No more typing reviews! Try our Samantha, our new voice AI agent.
Splunk Enterprise Security Logo

Splunk Enterprise Security pros and cons

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk Enterprise Security enhances incident detection through seamless integration, log management, and risk-based alerting, improving threat analysis by 30%. Its customization, machine learning, and aggregation features boost security monitoring and resilience. However, users face challenges with slow technical support, expensive licensing, steep learning curves, and complex queries. Integration with third-party tools is difficult and costly, often deterring smaller organizations from adopting this platform due to its complexity and added costs.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk Enterprise Security enhances incident detection and response, reducing the meantime to resolution by approximately 30%.
It offers valuable features such as seamless integration, robust log management, and compatibility with other SIEMs.
Its threat intelligence capabilities and risk-based alerting significantly improve threat detection and analysis.
The platform's flexibility allows for custom dashboards and correlation searches, aiding in efficient security monitoring.
Splunk Enterprise Security's machine learning and aggregation features provide vital insights into security events, improving business resilience.

CONS

Splunk Enterprise Security users face challenges with technical support, which is often criticized for being slow to respond and lacking efficacy.
Licensing for Splunk Enterprise Security is considered expensive, making it less accessible for smaller organizations.
Users encounter a steep learning curve and complexity in mastering and utilizing all the capabilities of Splunk Enterprise Security.
Query construction in Splunk Enterprise Security is complicated, requiring significant expertise and sometimes resulting in performance issues.
Integration with third-party tools in Splunk Enterprise Security is difficult and often incurs additional costs.
 

Splunk Enterprise Security Pros review quotes

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 3, 2015
Great log management capabilities with flexible and comprehensive search capabilities, scalable and easy to use.
Read full review
it_user174663 - PeerSpot reviewer
it_user174663
Systems/Applications Specialist with 201-500 employees
Feb 19, 2015
I'm not sure about the money but in saved time and a new kind of visibility for the system/business process this product has been revolutionary in the working environment.
Read full review
it_user313119 - PeerSpot reviewer
it_user313119
Integration Architect at a manufacturing company with 1,001-5,000 employees
Sep 21, 2015
What Splunk calls operational intelligence: fast availability of operational data spread across several servers to prevent or react faster to outages or performance decreases.
Read full review
Buyer's Guide
Splunk Enterprise Security
April 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
892,287 professionals have used our research since 2012.
implemen269433 - PeerSpot reviewer
implemen269433
Technical Director at a consultancy with 11-50 employees
May 7, 2017
This is the right choice if you are looking for a platform that can combine all machine-generated data and use it for various use cases from different domains.
Read full review
it_user363165 - PeerSpot reviewer
it_user363165
Products Manager at a tech services company with 5,001-10,000 employees
May 7, 2017
It has been helping a lot of my clients with fast data mining and information propagation.
Read full review
it_user664626 - PeerSpot reviewer
it_user664626
Business Analyst at a retailer with 10,001+ employees
May 14, 2017
I would strongly recommend this product, as it would be very beneficial for service operations and management.
Read full review
it_user594183 - PeerSpot reviewer
it_user594183
Security Engineer at a retailer with 10,001+ employees
May 14, 2017
They provide excellent predefined user cases.
Read full review
it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The speed of the search engine
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The data representation options in the dashboards are excellent.
Read full review
JN
jorgenoguerah
IT Infrastructure Architect at a tech company with 201-500 employees
May 17, 2017
It helps us to detect viruses and security events from our network.
Read full review
Show 10 more reviews (out of 363)
 

Splunk Enterprise Security Cons review quotes

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 3, 2015
Operational workflow, use case framework, and ticketing systems need improvement to make it suitable for SOC environments.
Read full review
it_user174663 - PeerSpot reviewer
it_user174663
Systems/Applications Specialist with 201-500 employees
Feb 19, 2015
It can be easier to setup and adding new sources which Splunk are improving with every new version.
Read full review
it_user313119 - PeerSpot reviewer
it_user313119
Integration Architect at a manufacturing company with 1,001-5,000 employees
Sep 21, 2015
I've ever used it, just studied it.
Read full review
Buyer's Guide
Splunk Enterprise Security
April 2026
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
892,287 professionals have used our research since 2012.
implemen269433 - PeerSpot reviewer
implemen269433
Technical Director at a consultancy with 11-50 employees
May 7, 2017
Visualizations can improve. There are some performance and stability issues with the visualization layer.
Read full review
it_user363165 - PeerSpot reviewer
it_user363165
Products Manager at a tech services company with 5,001-10,000 employees
May 7, 2017
The GUI should be improved, in other words, the overall appearance.
Read full review
it_user664626 - PeerSpot reviewer
it_user664626
Business Analyst at a retailer with 10,001+ employees
May 14, 2017
VMware and security device integration looks a bit complex.
Read full review
it_user594183 - PeerSpot reviewer
it_user594183
Security Engineer at a retailer with 10,001+ employees
May 14, 2017
Scalability is always a question for this product.
Read full review
it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that.
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc.
Read full review
JN
jorgenoguerah
IT Infrastructure Architect at a tech company with 201-500 employees
May 17, 2017
It needs documentation, and "how-to-do" information. It's complicated to build reports and views.
Read full review
Show 10 more reviews (out of 363)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
SentinelOne Singularity Endpoint vs Splunk Enterprise Security Logo
SentinelOne Singularity Endpoint vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
IBM Turbonomic vs Splunk Enterprise Security Logo
IBM Turbonomic vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
SentinelOne Singularity Endpoint vs Splunk Enterprise Security Logo
SentinelOne Singularity Endpoint vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
IBM Turbonomic vs Splunk Enterprise Security Logo
IBM Turbonomic vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
See all alternatives
Related questions
  • 107
Which would you recommend to your boss, IBM QRadar or Splunk?
  • 50
What are some of the best features and use-cases of Splunk?
  • 141
What SOC product do you recommend?
  • 78
Splunk as an Enterprise Class monitoring solution -- thoughts?
  • 451
What is the biggest difference between Dynatrace and Splunk?
  • 117
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 54
What are the advantages of ELK over Splunk?
  • 101
How does Splunk compare with Azure Monitor?
  • 49
New risk scoring framework in the Splunk App for Enterprise Security -- thoughts?
  • 70
Splunk vs. Elastic Stack