I have a variety of use cases. My company uses it for cloud-related operations, anomaly identification, and threat detection.
External reviews
445 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Offers timestamp indexing and the easy-to-use visualization for data analysis
What is our primary use case?
How has it helped my organization?
It's been very useful in regard to security information and threat management (SIEM). Splunk is a valuable tool for my organization.
What is most valuable?
The timestamp indexing and the easy-to-use visualization features are the most valuable features for data analysis.
Moreover, the dashboard and visualization features have made a big difference. We can quickly identify issues within the dashboards and easily generate insightful reports. If something goes down, we can easily detect the issue.
Splunk's real-time processing capability has been pretty good for my use cases.
What needs improvement?
There is room for improvement in terms of scalability. They can enhance the ability to handle increasing volumes of data.
For how long have I used the solution?
I have been using it for four years now.
What do I think about the stability of the solution?
There have been occasional issues, but nothing major.
I would rate the stability an eight out of ten.
What do I think about the scalability of the solution?
I never had issues with scalability. My organization has 8,000 end users.
I would rate the scalability an eight out of ten.
How are customer service and support?
The customer service and support are good.
How would you rate customer service and support?
Positive
How was the initial setup?
In general, the initial setup is fairly easy.
Not everyone can do it. Some knowledge and experience would likely be helpful to get the most out of the setup.
Typically, the deployment would take around 16 to 20 hours.
What's my experience with pricing, setup cost, and licensing?
The pricing is about average.
What other advice do I have?
Overall, I would rate the solution an eight out of ten.
I would recommend using this solution. Overall, Splunk is a good tool for analysis and for representing data in a short span of time. It helps minimize unnecessary noise in the data.
Which deployment model are you using for this solution?
On-premises
Splunk is a quite famous vendor in managing IT infrastructure with SIEM - now Enterprise.
What do you like best about the product?
The capabilities of managing and integrating with other vendors are great! We can easy to implement it in any kind of networks & systems.
What do you dislike about the product?
The management UI might be hard to control with new guys. It's quite hard to use.
What problems is the product solving and how is that benefiting you?
It can easily manage log, systems, networks and give me a centralize monitoring one.
Splunk Enterprise Review
What do you like best about the product?
1) User friendly GUI.
2) Simple and powerful tool for SEIM.
3) Rich visualizations & Cutomizable dashboards to understand insights clearly.
4) Real time monitoring and alerting features are cheryy on top.
2) Simple and powerful tool for SEIM.
3) Rich visualizations & Cutomizable dashboards to understand insights clearly.
4) Real time monitoring and alerting features are cheryy on top.
What do you dislike about the product?
1) cost can be issue for some organizations.
2) It also offers free version but have very limited functionality.
2) It also offers free version but have very limited functionality.
What problems is the product solving and how is that benefiting you?
It is quite helpful in my SEIM process and visualization it offers that makes me easy to understand and generate reports.
Helps to monitor logs from various sources but improvement is needed in support
What is our primary use case?
We use the tool to monitor logs from various sources. Multiple users send their logs to the Splunk Enterprise Platform using different methods, including Universal Forwarder and AWS services like S3. Additionally, we utilize tools like AWS Genesys for log transmission.
What is most valuable?
The product helps monitor and visualize data. It allows you to handle various tasks. You can store, visualize, and analyze data with the Splunk Enterprise Platform. It offers features like virtual folders and heavy folders for filtering data. Additionally, you can create dashboards to showcase data to different teams and stakeholders. The tool also enables the creation of analytics and alerts and sends reports, making it a valuable tool for our system.
The dashboard and visualization features are good for data analysis. With features like the Studio dashboard introduced in versions 8 to 9, users find it much easier to create dashboards without knowledge of languages like XML.
What needs improvement?
Based on my experience, I've noticed areas for improvement, particularly in support. Developers typically interact with support personnel who may lack technical expertise when raising support tickets. This can result in delays as initial interactions involve sharing documents before escalation to higher support levels.
For how long have I used the solution?
I have been using the product for four years.
What do I think about the stability of the solution?
I rate the tool's stability an eight out of ten.
What do I think about the scalability of the solution?
The tool's scalability is good, and it is based on licensing. My company has more than 10,000 users.
Which solution did I use previously and why did I switch?
I used Dynatrace before the Splunk Enterprise Platform.
How was the initial setup?
The tool's deployment can be complex for the first time. It can become more manageable after that.
What's my experience with pricing, setup cost, and licensing?
If you exceed your licensed limit, the product will issue a warning, typically a five-license warning. Additionally, they send daily email notifications informing you about the breach. This prompts you to consider options such as minimizing logs or acquiring additional licensing to address the issue.
It can be perceived as expensive, especially for organizations dealing with large volumes of data, such as in the banking sector, where numerous logs are generated every second. While other tools are available at lower costs, some teams may consider open-source or lower-cost alternatives, especially if they have funding constraints.
What other advice do I have?
Regarding security and event management, the tool is handled by a different team. They utilize security enterprise tools, including SIEM, to manage security. Splunk Enterprise Platform's real-time processing capability significantly enhances our data monitoring. I would rate it an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Review-Splunk
What do you like best about the product?
User friendly UI
Easy to configure and set Alerts.
If you stuck, people around you know about this platform and can help.
Convinient.
We can use custom dashboards and use it as per our need.
we can integrate this with Microsoft Exchange and get realtime messages/emails.
Easy to configure and set Alerts.
If you stuck, people around you know about this platform and can help.
