What is our primary use case?
We use
Splunk Security Essentials to create new Splunk searches, as it has many pre-canned searches for security detection.
The advanced detection content is something I like the most about it.
SPL queries to detect, predict, and forecast future network attacks are examples of what I would like to see.
How has it helped my organization?
It has many advanced SPL queries that allow us to identify advanced malicious activity or suspicious activity within our IT environment.
The benefits of this app were immediately apparent after installation.
What is most valuable?
The benefits of this app were immediately apparent after installation.
It has many advanced SPL queries that allow us to identify advanced malicious activity or suspicious activity within our IT environment.
The advanced detection content is something I like the most about it.
What needs improvement?
I cannot say there is any room for improvement because it is free.
They could add more AI content or AI and machine learning.
For how long have I used the solution?
I have been using
Splunk Security Essentials for three and a half years.
What was my experience with deployment of the solution?
The initial installation of this app is very easy.
It took about 10 minutes.
What do I think about the stability of the solution?
It's stable with no lagging, crashing, or downtime.
What do I think about the scalability of the solution?
It's scalable, making it easy to add more things to work with.
How are customer service and support?
I have never contacted their technical support regarding Splunk Security Essentials.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I managed a
LogRhythm SIEM for 3 years and we also looked at
Exabeam and
Sentinel One.
How was the initial setup?
The initial installation of this app is very easy.
It took about 10 minutes.
What about the implementation team?
Just one person is required to implement this solution.
What was our ROI?
I cannot say there is any room for improvement because it is free.
What's my experience with pricing, setup cost, and licensing?
Our SecOps manager and CISO were more familiar with Splunk, and the price was right. That was probably the primary driver, and we did evaluation as well with strict criteria and Gartner ratings.
Which other solutions did I evaluate?
I haven't used any alternatives to it.
What other advice do I have?
We already talked about Enterprise Security on May 28th.
I'm using Splunk Enterprise.
We do use SOAR Mission Control, but not AppDynamics or Phantom.
We have another freemium app for infrastructure monitoring called ITSI, IT Essentials Work. We also have the ITSI module for virtualization.
I would have to rate Splunk Security Essentials a 10 out of 10 because it's free and there's tons of usable content.
Which deployment model are you using for this solution?
Omit
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
