IT Central Station is now PeerSpot: Here's why
Tech Lead Security at a comms service provider with 51-200 employees
Real User
Top 5Leaderboard
A great product with good indexing and data collection capabilities
Pros and Cons
  • "The indexing and data collection are valuable."
  • "Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."

What is our primary use case?

I used it in the SOC environment to get logs, create dashboards, and filter out data.

What is most valuable?

The indexing and data collection are valuable. 

What needs improvement?

Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better. Their sales support and tech support need improvement. Their support is really bad.

For how long have I used the solution?

I used it for nearly one year in my previous organization. I last used it about seven months ago.
Buyer's Guide
Splunk
June 2022
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
608,010 professionals have used our research since 2012.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

Its scalability is good.

How are customer service and support?

Their sales support and tech support are really bad. They take really long to respond.

Which solution did I use previously and why did I switch?

We were using AlienVault. We switched because we weren't really happy with it. So, we looked into different solutions, such as Splunk.

How was the initial setup?

Its initial setup was okay.

What about the implementation team?

We did it ourselves. We had around two people for deployment and maintenance, but we had around 15 users. They all were SOC people.

What's my experience with pricing, setup cost, and licensing?

We had a yearly subscription.

What other advice do I have?

I can recommend this solution to others. It is a great product.  I would rate it an eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Telecom Tech at a university with 501-1,000 employees
Real User
Easy to configure with user-friendly alerts and good search functionality
Pros and Cons
  • "We can easily configure things as required in relation to our use cases."
  • "From the commercial point of view, they have to bring down their costs."

What is most valuable?

We enjoy the whole solution. It is meeting our requirements, especially the SIM solution. 

The alerts are very user-friendly.

We can easily configure things as required in relation to our use cases.

The search functionality is good. It works like Google. 

Onboarding is quite easy.

The scalability is good.

Product-wise, the performance is good. 

What needs improvement?

From the commercial point of view, they have to bring down their costs. It's a bit pricey right now. The license is quite expensive. 

Much like the SOAR platform, which has security, orchestration, and automation response, all of that should be part of the SIM solution itself. Currently, it is actually separated.  We understand that we have to integrate a SIM with a SOAR platform, however, if they could combine these two products together, that would be ideal. It would make things easy to implement and make more automation possible to avoid false-positive alerts.

For how long have I used the solution?

We've been using the solution for the last four years. It's been a while. 

What do I think about the stability of the solution?

The performance is good. It's stable. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The scalability of the solution is very good. If a company needs to expand, it can do so. It's easy.

What's my experience with pricing, setup cost, and licensing?

The solution can be expensive. It's not cheap.

What other advice do I have?

We are customers and end-users. 

I'd rate the solution at a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Splunk
June 2022
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
608,010 professionals have used our research since 2012.
Presales IT at a tech services company with 201-500 employees
MSP
Top 20
Good product that satisfies our customers

What is our primary use case?

Our company is an IT service provider. We are resellers of Splunk. One of our clients that we monitor is a laboratory that uses this solution.

Splunk is a change management solution. We use the solution as a log collector, and to analyze and provide alerts from the IT instructor.

What is most valuable?

The product is good, it satisfies our customers.

What needs improvement?

The price of Splunk is too high for our market.

For how long have I used the solution?

Our company has been a reseller of Splunk for less than six months.

What do I think about the stability of the solution?

Splunk is stable.

What do I think about the scalability of the solution?

This is a scalable solution.

How are customer service and support?

We have had no concerns with customer service.

How was the initial setup?

The initial setup of Splunk is somewhat difficult because it was our first time implementing the solution. It was a similar situation to implementing other CM tools like FortiSIEM.

What about the implementation team?

Splunk required two engineers to implement, and we will add another one to maintain the solution.

What's my experience with pricing, setup cost, and licensing?

The prices are complicated as we operate in a small third-world country.

Which other solutions did I evaluate?

We give support for VMware and other technologies. We purchased Splunk because our customers were asking for our services to take control of the implementation from another company.

What other advice do I have?

If you are considering Splunk and you like what you are seeing; my advice would be to go for it.

I would rate Splunk an 8 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Arpan Balpande - PeerSpot reviewer
Senior Information Technology System Analyst at YASH Technologies
Real User
Top 20
Impressive UI, many useful features, and very scalable, but needs alerting feature and better pricing and integration
Pros and Cons
  • "There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive."
  • "Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."

What is most valuable?

There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive.

What needs improvement?

Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. 

The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature.

A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable.

I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure.

For how long have I used the solution?

I have been using this solution for almost two years. I am using its latest version.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

Splunk is definitely scalable.

How are customer service and technical support?

I have not interacted with them. Another team is taking care of raising tickets with their technical support.

How was the initial setup?

It is quite simple.

What's my experience with pricing, setup cost, and licensing?

Its pricing model can be improved.