Convinient.
We can use custom dashboards and use it as per our need.
we can integrate this with Microsoft Exchange and get realtime messages/emails.
What do you dislike about the product?
It can be challenging to configure and troubleshoot the issues for newbies. Person should have expressions knowledge to operate this tool/platform.
What problems is the product solving and how is that benefiting you?
With Monitoring. we take proactive actions, so we can resolve problems before someone notice or report it.
A powerful tool for point-in-time security detection with stability
What is our primary use case?
We use Splunk Enterprise Platform for point-in-time security detection. It can be applied to security and IT operations scenarios, offering control and insight into user activity, registration processes, and customer data.
What is most valuable?
The solution has a status query and feed. I can reach them by phone at the residential. It is stable and has a fast response.
What needs improvement?
The product is expensive.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a nine out of ten.
What other advice do I have?
Splunk Enterprise is a powerful platform. It's a leader in its field with a large and active community. Users can access support in various ways, including forums and documentation.
Overall, I rate the solution an eight out of ten.
A highly scalable solution that can be used for security, IT monitoring, and observability
What is most valuable?
Splunk Enterprise Platform can be used for security, IT monitoring, and observability.
What needs improvement?
The solution’s pricing could be improved.
For how long have I used the solution?
I have been working with Splunk Enterprise Platform for six years.
What do I think about the stability of the solution?
Splunk Enterprise Platform is a stable solution.
I rate the solution an eight or nine out of ten for stability.
What do I think about the scalability of the solution?
Splunk Enterprise Platform has very high scalability.
What's my experience with pricing, setup cost, and licensing?
Customers need to pay a yearly licensing fee for Splunk Enterprise Platform.
On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing around seven or eight out of ten.
What other advice do I have?
I would recommend Splunk Enterprise Platform to other users.
Overall, I rate Splunk Enterprise Platform an eight out of ten.
A scalable tool that offers SIEM and SOAR functionalities to users
What is our primary use case?
Splunk Enterprise Platform is useful as a tool for its SIEM and SOAR functionalities.
What is most valuable?
The most valuable features of the solution stem from the fact that it provides local support to users in Indonesia. The features that Splunk Enterprise Platform provides to users are the same as the ones provided by ArcSight, so I cannot compare both products.
What needs improvement?
The solution has certain shortcomings when it comes to APIs, making it in an area where improvements are required.
Integration is an area that can be considered as one of the challenges we face with the solution in our company. From an improvement perspective, the solution should make the integration of the product with other tools in the market possible.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for almost three years.
What do I think about the stability of the solution?
It is a stable solution. The product stays stable from the development stage to the production environment. Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
It is a scalable solution.
Around 1,400 employees in our company use the solution.
My company does plan to increase the use of the solution.
Which solution did I use previously and why did I switch?
I have experience with ArcSight.
How was the initial setup?
The product's initial setup phase was very complex.
During the product's first time deployment, the product is dispatched to the user for assessment, after which a user can deploy it and take care of the areas from implementation to production.
The solution is deployed on a hybrid cloud.
The solution can be deployed in three to five months.
Around seven people are required to manage the deployment and maintenance of the product.
What about the implementation team?
The deployment can be carried out with the help of our company's in-house team.
What's my experience with pricing, setup cost, and licensing?
There are yearly payments to be made towards the licensing costs attached to the solution.
What other advice do I have?
I can recommend the product after considering the needs and budget of the customers, as well as the company's size.
I rate the overall tool an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Hi guys Don't go for Splunk Enterprise without Seeing this review
What do you like best about the product?
I like Collection indexing of splunk. When you investigate any alerts the response of the search is very quick and give consolidated indexed information
What do you dislike about the product?
Splunk language take time to learn and how to use SPL and how to create effective searches and dashboards also bit difficult
What problems is the product solving and how is that benefiting you?
Realtime threat detections , alert investigation and incident response. We use this to create user behaviour analytics dashboards
An easy-to-use and easy-to-configure solution that can be used to monitor network traffic
What is our primary use case?
We monitor our airtight network traffic using the Splunk Enterprise Platform. We also use the solution for port monitoring, to monitor which ports are closed, which are open, and flapping if in any port. We use it to check our server performance to see if it gets choked because of high CPU or RAM utilization.
What is most valuable?
Splunk Enterprise Platform is an easy-to-use and easy-to-configure solution.
What needs improvement?
There should be continuous customer engagement and training programs on the new features and capabilities introduced by the solution.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for four years.
What do I think about the stability of the solution?
I rate Splunk Enterprise Platform a nine out of ten for stability.
What do I think about the scalability of the solution?
Splunk Enterprise Platform is a scalable solution. Two people are using the solution in our organization to monitor data.
I rate Splunk Enterprise Platform ten out of ten for scalability.
How was the initial setup?
The solution’s initial setup is easy.
What about the implementation team?
One or two hours is enough to deploy the solution, but its configuration will take time, based on the users. Just one person is enough to deploy the solution.
What was our ROI?
We have seen a return on investment with Splunk Enterprise Platform for security and performance use cases.
What's my experience with pricing, setup cost, and licensing?
The solution’s pricing is moderate. We have to pay a yearly licensing fee for the solution, and there is an additional cost for support.
What other advice do I have?
Splunk Enterprise Platform is a good and easy-to-use solution. It has to be regularly upgraded to the changing network or customer needs.
Overall, I rate Splunk Enterprise Platform an eight out of ten.
Which deployment model are you using for this solution?
On-premises
showing 11 - 20