Item: Splunk Enterprise Security (ES)
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

We use it for reporting error conditions. For example, whenever there is failed authentication beyond an acceptable rate, then we create alerts to the production support team to look into the actual issue before even the customer complains about it.

Pros and Cons

Error alert
Monitoring
Reporting
Dashboard

More clear menus
Multiple ways of creating report and alert is confusing
Include more help documents

Return on Investment

Real-time monitoring of error condition had saved lot of time
Error log details helps to quickly locate the root cause of the issue
Manual report generation and statistics are automated, which made routine work much simpler

Scalability

It’s good so far. It has so many features that automate routine work and save so much time and with greater accuracy. Real-time monitoring serves as a greater tool to figure out issues even before it’s informed by the customer. So quicker issue fixes and better performance and security can be achieved.

Alternatives Considered

Azure Notification Hubs

It’s easy to understand and simple to implement

Key Insights

Do you think Splunk Enterprise Security (ES) delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security (ES)'s feature set?

Yes

Did Splunk Enterprise Security (ES) live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security (ES) go as expected?

Yes

Would you buy Splunk Enterprise Security (ES) again?

Yes

Other Software Used

Microsoft SharePoint, Microsoft Teams, Slack

Likelihood to Recommend

Well suited for:
1. Creating real-time alerts to monitor login issues by customers.
2. Scheduled Reports - save a lot of time where the routine manual report generation task is automated

Automated Reporting and monitoring tool

Overall Satisfaction with Splunk Enterprise Security (ES)