Satisfaction and progress with Splunk ES.
March 11, 2022
Satisfaction and progress with Splunk ES.
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
Because Splunk ES is bundled with Splunk Enterprise Core, you can import whatever data you choose, regardless of whether or not it relates to security. Version 7 of Splunk ES includes fantastic dashboards for executives, the cloud (AWS, Azure), and security. Aside from that, Splunk env has investigation and incident workflow tools that allow you to perform these tasks quickly. ML(PDF, Classification, etc.) has a slew of built-in detection features, and you won't get any better than that by combining static and dynamic detection.
- Enhancing the information contained in event logs.
- ES, Security Essentials, and ESCU all provide a plethora of built-in detection features, some of which incorporate machine learning algorithms like PDF and categorization.
- Automated alerts and alerts.
- Orchestration
- A lack of familiarity with Splunk components and data pipelines can make deploying and managing architecture a challenge.
- Splunk's help can be lacking at times, and you may find that you know Splunk far better than the support staff, and diagnostics can take a while.
- Less time to repair because of integrations.
- Inspire a 7% increase in income because in protection.
- Threat Intel integration has resulted in a reduction in MTTD.
Only for big features and price.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
No
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
No
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes