1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security (ES) Reviews
  4. User Review of Splunk Enterprise Security (ES)
Satisfaction and progress with Splunk ES.
March 11, 2022

Satisfaction and progress with Splunk ES.

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

Because Splunk ES is bundled with Splunk Enterprise Core, you can import whatever data you choose, regardless of whether or not it relates to security. Version 7 of Splunk ES includes fantastic dashboards for executives, the cloud (AWS, Azure), and security. Aside from that, Splunk env has investigation and incident workflow tools that allow you to perform these tasks quickly. ML(PDF, Classification, etc.) has a slew of built-in detection features, and you won't get any better than that by combining static and dynamic detection.
  • Enhancing the information contained in event logs.
  • ES, Security Essentials, and ESCU all provide a plethora of built-in detection features, some of which incorporate machine learning algorithms like PDF and categorization.
  • Automated alerts and alerts.
  • Orchestration
  • A lack of familiarity with Splunk components and data pipelines can make deploying and managing architecture a challenge.
  • Splunk's help can be lacking at times, and you may find that you know Splunk far better than the support staff, and diagnostics can take a while.
  • Less time to repair because of integrations.
  • Inspire a 7% increase in income because in protection.
  • Threat Intel integration has resulted in a reduction in MTTD.
The product roadmap and future vision of the program ensure that our team does not fall behind in the development of tasks due to lack of capacity of the program in question.
This allows the objectives per month in development that we have set to be fulfilled or help to be fulfilled. In this way, the team works more confident and sure of not losing information.
There's a lot of leeway with Splunk Enterprise Security. I've personally implemented this system in a wide range of scenarios, from on-premises to the cloud, and I can attest to its effectiveness. It has a lot of great options for hosting, and it's a breeze to get an instance up and running quickly. Add-ons that are simple to set up and use are also available.

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

No

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

No

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

One of the best ways to improve an organization's security is to use Splunk Enterprise Security. In a Security Operation Center, real-time alerts, monitoring, and reporting will be possible. Automated replies to security alarms can be generated by integrating them with other solutions as well.

Splunk Enterprise Security (ES) Feature Ratings

Security Information and Event Management (SIEM)
7.6
Centralized event and log data collection
7
Correlation
9
Event and log normalization/management
5
Deployment flexibility
9
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
7
Host and network-based intrusion detection
7
Log retention
8
Data integration/API management
8
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
6
Response orchestration and automation
8
Reporting and compliance management
7
Incident indexing/searching
9