Try our new research platform with insights from 80,000+ expert users
Splunk User Behavior Analytics Logo

Splunk User Behavior Analytics Reviews

Vendor: Splunk
4.1 out of 5
Badge Leader
Leave a review

What is Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Get the Splunk User Behavior Analytics Buyer's Guide and find out what your peers are saying about Splunk User Behavior Analytics, Darktrace, IBM Security QRadar and more!
Splunk User Behavior Analytics is the #4 ranked solution in top User Entity Behavior Analytics (UEBA) solutions and #15 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Splunk User Behavior Analytics an average rating of 8.2 out of 10. Splunk User Behavior Analytics is most commonly compared to Darktrace: Splunk User Behavior Analytics vs Darktrace. Splunk User Behavior Analytics is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.
Buyer's Guide
Splunk User Behavior Analytics
August 2025
Get the report
Helped 866,088 peers since 2012

Featured Splunk User Behavior Analytics reviews

Read more reviews

Splunk User Behavior Analytics mindshare

Product category:
User Entity Behavior Analytics (UEBA)
As of August 2025, the mindshare of Splunk User Behavior Analytics in the User Entity Behavior Analytics (UEBA) category stands at 8.9%, down from 10.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.
User Entity Behavior Analytics (UEBA) Market Share Distribution
ProductMarket Share (%)
Splunk User Behavior Analytics8.9%
IBM Security QRadar10.4%
Rapid7 InsightIDR10.0%
Other70.7%
User Entity Behavior Analytics (UEBA)

PeerResearch reports based on Splunk User Behavior Analytics reviews

TypeTitleDate
CategoryUser Entity Behavior Analytics (UEBA)Aug 29, 2025Download
ProductReviews, tips, and advice from real usersAug 29, 2025Download
ComparisonSplunk User Behavior Analytics vs IBM Security QRadarAug 29, 2025Download
ComparisonSplunk User Behavior Analytics vs ExabeamAug 29, 2025Download
ComparisonSplunk User Behavior Analytics vs CynetAug 29, 2025Download
Suggested products
TitleRatingMindshareRecommending
Darktrace4.1N/A94%82 interviewsAdd to research
IBM Security QRadar4.010.4%91%209 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Splunk User Behavior Analytics excels in data aggregation, advanced analytics, and machine learning for threat detection. It offers rapid search capabilities, customizable dashboards, and powerful query functions. Integration with various platforms provides improved user experience. Automated reporting, anomaly detection, and risk scoring enhance security. Users benefit from the ease of use, scalability, stability, and intelligent insights for decision-making across large datasets, enabling efficient monitoring and response to potential threats.
  • "The best features in Splunk User Behavior Analytics include anomaly detection, behavioral profiling, and risk scoring and prioritization functionality."
  • "Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats."
  • "Splunk's technical support is amazing."

Room for Improvement

Splunk User Behavior Analytics could benefit from lower costs, better integration with other tools, and enhanced flexibility in configurations. Users desire improved dashboards, greater correlation capabilities, and a more intuitive interface. Network and storage features need upgrades, while automation and AI enhancements are also sought after. Pricing and licensing schemes are points of contention, and simplifying the setup process could increase user satisfaction. Users also express a need for better data ingestion management and scalable options.
  • "A disadvantage is that it can lead to cost overrun if not properly factored or governed."
  • "High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed."
  • "I would like to see an enhancement in the automation of creating the rules."

ROI

Organizations investing in Splunk User Behavior Analytics have mixed experiences regarding returns. Some report a 20% increase in staff productivity, while others mention 30-35% returns in cost and time savings, particularly in incident resolution. However, many find it challenging to identify concrete savings, with most benefits being indirect. Despite the high investment, the outcome depends on efficient implementation and execution. While some users report positive returns, others resort to supplementary tools to manage costs.

Pricing

Pricing for Splunk User Behavior Analytics is complex and generally expensive, with costs influenced by data volume, licensing models, and additional functionality. Pricing unpredictability is a challenge, with frequent increases making long-term budgeting difficult. Enterprises face extra costs for integration and setup, which involves various components. Licenses are subscription-based, with options for volume discounts and savings through reserved instances. The solution's high-level investment requires careful consideration of use and implementation needs.
  • "I am not aware of the price, but it is expensive."
  • "Pricing varies based on the packages you choose and the volume of your usage."
  • "The licensing costs is around 10,000 dollars."

Popular Use Cases

Splunk User Behavior Analytics is primarily used for threat detection, security management, intrusion detection, and anomaly analysis. Organizations integrate it for log management, telemetry data display, threat intelligence, and security-related analytics. It supports operations like clustering, log correlation, and machine learning in cybersecurity. Companies utilize it to prevent threats, analyze behavior patterns, and detect insider threats. Other uses include security governance, user analytics, dashboard creation, and real-time threat tracking.

Service and Support

Users report mixed experiences with customer service and support for Splunk User Behavior Analytics. Some praise its responsiveness and professional technicians, citing high satisfaction with technical assistance. Issues are generally resolved efficiently, though some note service is adequate but not exceptional, requiring improvement. Various support tiers are available, with premium and mission-critical providing extensive coverage. Access can be limited by regional constraints. Community forums and resources supplement official assistance, offering additional support avenues.

Deployment

Some described Splunk User Behavior Analytics's initial setup as complex with numerous configurations needed, vendor dependency, and customization. Others found it straightforward, requiring a good understanding of installations and configurations. The process duration varied significantly, ranging from a few days to months, depending on the environment and scale. Some relied on project managers and technical support. While open-source components eased setup, workflow complexity was noted as a factor impacting setup efficiency.

