Item: Splunk Enterprise Security
Rating: 9
Author: John Garcia

Overall Satisfaction with Splunk Enterprise Security (ES)

Use Cases and Deployment Scope

Splunk provides us with excellent SIEM and security enhancement with in-depth log analysis that makes it a very well-suited software for our business. For the company, it generated a large volume of records and data from our users, customers, and suppliers. Splunk has become one of the best options since it offers us security analysis and event management in a matter of minutes. Thanks to this SW we monitor all the company's data in real-time.

Pros and Cons

Pros

It allows us to stream logs over HTTP/HTTPS. Supports Docker, AWS, Syslog, Heroku, Windows, and Linux logs. We can even create custom parsing rules for a new format
It has other features that make it one of the best options. It has a large number of tools, analyzes and indexes all data including machine data, event logs, server logs, and network events
We can monitor activity and issues in our facilities so we can see what can be improved and things that need to be removed from the infrastructure to increase performance.

Cons

Splunk is expensive. For large-scale companies where data is a top priority, it is perfect for adapting to all needs.
Spunk has another drawback of providing slower seek speed

Return on Investment

Regarding the rate of return on investment, I do not know this aspect, if it is true that improving the performance of our data translates into an improvement in the ROI of the company in the medium and long term.

Security Analytics

Splunk gives us the speed we need and the accessibility of our records to every other department in the office. We can search the records faster because it features a well-optimized elastic search. With these features, we are able to index, filter, and record highs at a much faster rate than ever before. We can change all the features to change the dashboard to suit our style more

Scalability

It has a registration model that is powerful and efficient. Splunk presents cloud-based, on-premises, private cloud, and multi-cloud deployment models for its users.

Key Insights

Do you think Splunk Enterprise Security delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security's feature set?

Yes

Did Splunk Enterprise Security live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Splunk Enterprise Security go as expected?

Yes

Would you buy Splunk Enterprise Security again?

Yes

Other Software Used

SAP HANA

Likelihood to Recommend

For ingesting structured, unstructured, and semi-structured data sets it works great. It allows us to convert the data for different platforms, services, and applications. is not a shipping or records management service; it only serves its collection of data and routing of that to the destination address. There are plugins that we can add to the system to perform another task that may not come in the package. We can create search parameters and apply them without writing a query. We can use them as alerts for updates and notifications. We can monitor our data in real-time without losing valuable information. Splunk helps us catch new bugs so we can remove them faster before they spread. Also, the web user interface is simple and easier to navigate

Splunk Enterprise Security Feature Ratings

Comments

Please log in to join the conversation

Splunk Review