Overall Satisfaction with Splunk Enterprise Security (ES)
We currently use Splunk Enterprise Security for our daily alerting and ticket escalation tool. Automating alerts and notables allows our team to dive deeper into specific alerts that require a human to check. Splunk Enterprise Security allows our team to edit alerts for tools such as EDR and Defender and create alerts without ever having to log in to the actual console.
- Save Time
- Automation
- Custom Configuration
- Macros
- Tuning notables
- permissions
- Easy to rule out false positives
- More time to investigate actual incidents
- Quick turn around with reporting when requested
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Not sure
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes