I normally use Splunk Enterprise Platform for review purposes. It is very easy and convenient. Its GUI is easy for me to review and approve all those things.
Splunk Enterprise
SplunkExternal reviews
444 reviews
from
and
External reviews are not included in the AWS star rating for the product.
User-friendly interface accelerates task approval but update confirmations occasionally delay
What is our primary use case?
What is most valuable?
Splunk Enterprise Platform is very easy and convenient to use. The graphical user interface is easy for me to review and approve tasks. It saves time by allowing me to perform actions on a single platform instead of managing them separately. Additionally, its real-time processing capability is very good.
What needs improvement?
The only problem I have with Splunk Enterprise Platform is that sometimes when I update a review, it takes time to receive confirmation emails. This happens very rarely, maybe once or twice a month. I feel this can be improved in terms of performance.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for three years.
What do I think about the stability of the solution?
Splunk Enterprise Platform is very stable.
What do I think about the scalability of the solution?
Splunk Enterprise Platform is scalable to some extent, which is acceptable. However, when I connect via VPN, it may take time to launch.
How are customer service and support?
I haven't got any support yet, so I can't comment on this as of now.
How would you rate customer service and support?
Neutral
What was our ROI?
Splunk Enterprise Platform saves approximately 20 to 30 percent of my time without having to perform different actions separately.
What other advice do I have?
My overall experience with Splunk Enterprise Platform rates around seven out of ten points. The main issues are regarding updating reviews and scalability, which may take some time when connecting via VPN. I would rate the overall solution 7 out of 10.
Great product poor customer service
What do you like best about the product?
Simple and easy to use for a product that offers a lot
What do you dislike about the product?
Cost and customer support if an issue arises
What problems is the product solving and how is that benefiting you?
It provides a framework for enterprise security
Great Platform for incident correlation and management
What do you like best about the product?
Great tool for enrichment, alert correlation, automations before an analyst looks at it
What do you dislike about the product?
Price, steep learning curve for full features
What problems is the product solving and how is that benefiting you?
Protecting the assets, users and crown jewels of the company
Real-time data analysis benefits but automation in role creation needs improvement
What is our primary use case?
We are working with AppDynamics, Splunk Enterprise Platform, and other Splunk products. However, the main use case here is with Splunk Enterprise Platform.
What is most valuable?
Splunk Enterprise Platform is a good tool to have, but it is expensive. The features that have proven most effective for real-time data analysis include parts of the platform and its automation capabilities. However, I want them to enhance their automation to cover every aspect, particularly the automation of roles creation.
What needs improvement?
While Splunk Enterprise Platform is a good product, it is expensive. Additionally, it is complex for inexperienced cybersecurity engineers and requires experienced personnel to handle it effectively.
For how long have I used the solution?
We have been providing Splunk Enterprise Platform for ten months.
How are customer service and support?
Splunk's technical support is at the same level for all products, although we have not opened many tickets.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
Splunk Enterprise Platform is expensive.
Which other solutions did I evaluate?
What other advice do I have?
For smaller companies, I recommend Stellar Cyber as an alternative to Splunk Enterprise Platform. Stellar Cyber is easier to implement and integrate, and it has solid AI capabilities, especially for automation. It is also willing to adapt to customer requirements. I would rate Splunk Enterprise Platform overall somewhere between six and eight, depending on the size of the company.
Enables us to create dashboards and do analysis but has limitations
What is our primary use case?
We use Splunk to create dashboards and do analysis.
What is most valuable?
What needs improvement?
Splunk can be used primarily to port log files, allowing for easy and quick management of large amounts of logs. However, this can also be a drawback due to the configuration, parsing, and dashboard creation limitations. Communication is stream-based, which means you need to do a lot of pre-emptive setup to get a nice export. Another issue with Splunk is its streamlined nature; it reruns the query whenever you refresh a dashboard. This becomes problematic if you have a large volume of log files, as it can be slow, resource-intensive, and require significant storage space.
It is designed to process and analyze log files. You feed log files into the platform, automatically extracting different fields. This allows you to filter and manipulate the data in a stream-based manner. Essentially, you pass a log file through various filters sequentially, enhancing or reducing its size by adding or removing information. However, this stream-based approach can make it challenging to create detailed dashboards easily. The platform primarily focuses on log files and is unsuitable for real-time data analysis.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for one or two years.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a six out of ten.
What do I think about the scalability of the solution?
It can be very slow if you have a lot of data, and scaling it up for better performance can be quite expensive.
A thousand users use this solution. We have many systems and a lot of data.
It is centrally deployed and used extensively across various systems. I use it daily, but sometimes I only use it once a month. It depends on the data I need or the issue I'm investigating.
I rate the solution’s scalability a four out of ten.
How was the initial setup?
The initial setup is straightforward.
What other advice do I have?
I wouldn't recommend Splunk Enterprise Platform because it's slow and has significant limitations.
Overall, I rate the solution a six out of ten.
Useful for cloud-based monitoring but improvement is needed for providing a shareable format
What is our primary use case?
We used the product for cloud-based monitoring or systems monitoring.
What is most valuable?
The key difference I noticed for my use case, which involved understanding user behaviors and responses to digital elements, was that I could obtain more detailed reporting than what was possible with Amplitude. I could download a file with very specific information, which was helpful.
I did not use it for real-time monitoring. My focus was on investigating incident reports to understand the extent of user impact. Primarily, I utilized the Splunk Enterprise Platform to analyze user behavior.
I found the incident notification to be very helpful. While Splunk Enterprise Platform provided detailed data, it didn't seem to check as many boxes for user behavior as Amplitude did. At the same time, I'm not sure if Amplitude offers features for monitoring or incident coverage.
Its ability to access granular details in Excel was beneficial. It's always helpful to transition from visualizations to detailed user reports.
What needs improvement?
The tool lacked in providing a shareable format. I had to use pivot tables and manually parse and edit the data to create a visualization-friendly format. It was helpful when we had an issue. What would make it stronger is if it were more proactive. For example, if it highlighted major incidents and their impact on users without digging through notifications, that would be better. Typically, the first question we get is, "Oh, we had an incident. How bad was it? How many customers were impacted?" So having that information pop up from the notification would be helpful.
What do I think about the stability of the solution?
Splunk Enterprise Platform is stable.
What do I think about the scalability of the solution?
I saw no issues or reasons to think that the product wouldn't scale over time. Our data is growing.
How are customer service and support?
I haven't contacted the tool's support.
What other advice do I have?
I rate the overall product a seven out of ten.
I would recommend it for incident management reporting. I would not advise it for understanding user behavior or usage. If I had to choose between Splunk Enterprise Platform and Amplitude, I would probably go with Amplitude, but I also have no familiarity with what their incident reporting is like.
SPLUNK Enterprise
What do you like best about the product?
SPLUNK was a nice data analytic tool till the advanced SOAR function tools emerged in the market.
What do you dislike about the product?
Lacks advanced SOAR function. Not pocket friendly as other SAS products are eg Sentinel.
What problems is the product solving and how is that benefiting you?
I was using Splunk for Threat Hunting and Incident investigation. Now I have switched to Microsoft Sentinel as it offers SOAR function and better data analytics at a competitive price.
Splunk a capible sytem that needs regular maintance.
What do you like best about the product?
he multiple plugins from vendors that are available for Splunk. The Security Essentials module is really all we needed for our SOC
What do you dislike about the product?
The constant need to update and configure our cloud instance. Updates require a lot of manual intervention.
What problems is the product solving and how is that benefiting you?
We use it for our SIEM and Splunk's Phantom for our SOAR. Our SOC would not have time to handle all alerts without SOAR. Splunk's Security Essentials really covers all our Monitoring and Alerting needs out of the box and with little setup. The prebuilt compliance reporting is also nice in that we can in just a few clicks get tailored reports for all the different states that we do business in.
Splunk Review
What do you like best about the product?
Splunk is very good data analysing tool, on which we can work on comex queries in very easy way
What do you dislike about the product?
Compare to other Bi tools, splunk lack in Visualization
What problems is the product solving and how is that benefiting you?
We are using splunk to capture logs and events from multiple servers, which we can analyse centrally in splunk
Great SIEM software
What do you like best about the product?
Super easy to write powerful queries to find the right data.
What do you dislike about the product?
The queries can sometimes become hard to comprehend when they are longer.
What problems is the product solving and how is that benefiting you?
I am making sure that we are catching important logs.
showing 1 - 10