Scalability

Splunk User Behavior Analytics offers significant scalability, accommodating numerous users and devices with ease. Enterprises frequently find it well-suited for expansion, with capability to handle substantial data ingestion and user growth. It performs well across diverse infrastructure setups, though storage constraints may arise in log management. Organizations have experienced its capacity to scale efficiently with on-premise advantages. Customers appreciate its scalability, often expanding without difficulty, reflecting its enterprise-oriented design.

Stability

Splunk User Behavior Analytics is recognized for its stability, being reliable and dependable. Users report ease of configuration and monitoring, and note that it does not exhibit bugs or crashes. Many have rated its stability highly, appreciating its performance in enterprise settings. Some mention potential issues with long-term data, but emphasize its stability when properly deployed and maintained. The platform achieves high uptime with built-in redundancy and automated scaling capabilities.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Splunk User Behavior Analytics Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business6
Midsize Enterprise5
Large Enterprise10
By reviewers
By visitors reading reviews
Company SizeCount
Small Business132
Midsize Enterprise58
Large Enterprise265
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
8%
Manufacturing Company
7%
University
7%
Educational Organization
6%
Retailer
6%
Comms Service Provider
5%
Insurance Company
4%
Healthcare Company
4%
Aerospace/Defense Firm
3%
Non Profit
3%
Energy/Utilities Company
2%
Performing Arts
2%
Outsourcing Company
2%
Construction Company
2%
Legal Firm
1%
Wholesaler/Distributor
1%
Pharma/Biotech Company
1%
Real Estate/Law Firm
1%
Agriculture
1%
Media Company
1%
Logistics Company
1%
Sports Company
1%
Renewables & Environment Company
1%
Recruiting/Hr Firm
1%
Transportation Company
1%
Recreational Facilities/Services Company
1%

Compare Splunk User Behavior Analytics with alternative products

Go!

Learn more about Splunk User Behavior Analytics

Splunk User Behavior Analytics was previously known as Caspida, Splunk UBA.

Splunk User Behavior Analytics customers

8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia

Related questions

  • 37
Which is the best UEBA solution?
  • 6
Viable, Cost-Effective Competitors to Rapid7 InsightIDK
  • 133
What is your recommended cost-effective solution to detect and prevent APT attacks?
  • 29
Looking for recommendations and a pros/cons template for software to detect insider threats
  • 115
What are the main differences between UEBA and SIEM solutions?
  • 7
Monitoring Web Hosted Servers for unwanted guests
  • 88
Why is User Entity Behavior Analytics - UEBA important for companies?
  • 7
When evaluating User Behavior Analytics, what aspect do you think is the most important to look for?
  • 13
Which is the best User Entity Behavior Analytics (UEBA) solution?
  • 9
What are the different types of insider threats that UEBA solutions help to detect?

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Fortinet FortiGate IPS vs Splunk User Behavior Analytics Logo
Fortinet FortiGate IPS vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics Logo
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
Trellix Intrusion Prevention System vs Splunk User Behavior Analytics Logo
Trellix Intrusion Prevention System vs Splunk User Behavior Analytics
See all alternatives
 
Splunk User Behavior Analytics Reviews Summary
Author infoRatingReview Summary
Enterprise Architect at Wipro Limited4.5I use Splunk User Behavior Analytics for threat detection and risk scoring, leveraging both unsupervised and supervised ML models. It efficiently integrates with Splunk Enterprise, but scalability and cloud deployment can pose challenges, requiring careful management to avoid cost overruns.
System Engineer at Infosys4.5I focus on application behavior with Splunk User Behavior Analytics. It offers valuable features like alerts and auto report generation, saving time. However, the dashboard needs improvement. I started using it recently and hope for increased user interaction.
Enterprise Architect at Wipro Limited4.0We use Splunk User Behavior Analytics for log analysis and security management, valuing its advanced analytics and real-time data correlation. While it's highly scalable, high data ingestion costs and complex dashboards are challenges. Our ROI relies on efficient implementation.
Cloud Solution Architect at Tech Mahindra Limited3.5I use Splunk User Behavior Analytics for SAML authentication, behavior analysis, and cloud platform integration, enhancing anomaly detection and machine learning analysis. Despite some latency and configuration challenges, it offers superior reliability and security over Kibana's ELK, yielding significant ROI.
Regional Director at iSecureMind3.5I have been working with Splunk User Behavior Analytics for ten months as a service provider and reseller. It is valuable for features like threat detection and anomaly detection, enhancing security. However, automation in rule creation could improve. Positive ROI noted.
Cyber Security Technical Sales Manager at Raia3.5I recommend Splunk User Behavior Analytics because of its intelligent integration with other vendors and useful dashboard. However, its storage model needs improvement, as the large number of VMs is overwhelming. I've used Elastic before, but it's not as mature.
Consultant at Kienia4.5We use Splunk User Behavior Analytics to monitor various airport management operations, including system behavior and application performance. Splunk’s quick response and large data storage are invaluable, though a simplified setup and reduced costs would enhance our satisfaction.
Software Engineer IAM at Mercedes-Benz Canada Inc.3.5I find Splunk User Behavior Analytics valuable for threat identification and governance due to its effective query capabilities. However, improvements are needed in the user interface and an enhanced analytics tool that doesn't require explicit query writing.