Splunk Enterprise Security is the best security we can get for our working network
February 26, 2022
Splunk Enterprise Security is the best security we can get for our working network
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
I have been using Splunk Enterprise Security for the last year, and it helps me to analyze security-related aspects that I encountered from my organization of users. I used Splunk Enterprise Security for creating use-cases from the data I am onboarding. The dashboards help me to identify various threats and anomalies generated in my working environment among users, the data models, and the CIM mapping with various data indexes of Authentication, Endpoint, Email, Intrusion, and Detection data helps to monitor and analyze the problems more effectively.
Pros
- We can create security use-cases to monitor the organization users record
- Dashboards are widely used to analyze threats and anomalies
- Data models which were used helps to find proper insights of the data
Cons
- Splunk Enterprise Security can be merged with getting users related insights just like UBA
- User Behaviour Analysis is the key factor in any organization to keep track of the users' activity is much more needed, and features can be added in Splunk Enterprise Security to get it done quickly
- Splunk Enterprise Security can be documented more effectively to get it to understand more easily if any new users try to learn Splunk Enterprise Security for the first time
- As compared to tradition, Splunk Enterprise Security has overall more licensing costs appeared
- The Business has led to high availability and more profit when Splunk Enterprise Security comes into the picture
- The query searching is fast; data model mapping helps to consume less time, and effective searching of queries
Splunk Enterprise Security has effectively helped to manage the goals in many ways. It could be an effective analysis of logs monitoring. Searching is easier when data is mapped to the data model in Splunk Enterprise Security. Correlation searches make things easier and faster as compared to other SIEM tools. And dashboards are like the cherry on the cake for Splunk Enterprise Security searching, monitoring for the results we encounter from it.
As Sumo Logic and QRadar are the same SIEM Tool, the reason for selecting Splunk Enterprise Security above those was Splunk Enterprise Security is more handy than these two. The SPL query we write to get more effective results to create Alerts, Reports, and Dashboards are more prominent than the above two. Getting notified in terms of alerts, Splunk Enterprise Security is top-notch.
Do you think Splunk Enterprise Security delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security's feature set?
Yes
Did Splunk Enterprise Security live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security go as expected?
I wasn't involved with the implementation phase
Would you buy Splunk Enterprise Security again?
Yes
Comments
Please log in to join the conversation