What other advice do I have?

A few years ago, I would have definitely recommended Splunk, but nowadays, better alternatives are available. We are currently exploring a few other alternatives, so I won't recommend Splunk as of now.

I would rate Splunk a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Professional at a tech services company with 501-1,000 employees
Real User
Top 20
Good data analysis and visualizations, absolutely stable, and scalable
Pros and Cons
  • "The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good."
  • "It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect."

What is our primary use case?

We are using it for security information and event management (SIEM). We have started to use Splunk recently, and we are in the implementation phase as of now.

What is most valuable?

The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good.

What needs improvement?

It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect.

For how long have I used the solution?

I have been using this solution for a couple of months.

What do I think about the stability of the solution?

It is absolutely stable.

What do I think about the scalability of the solution?

It is scalable. We have approximately 25 users.

How was the initial setup?

It was easy to install. Its configuration and development are the critical parts, and there are a limited number of people in the market with such a skill set. It takes some time to find people with the right skill set and get it implemented properly. It took approximately three months.

What about the implementation team?

I have a team of a few Splunk consultants who are currently managing it for me. For a mid-sized organization, at least 15 persons are required to manage the entire Splunk instance.

What other advice do I have?

I would recommend this solution to others. I would rate Splunk an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sr. IT Manager at a government with 10,001+ employees
Real User
Top 5Leaderboard
Log aggregation helps us quickly detect widespread threats, but it can be resource-heavy
Pros and Cons
  • "The most valuable feature is the log aggregation, being able to scan through all of the logs."
  • "Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."

What is our primary use case?

We use Splunk for log analysis and security monitoring.

How has it helped my organization?

Splunk allows us to look at logs from different groups within NIH and see if there's a widespread threat or issue.

What is most valuable?

The most valuable feature is the log aggregation, being able to scan through all of the logs.

What needs improvement?

Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for.

In the next release of this product, I would like to see it offer more recommendations as to what needs to be done.

For how long have I used the solution?

We have been using Splunk for between two and three years.

What do I think about the stability of the solution?

In terms of stability, the product seems to work just fine. We haven't had any problems with it.

What do I think about the scalability of the solution?

It can be somewhat of a resource hog; some of the scans can take a while. We do plan to increase our usage in the future.

How are customer service and technical support?

Technical support for Splunk is good.

How was the initial setup?

The initial setup is relatively straightforward.

What about the implementation team?

There were consultants involved in the deployment.

What other advice do I have?

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Matheus Nery - PeerSpot reviewer
Data Scientist at a tech vendor with 201-500 employees
Real User
Top 10
Offers the ability to analyse huge amounts of sales data and accurate prediction of sales forecasting

What is our primary use case?

We use a lot of sales metrics. We use machine learning models to provide sales forecasting. We create database connections and run a query on the database. The next step is to place the data into Splunk. We create indexes to get the data into the Splunk dashboard.

What is most valuable?

The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature. 

What needs improvement?

Splunk needs to be able to hold more days of data. At the moment it only holds three months of data. It needs more views and colors within the dashboard and the ability to have the flexibility to create a user-defined panel.

For how long have I used the solution?

We have been using Splunk for a year. 

What do I think about the stability of the solution?

The stability of Splunk is good enough.

What do I think about the scalability of the solution?

I think it's good, other than the ability to hold more than three months of data is lacking.

How was the initial setup?

The setup of Splunk was easy.

What about the implementation team?

There are six people in my team working with Splunk. I am not sure about other users, but we are a mix of data scientists, data engineers, software engineers, IT, and software engineers.

What other advice do I have?

I would rate Splunk as 8 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Engineer at a computer software company with 1,001-5,000 employees
Real User
Highly stable, built-in workflows, and good support

What is our primary use case?

There are many use cases for Splunk, we commonly use it for log management and analytics.

What is most valuable?

The most valuable feature of Splunk is the management and built-in workflows.

What needs improvement?

The analytics of Splunk could be improved.

For how long have I used the solution?

I have been using Splunk for approximately four years.

What do I think about the stability of the solution?

Splunk is a highly stable solution.

What do I think about the scalability of the solution?

I have found Splunk to be scalable.

We have 15 members of our organization that use this solution.

How are customer service and support?

We used to support a few times and our experience was good. 

I would rate the support from Splunk a four out of five.

Which solution did I use previously and why did I switch?

I have previously used RSA and I prefer Splunk.

How was the initial setup?

The implementation of slunk is not straightforward. It is of a moderate difficulty level.

What about the implementation team?

We used an integrator to do the implementation.

What's my experience with pricing, setup cost, and licensing?

There is an annual license required to use this solution.

Which other solutions did I evaluate?

I have evaluated other solutions, such as IBM QRadar.

What other advice do I have?

This solution has good technology.

I rate Splunk an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2022
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros sharing their opinions.