Highly precise alert monitoring with detailed logging.
July 15, 2022

Highly precise alert monitoring with detailed logging.

AMJITH LAL S | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We have been using Splunk ES for log analysis and monitoring effectively for the last couple of years. Updated threats could be easily identified and we could take the necessary remedial measures. The machine learning toolkit has a lot of functionality. We could easily manage the overload of traditional logging in firewalls and monitor threats more effectively with Splunk.

Pros

  • In depth log analysis.
  • Customisable and user-friendly threat dashboard.
  • Detailed research module integration.

Cons

  • Dashboard lacks live monitoring features.
  • Not suitable for Amateurs in networking.
  • Enterprise features are less budget friendly.
  • Considerable reduction in the load of Enterprise firewalls.
  • Reduced budget after removing hardware based log analysers.
  • Enhanced security with in depth logging with Splunk.
We have been using risk-based alerting, and unsupervised machine learning features of Splunk effectively with advanced FortiGate firewalling. We could meet our security goals with the proper integration of a hardware-based firewall and Splunk ES. Machine learning features helped us to auto-detect a variety of threats and to research more in security logging.
It completely fixed our security logging problems to a large extent with its precise alerting and accurate solutions. Previously we had logging issues with traditional firewalls and could use Splunk modules for more research-related works.
FortiAnalzer is a hardware solution, but with Splunk, we could identify as well get the correct solution for the active threats and too with accurate and precise detailing.

Do you think Splunk Enterprise Security delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security's feature set?

Yes

Did Splunk Enterprise Security live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security go as expected?

Yes

Would you buy Splunk Enterprise Security again?

Yes

Splunk is well suited for research-oriented projects where we require detailed log analysis and threat evaluation. It is well suited for cyber security companies and defense-related areas. Moreover, it requires sound knowledge of networking. I would prefer CCNP equivalent skillset to monitor and manage Splunk professionally in any enterprise or institution.

Splunk Enterprise Security Feature Ratings

Security Information and Event Management (SIEM)
8.8
Centralized event and log data collection
8
Correlation
9
Event and log normalization/management
9
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
9
Host and network-based intrusion detection
8
Log retention
9
Data integration/API management
9
Behavioral analytics and baselining
9
Rules-based and algorithmic detection thresholds
9
Response orchestration and automation
8
Reporting and compliance management
9
Incident indexing/searching
9

Comments

More Reviews of Splunk Enterprise Security

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security Reviews
  4. User Review of Splunk Enterprise Security