Splunk Review
March 03, 2022

Splunk Review

John Garcia | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Splunk provides us with excellent SIEM and security enhancement with in-depth log analysis that makes it a very well-suited software for our business. For the company, it generated a large volume of records and data from our users, customers, and suppliers. Splunk has become one of the best options since it offers us security analysis and event management in a matter of minutes. Thanks to this SW we monitor all the company's data in real-time.
  • It allows us to stream logs over HTTP/HTTPS. Supports Docker, AWS, Syslog, Heroku, Windows, and Linux logs. We can even create custom parsing rules for a new format
  • It has other features that make it one of the best options. It has a large number of tools, analyzes and indexes all data including machine data, event logs, server logs, and network events
  • We can monitor activity and issues in our facilities so we can see what can be improved and things that need to be removed from the infrastructure to increase performance.
  • Splunk is expensive. For large-scale companies where data is a top priority, it is perfect for adapting to all needs.
  • Spunk has another drawback of providing slower seek speed
  • Regarding the rate of return on investment, I do not know this aspect, if it is true that improving the performance of our data translates into an improvement in the ROI of the company in the medium and long term.
It has a registration model that is powerful and efficient. Splunk presents cloud-based, on-premises, private cloud, and multi-cloud deployment models for its users.

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

For ingesting structured, unstructured, and semi-structured data sets it works great. It allows us to convert the data for different platforms, services, and applications. is not a shipping or records management service; it only serves its collection of data and routing of that to the destination address. There are plugins that we can add to the system to perform another task that may not come in the package. We can create search parameters and apply them without writing a query. We can use them as alerts for updates and notifications. We can monitor our data in real-time without losing valuable information. Splunk helps us catch new bugs so we can remove them faster before they spread. Also, the web user interface is simple and easier to navigate

Splunk Enterprise Security (ES) Feature Ratings

Centralized event and log data collection
9
Correlation
10
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
10
Host and network-based intrusion detection
9
Log retention
8
Data integration/API management
10
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
10
Reporting and compliance management
9
Incident indexing/searching
9