Try our new research platform with insights from 80,000+ expert users
Splunk Enterprise Security Logo

Splunk Enterprise Security pros and cons

Vendor: Splunk
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Splunk Enterprise Security handles extensive data effectively and provides quick insights through logging and source correlation, enhancing threat detection and response. Its scalability supports seamless infrastructure integration, improving resilience with prioritized alerts for efficient investigations. Despite strong support and use cases, its high cost, complexity, lengthy learning curve, reliance on third-party threat intelligence, and performance issues with large datasets pose challenges for users, with costly professional support often required due to intricate setup and operation.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk Enterprise Security offers robust log management and aggregation capabilities, efficiently handling and retaining logs for extended periods.
Splunk Enterprise Security excels in threat detection, investigation, and response, enabling rapid identification of critical issues.
The integration capabilities of Splunk Enterprise Security allow seamless data correlation from various sources, enhancing overall business resilience.
Splunk Enterprise Security's risk-based alerting feature provides intelligent prioritization of alerts, improving the ability to identify and respond to potential threats.
Splunk Enterprise Security offers flexible and scalable data ingestion, supporting diverse data sources and formats, enhancing the organization's data analysis capabilities.

CONS

Splunk Enterprise Security's complexity makes it challenging for beginners to grasp its full functionality, leading to a steep learning curve.
The cost associated with Splunk Enterprise Security is high, and many users express concerns about the licensing model and overall expenses.
Technical support for Splunk Enterprise Security often faces criticism for response time delays and the quality of assistance provided.
There is a need for more seamless integration with other cloud services, as the current process can be complex and time-consuming.
Challenges exist in managing data onboarding and integration, especially when dealing with diverse and numerous data sources.
 

Splunk Enterprise Security Pros review quotes

Rishabh Gandhi - PeerSpot reviewer
Sep 6, 2023
Our clients use the solution to find any threats or vulnerabilities inside their environment.
Read full review
Ahmed Al-Nabhani - PeerSpot reviewer
Feb 15, 2024
Splunk has been recognized by Gartner as a leader in providing visibility for observability and monitoring across various platforms, including physical, virtual, and container environments, for several years.
Read full review
SC
Aug 11, 2023
The most valuable features include agility and Splunk Enterprise Security's ability to quickly search for alerted items, as well as the capacity to create custom alerts using the SQL language employed by Splunk.
Read full review
Buyer's Guide
Splunk Enterprise Security
September 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
869,952 professionals have used our research since 2012.
reviewer953235 - PeerSpot reviewer
Dec 22, 2021
The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly.
Read full review
reviewer2309169 - PeerSpot reviewer
Nov 13, 2023
The best part of Splunk Enterprise Security is its customizable settings.
Read full review
reviewer2499732 - PeerSpot reviewer
Jun 13, 2024
It is lovely to have everything we need in one tool. Everything is quite centralized.
Read full review
reviewer2382405 - PeerSpot reviewer
Mar 22, 2024
Splunk Enterprise Security allows us to create custom dashboards by changing fonts and modifying widgets.
Read full review
reviewer2182467 - PeerSpot reviewer
May 11, 2023
The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions.
Read full review
reviewer2499627 - PeerSpot reviewer
Jun 12, 2024
The most valuable feature of Splunk Enterprise Security is the threat intelligence integration because essentially having to go out and correlate all the data on our own becomes convoluted.
Read full review
Daniel Hammons - PeerSpot reviewer
Jun 13, 2024
The incident review pane is the best part of it because that is where the SOC lives. It is the heartbeat of what the SOC needs to do. You are able to start the investigative process. As you are sitting in the incident review pane, you see the alert, and from that one alert, which is called a notable alert, you can drill in and see all the different specific details that are tied to that.
Read full review
Show 10 more reviews (out of 335)
 

