Try our new research platform with insights from 80,000+ expert users
Splunk Enterprise Security Logo

Splunk Enterprise Security pros and cons

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk Enterprise Security excels in log aggregation and data analysis, enhancing threat detection with its correlation capabilities and risk-based alerting. Seamlessly integrating with third-party applications, it supports business resilience. Administration is command-line based, requiring SSH. User access lacks granularity, and support response times are slow. High cost and complex licensing pose challenges, while setup demands expertise. These aspects may influence tech buyers considering its adoption.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk Enterprise Security excels in log aggregation, allowing organizations to manage and analyze vast amounts of data efficiently.
Its correlation capabilities enable users to link various data sources and identify patterns or incidents, enhancing threat detection and response.
Risk-based alerting in Splunk Enterprise Security provides intelligence by prioritizing alerts, filtering out noise, and streamlining incident management.
The software easily integrates with a wide range of third-party applications, enhancing data collection and analysis processes.
Splunk Enterprise Security supports business resilience with advanced threat detection and efficient use case development.

CONS

Administration is largely command-line based, with limited GUI tools, requiring SSH access for cluster and app deployment.
User access control lacks granularity, hindering precise control over feature access like dashboards.
Technical support response times are slow, often necessitating follow-ups and escalations.
High cost and complex licensing model can be prohibitive, especially for organizations with expansive data processing needs.
Initial setup and integration processes are complicated, demanding significant expertise and resources.
 

Splunk Enterprise Security Pros review quotes

it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The speed of the search engine
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The data representation options in the dashboards are excellent.
Read full review
it_user250131 - PeerSpot reviewer
it_user250131
Information Architect at a financial services firm with 5,001-10,000 employees
May 17, 2017
Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value.
Read full review
Buyer's Guide
Splunk Enterprise Security
December 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
880,901 professionals have used our research since 2012.
it_user635271 - PeerSpot reviewer
it_user635271
Foundation Technology Specialist at a insurance company with 1,001-5,000 employees
May 26, 2017
The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature.
Read full review
it_user575310 - PeerSpot reviewer
it_user575310
Engineer, Infrastructure Applications at a healthcare company with 1,001-5,000 employees
Jun 1, 2017
The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data.
Read full review
it_user399819 - PeerSpot reviewer
it_user399819
Security Architect at a energy/utilities company with 1,001-5,000 employees
Jun 4, 2017
Ease of correlation, creating correlation searches are easy and you can combine multiple sources with little effort
Read full review
it_user525171 - PeerSpot reviewer
it_user525171
Specialist Master, Cyber Risk at a tech vendor with 10,001+ employees
Jun 15, 2017
Splunk gives my clients the ability to bring multiple, disparate types of data together, then correlate and report on them.
Read full review
it_user257376 - PeerSpot reviewer
it_user257376
Lead Splunk Architect at a financial services firm with 10,001+ employees
Jun 19, 2017
It allows the centralization of data and makes possible new sorts of correlations that were previously impossible using traditional SIEMs such as ArcSight or QRadar.
Read full review
it_user126027 - PeerSpot reviewer
it_user126027
Owner with 1-10 employees
Jun 25, 2017
To get visibility from your network devices, servers, and security devices is a great feature.
Read full review
it_user717477 - PeerSpot reviewer
it_user717477
Account Manager at a tech services company with 10,001+ employees
Jan 16, 2019
Deployment server for deploying changes in one go.
Read full review
Show 10 more reviews (out of 339)
 

Splunk Enterprise Security Cons review quotes

it_user664632 - PeerSpot reviewer
it_user664632
Senior IT Security Operations at a pharma/biotech company with 10,001+ employees
May 14, 2017
The administration of the cluster and app deployment to indexers or search heads can be done only using ssh access and command line, there is no GUI tools for that.
Read full review
it_user664635 - PeerSpot reviewer
it_user664635
Performance Consultant at a tech services company with 10,001+ employees
May 14, 2017
The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc.
Read full review
it_user250131 - PeerSpot reviewer
it_user250131
Information Architect at a financial services firm with 5,001-10,000 employees
May 17, 2017
We usually have to follow up with technical support on our open cases.
Read full review
Buyer's Guide
Splunk Enterprise Security
December 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
DOWNLOAD NOW
880,901 professionals have used our research since 2012.
it_user635271 - PeerSpot reviewer
it_user635271
Foundation Technology Specialist at a insurance company with 1,001-5,000 employees
May 26, 2017
It is a challenge to manage the environment in such a way, that one’s log, even with the bandwidth license, isn’t exceeded.
Read full review
it_user575310 - PeerSpot reviewer
it_user575310
Engineer, Infrastructure Applications at a healthcare company with 1,001-5,000 employees
Jun 1, 2017
It requires a significant amount of relatively complex architecture once you push past the single server instance.
Read full review
it_user399819 - PeerSpot reviewer
it_user399819
Security Architect at a energy/utilities company with 1,001-5,000 employees
Jun 4, 2017
The GUI can be improved to include some of the capabilities that other BI solutions have.
Read full review
it_user525171 - PeerSpot reviewer
it_user525171
Specialist Master, Cyber Risk at a tech vendor with 10,001+ employees
Jun 15, 2017
The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating.
Read full review
it_user257376 - PeerSpot reviewer
it_user257376
Lead Splunk Architect at a financial services firm with 10,001+ employees
Jun 19, 2017
Adding custom visualization in Splunk has been improved over the years but can still be made better by integrating more and more JavaScript visualization sources.
Read full review
it_user126027 - PeerSpot reviewer
it_user126027
Owner with 1-10 employees
Jun 25, 2017
Better directions on search head clusters.
Read full review
it_user717477 - PeerSpot reviewer
it_user717477
Account Manager at a tech services company with 10,001+ employees
Jan 16, 2019
Professional support is great, but too expensive.
Read full review
Show 10 more reviews (out of 339)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Cribl vs Splunk Enterprise Security Logo
Cribl vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
See all alternatives
Related questions
  • 55
Which would you recommend to your boss, IBM QRadar or Splunk?
  • 30
What are some of the best features and use-cases of Splunk?
  • 90
What SOC product do you recommend?
  • 22
Splunk as an Enterprise Class monitoring solution -- thoughts?
  • 824
What is the biggest difference between Dynatrace and Splunk?
  • 85
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 24
What are the advantages of ELK over Splunk?
  • 60
How does Splunk compare with Azure Monitor?
  • 13
New risk scoring framework in the Splunk App for Enterprise Security -- thoughts?
  • 33
Splunk vs. Elastic Stack