Splunk ES Review
September 06, 2023
Splunk ES Review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Splunk Enterprise Security (ES)
We use Splunk ES to monitor security-relevant events, create notables for our Analysts to review, and overall improve our organization's security and security hygiene. Splunk ES is a service we offer to our clients as an MSSP and SOC-as-a-service, giving potential customers another great option to use for their own organization.
Pros
- Breakdown event logs into easy-to-search fields
- Provide relevant trends and metrics for events
- Develop dashboards and notables to track security-relevant details
Cons
- Ease-of-use for new users
- Better options to export events/notables
- More streamlined UI
- Faster MTTR
- Training ended up being costly, but over projected to be high ROI over time
- Dashboards provide better context for our executives
AlienVault is much more user and beginner friendly, however Splunk ES very much so provides more capability for mass data manipulation, report and dashboard customization, and trend analytics.
Do you think Splunk Enterprise Security (ES) delivers good value for the price?
Yes
Are you happy with Splunk Enterprise Security (ES)'s feature set?
Yes
Did Splunk Enterprise Security (ES) live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Splunk Enterprise Security (ES) go as expected?
I wasn't involved with the implementation phase
Would you buy Splunk Enterprise Security (ES) again?
Yes
Comments
Please log in to join the conversation