Splunk Enterprise Security Cons review quotes

Rishabh Gandhi - PeerSpot reviewer
Sep 6, 2023
It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department.
Read full review
Ahmed Al-Nabhani - PeerSpot reviewer
Feb 15, 2024
I'd like a dashboard that allows me to connect elements through drag-and-drop functionality.
Read full review
SC
Aug 11, 2023
Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment.
Read full review
Buyer's Guide
Splunk Enterprise Security
September 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
869,952 professionals have used our research since 2012.
reviewer953235 - PeerSpot reviewer
Dec 22, 2021
Their technical support sucks.
Read full review
reviewer2309169 - PeerSpot reviewer
Nov 13, 2023
Splunk Enterprise Security has not helped reduce our alert volume.
Read full review
reviewer2499732 - PeerSpot reviewer
Jun 13, 2024
Splunk Enterprise Security provides us with the relevant context to help guide our investigations, but it would be interesting to add even more context, for instance, in order to raise the level of risk.
Read full review
reviewer2382405 - PeerSpot reviewer
Mar 22, 2024
I've noticed that onboarding data from various multi-cloud sources and diverse products, such as security network devices, can be challenging.
Read full review
reviewer2182467 - PeerSpot reviewer
May 11, 2023
It is important to make sure that everything is built off of the threat models and all the underlying items within Splunk.
Read full review
reviewer2499627 - PeerSpot reviewer
Jun 12, 2024
For us, the area that Splunk Enterprise Security can improve is performance optimization.
Read full review
Daniel Hammons - PeerSpot reviewer
Jun 13, 2024
Being able to have a one-stop shop where you have the alert, but then you can generate the case right there from Splunk Enterprise Security instead of having to pivot to another tool such as Mission Control. You do not have to keep bouncing between them, so if you could do it all in one place, that would be great. The new release is supposed to start getting in that direction.
Read full review
Show 10 more reviews (out of 333)

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
Cortex XSIAM vs Splunk Enterprise Security Logo
Cortex XSIAM vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
See all alternatives

Product Categories

Product Categories
Security Information and Event Management (SIEM)
Log Management
IT Operations Analytics

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Splunk Enterprise Security Logo
CrowdStrike Falcon vs Splunk Enterprise Security
Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Microsoft Sentinel vs Splunk Enterprise Security Logo
Microsoft Sentinel vs Splunk Enterprise Security
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
New Relic vs Splunk Enterprise Security Logo
New Relic vs Splunk Enterprise Security
Elastic Security vs Splunk Enterprise Security Logo
Elastic Security vs Splunk Enterprise Security
Grafana Loki vs Splunk Enterprise Security Logo
Grafana Loki vs Splunk Enterprise Security
Splunk AppDynamics vs Splunk Enterprise Security Logo
Splunk AppDynamics vs Splunk Enterprise Security
Elastic Observability vs Splunk Enterprise Security Logo
Elastic Observability vs Splunk Enterprise Security
Graylog Enterprise vs Splunk Enterprise Security Logo
Graylog Enterprise vs Splunk Enterprise Security
Security Onion vs Splunk Enterprise Security Logo
Security Onion vs Splunk Enterprise Security
Cortex XSIAM vs Splunk Enterprise Security Logo
Cortex XSIAM vs Splunk Enterprise Security
Palantir Foundry vs Splunk Enterprise Security Logo
Palantir Foundry vs Splunk Enterprise Security
See all alternatives
Related questions
  • 48
Which would you recommend to your boss, IBM QRadar or Splunk?
  • 30
What are some of the best features and use-cases of Splunk?
  • 109
What SOC product do you recommend?
  • 19
Splunk as an Enterprise Class monitoring solution -- thoughts?
  • 1,476
What is the biggest difference between Dynatrace and Splunk?
  • 60
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 24
What are the advantages of ELK over Splunk?
  • 67
How does Splunk compare with Azure Monitor?
  • 10
New risk scoring framework in the Splunk App for Enterprise Security -- thoughts?
  • 36
Splunk vs. Elastic Stack