short time span. Like this, we have many use cases based on firewall logs IPs/IDs, and much more
- Notables
- Readily available correlation searches
- The latest introduced feature risk score to notables that's cool
- I think on the incident review page analysts should be able to get website links like to check vulnerability virus total like this
- Actions on notable there should be some simple ways to add scripted actions may be
- May be more use cases can be added
- Easy to detect actionables
- Easy to respond to notables
- Take Less time for investigation
I have not used any tool other than Splunk to date. So can't say but I find Splunk is useful, not sure about the other tools yet. But would say I don't think that other tools will have this much simplicity versatility as Splunk and Splunk is. So I will say Splunk is the best
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes