Overall Satisfaction with Splunk Enterprise Security (ES)
We use Splunk to apply analytics techniques to gain business insights. The applications generate information, logs, which are stored in their own files causing, in this way we improve the analysis of our data. The grouping of the log files in a single place makes it easy to analyze the performance of our system and continuously propose possible improvements. It allows us to debug the applications, that is, to carry out the necessary tests to prevent possible problems.
- Easy installation and minimal need for hardware resources for its use
- It has a huge community behind it and has extensive and detailed documentation.
- Semi-structured data logging, using the JSON format.
- Supports multiple languages.
- Architecture based on an extensive catalog of plugins (in_http, in_tail, out_mongo, out_webhdfs, out_kafka2…) that allows us to extend its functionality.
- It features high stability and good performance.
- Excellent configuration of alarms and triggers.
- Extraction of additional information, secondary data can be accessed, such as the HTTP codes of requests to servers invoked by the APIs of our programs.
- Splunk has, mainly, two negative aspects. The first, which is rather subjective, is that it is an on-premise solution, which implies a configuration that is costly both in terms of money and complexity
- To deploy it in a high-scale environment, a dedicated cluster will need to be installed and configured. As a developer, that's not often what you could or would want to do, at least not as a first option.
- The second con of Splunk is that it is expensive. To support a real-life application, tens of thousands of dollars will be needed.
- The configuration of our alerts in real-time prevents future manual repairs, as well as the data help us to detect the need to update both the software and the hardware and reduce the intervention times of qualified personnel. In the end, the economic savings are evident.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes