Splunk ES help you aggregate to achieve visibility and leverage security intelligence across the organization
November 08, 2022

Splunk ES help you aggregate to achieve visibility and leverage security intelligence across the organization

Fabio Silva | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Splunk Enterprise Security (ES)

We are using Splunk ES to identify possible security risks and advice together with other legacy security tools. Splunk ES is helping us to correlate different logs in a single interface.

Pros

  • Incident Review and Classification
  • Risk-Based Analysis
  • Endpoint Protection

Cons

  • Palo Alto logs integration
  • Bluecoat logs integration
  • MTTR improved
  • Improved the security layer for Business Units
Splunk is help us to correlate the logs across different security vendors and with the human-driven correlation rules we can track possible security incidents.
With Splunk, we have the ability to track the events from the Cloud (Public or Private) as the local events from on-premise.

Do you think Splunk Enterprise Security delivers good value for the price?

Yes

Are you happy with Splunk Enterprise Security's feature set?

Yes

Did Splunk Enterprise Security live up to sales and marketing promises?

Yes

Did implementation of Splunk Enterprise Security go as expected?

Yes

Would you buy Splunk Enterprise Security again?

Yes

Splunk is very good when integrating with other security logs like Mcafee, Trend Micro & Darktrace. The integration with the Firewall application is still a gap to cover as today the integration with some vendors such as Palo Alto and Bluecoat is not straightforward yet.

Splunk Enterprise Security Feature Ratings

Security Information and Event Management (SIEM)
8.3
Centralized event and log data collection
9
Correlation
9
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
8
Host and network-based intrusion detection
9
Log retention
8
Data integration/API management
8
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
9
Response orchestration and automation
8
Reporting and compliance management
10
Incident indexing/searching
7

Comments

More Reviews of Splunk Enterprise Security

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Security Reviews
  4. User Review of Splunk Enterprise Security