Splunk it!
April 10, 2018
Splunk it!
Score 6 out of 10
Vetted Review
Verified User
Software Version
Splunk Light (legacy)
Overall Satisfaction with Splunk Enterprise
We have used splunk light in the past for log analysis of Cisco routers, firewalls and switches to determine path issues. This was mainly used within the network infrastructure group. The alerting was the main benefit when trying to determine intruder detection and the path the intruder was trying to take.
- Though it was a little hard at first, creating the dashboards from the raw data became the big benefit.
- Setup of alerts was, again a little confusing but over time with the real time alert became useful.
- The building of dashboards for the security team for tracking intruders.
- The big one is writing the dashboards based off the raw data.
- The intrusion detection with the real-time alert has been a huge positive impact.
- Log search has helped us in tracking certain internal issues.
- Dashboards for quick glance to show the upper management has saved us time on explaining where more protection is needed.
Splunk's graphical interfaces or dashboards was the big reason for using it for log analysis. All the products are able to trap logs but each has a limited mechanism for correlating the logs into a usable interface for analyzing. This is where splunk prospers. Splunk's main function is the correlation of logs where the others are built to do a lot more.