excellent platform for the collection and management of logs from multiple sources
September 11, 2023
excellent platform for the collection and management of logs from multiple sources
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
splunk ES is a very useful and powerful tool as a SIEM platform, we send logs from multiple sources such as winodws servers, linux, RH, Firewalls, WAF, O365, etc, the installation process of UF is not complicated, the deployment of the information is fast and the language for the visualization of tables or graphs can be a little complicated but there are guides and KB to support these tasks.
- Customization of dashboards
- Creating apps based on your needs.
- Search queries can be saved for future or even can be converted to apps
- high cost
- slow interface
- Reduce of time to detect (MTTD)
- integration with SOAR for improved incident response times
Splunk Enterprise Security (ES) is much faster and easier to integrate logs and work on alerts to detect suspicious security events.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
Yes
Did implementation of Splunk Enterprise Security (ES) go as expected?
Yes
Would you buy Splunk Enterprise Security (ES) again?
Yes