Splunk Enterprise, that'll do
November 27, 2024

Splunk Enterprise, that'll do

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Software Version

Splunk Light (legacy)

Overall Satisfaction with Splunk Enterprise

We use Splunk Enterprise to aggregate all of our syslogs. We also use it to alert on certain syslogs that could indicate an issue or event in our environment. We have many dashboards that are both internal and external customer facing. These dashboards are very popular for tracking issues and status of all facets of our infrastructure.

Pros

  • syslog collection
  • searching
  • dashboards

Cons

  • more detailed guides on deployment
  • increase efficiency
  • more efficient log searching
  • customers love dashboards
It is a very powerful tool, it can do many things all in one place, and that has its merits. But it is also a huge tool with many facets that can become overwhelming. You basically need a person or small team to manage if you have a lot of data flowing into Splunk Enterprise. But that may be worth it for you depending on the size of your teams.
Splunk Enterprise is honestly the first tool we used and we cant realistically switch. We have not done any in depth studies or comparisons. We know there are alternatives and we would probably switch if one of them was much more economically viable, but right now we are happy with using Splunk Enterprise.

Do you think Splunk Enterprise delivers good value for the price?

Yes

Are you happy with Splunk Enterprise's feature set?

Yes

Did Splunk Enterprise live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Splunk Enterprise go as expected?

Yes

Would you buy Splunk Enterprise again?

Yes

It is very well suited for environments where you have many different devices or sending syslog. It can be very tiring and wasteful to manually pour through all that data. Having a central location where you can search centrally is very helpful. I personally would not recommend Splunk Enterprise for teams that don't know what they are doing, you can easily crash it with bad searches.

Splunk Enterprise Feature Ratings

Security Information and Event Management (SIEM)
7.8
Centralized event and log data collection
8
Correlation
8
Event and log normalization/management
9
Deployment flexibility
7
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
9
Host and network-based intrusion detection
7
Log retention
8
Data integration/API management
8
Behavioral analytics and baselining
8
Rules-based and algorithmic detection thresholds
8
Response orchestration and automation
7
Reporting and compliance management
8
Incident indexing/searching
7

Comments

More Reviews of Splunk Enterprise

  1. Home
  2. Security Information and Event Management (SIEM) Software
  3. Splunk Enterprise Reviews
  4. User Review of Splunk Enterprise