Try our new research platform with insights from 80,000+ expert users

Splunk User Behavior Analytics Primary Use Case

SK
Enterprise Architect at Wipro Limited

The main use cases for Splunk User Behavior Analytics include threat detection. I detect insider threats, compromised users, account misuse, and all those things. I use unsupervised and supervised ML models. The risk scoring is another feature I use with categories. I assign risk scores to users and entities. I also do the integration with Splunk because Splunk User Behavior Analytics natively integrates with Splunk Enterprise. I build timeline visualizations, threat timelines, and event linkage. I also perform alert prioritization and threat-related prioritization based on trends.

View full review »
Subhayu Chakraborty - PeerSpot reviewer
System Engineer at Infosys

The focus is on applications and their behavior. For example, some edits might lead to unusual behavior. Based on these observations, I have made use of the solution.

View full review »
SivaKuppala - PeerSpot reviewer
Enterprise Architect at Wipro Limited

We use Splunk User Behavior Analytics for log analysis, monitoring, security management, and creating dashboards. We utilize it for Citrix monitoring dashboards, where we integrate Citrix with Splunk to create performance dashboards specific to session details and resource usage. We also use it for monitoring user experience metrics.

View full review »
Buyer's Guide
Splunk User Behavior Analytics
June 2025
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,481 professionals have used our research since 2012.
AnupChapalgaonkar - PeerSpot reviewer
Cloud Solution Architect at Tech Mahindra Limited

I use Splunk User Behavior Analytics for SAML authentication, behavior analysis, and integration purposes. Integration allows me to identify version controls in CRM systems and analyze remote users. Additionally, I use it for streaming and machine learning kit integration, focusing on behavior analysis.

View full review »
MH
Regional Director at iSecureMind

I am a service provider and reseller. We have been working with Splunk User Behavior Analytics for ten months. Our company, as a system integrator, works with customers in government, banking, fintechs, and SMBs.

View full review »
Hamada-Elewa - PeerSpot reviewer
Cyber Security Technical Sales Manager at Raia

I recommend it to my customers, but I'm a salesman. I am not implementing it myself.

View full review »
BD
Consultant at Kienia

We introduced this solution to our customers and requested some dashboards, analytics, statistics, and information to be available through Splunk. However, I'm not proficient in the details and queries.

We work at the airport and operate at various levels of management to ensure the quality of products and applications. 

We monitor the transportation of suitcases, the number of errors in applications, the number of incorrect log-ins, the number of users, and other statistics. 

System management, includes monitoring system behavior, memory size, memory usage, schedules, and analyzing what happened. 

It also involves network monitoring for messages that impact systems and specific applications, including downtime and performance issues. The level of involvement and responsibility varies based on an individual's role within the company.

View full review »
MM
Software Engineer IAM at Mercedes-Benz Canada Inc.

The solution helps us with the governance of attacks. We use the solution for threat identification and governance. The solution's use cases depend on the logs we ship to them because we ship all the logs of different products.

View full review »
Sharath Chander - PeerSpot reviewer
Business Transformation specialist at a tech consulting company with 10,001+ employees

We have an application running for our e-commerce site, and we use Splunk primarily to detect anomalous behavior like false orders and other bot-related threats. Splunk helps us analyze and eliminate threats using machine learning. 

View full review »
reviewer1679841 - PeerSpot reviewer
Owner at a computer software company with 11-50 employees

We do technical training and so we do training on the platform. We deploy it on our lab machines for students.

View full review »
reviewer1418904 - PeerSpot reviewer
Global Engineer at a financial services firm with 10,001+ employees

We use the solution to feed telemetry data from the network into the collective for display-only. We haven't yet come to a point where we have decided on the process of the status for subsequent operational automation. 

View full review »
NS
Senior Security Engineer at a government with 1,001-5,000 employees

Our primary use is intrusion detection and analysis. It is a great product because it is intelligent and does everything for us.

View full review »
AE
Security PS Supervisor at a tech services company with 1,001-5,000 employees

The solution has two main uses. The primary use is for log management and storage. The secondary use is related to solution log coordination and selection.

View full review »
reviewer1276995 - PeerSpot reviewer
Sr. CyberSecurity Solutions Architect at a security firm with 11-50 employees

We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.

View full review »
AK
CISO at a financial services firm with 201-500 employees

Our main use of this solution is threat intelligence and we are very satisfied with it, as it is exactly what we need in our situation. 

View full review »
reviewer890208 - PeerSpot reviewer
Information Security Specialist at a financial services firm with 201-500 employees

Splunk has features that no other solutions have. We work in organizations that have a big volume of data. Our primary use case of this solution is for indexing. The best solution that we found that could fit our needs was Splunk.

View full review »
AT
Managing Director at Hayyan Horizons

We primarily use this solution for security.

View full review »
Director5e75 - PeerSpot reviewer
Director of Technology at a insurance company with 10,001+ employees

The primary use case for this solution is to collect data from multiple different sources to be able to use it to proactively prevent damages.

View full review »
Securityc88d - PeerSpot reviewer
Security Operations Center Manager

We use this product to support our operations.

View full review »
ITConsul6a61 - PeerSpot reviewer
IT Consultant at Red Hat

We are performing a couple of integrations with other products.

We are using the latest version that is available.

View full review »
Informat0a7b - PeerSpot reviewer
Information Security Manager at a financial services firm with 201-500 employees

Threat hunting is our primary use case.

View full review »
reviewer1934946 - PeerSpot reviewer
Network Security Engineer at a tech services company with 51-200 employees

We have been using it for performing analytics for the logs. 

We resell it to our customers. We are also using the tool so that we can build more use cases for our clients. We basically look into understanding how it is performing analytics with Office 365 and how it is correlating those things. 

View full review »
CO
Head of cybersecurity at NOVARED SA

Four technicians in our company work within the active directory to look for compartmental behaviors associated with users and conduct analytics like clustering, grouping, and searching. 

View full review »
Buyer's Guide
Splunk User Behavior Analytics
June 2025
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,481 professionals have used our research since 2012.