Splunk User Behavior Analytics Primary Use Case
SK
Siva Kuppala
Enterprise Architect at Wipro Limited
The main use cases for Splunk User Behavior Analytics include threat detection. I detect insider threats, compromised users, account misuse, and all those things. I use unsupervised and supervised ML models. The risk scoring is another feature I use with categories. I assign risk scores to users and entities. I also do the integration with Splunk because Splunk User Behavior Analytics natively integrates with Splunk Enterprise. I build timeline visualizations, threat timelines, and event linkage. I also perform alert prioritization and threat-related prioritization based on trends.
View full review »The focus is on applications and their behavior. For example, some edits might lead to unusual behavior. Based on these observations, I have made use of the solution.
View full review »We use Splunk User Behavior Analytics for log analysis, monitoring, security management, and creating dashboards. We utilize it for Citrix monitoring dashboards, where we integrate Citrix with Splunk to create performance dashboards specific to session details and resource usage. We also use it for monitoring user experience metrics.
View full review »Buyer's Guide
Splunk User Behavior Analytics
June 2025

Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,481 professionals have used our research since 2012.
I use Splunk User Behavior Analytics for SAML authentication, behavior analysis, and integration purposes. Integration allows me to identify version controls in CRM systems and analyze remote users. Additionally, I use it for streaming and machine learning kit integration, focusing on behavior analysis.
View full review »MH
Mohammed Hassan
Regional Director at iSecureMind
I am a service provider and reseller. We have been working with Splunk User Behavior Analytics for ten months. Our company, as a system integrator, works with customers in government, banking, fintechs, and SMBs.
View full review »I recommend it to my customers, but I'm a salesman. I am not implementing it myself.
View full review »BD
BertDrijver
Consultant at Kienia
We introduced this solution to our customers and requested some dashboards, analytics, statistics, and information to be available through Splunk. However, I'm not proficient in the details and queries.
We work at the airport and operate at various levels of management to ensure the quality of products and applications.
We monitor the transportation of suitcases, the number of errors in applications, the number of incorrect log-ins, the number of users, and other statistics.
System management, includes monitoring system behavior, memory size, memory usage, schedules, and analyzing what happened.
It also involves network monitoring for messages that impact systems and specific applications, including downtime and performance issues. The level of involvement and responsibility varies based on an individual's role within the company.
View full review »MM
Mohammed Maaz
Software Engineer IAM at Mercedes-Benz Canada Inc.
The solution helps us with the governance of attacks. We use the solution for threat identification and governance. The solution's use cases depend on the logs we ship to them because we ship all the logs of different products.
View full review »We have an application running for our e-commerce site, and we use Splunk primarily to detect anomalous behavior like false orders and other bot-related threats. Splunk helps us analyze and eliminate threats using machine learning.
View full review »We do technical training and so we do training on the platform. We deploy it on our lab machines for students.
View full review »We use the solution to feed telemetry data from the network into the collective for display-only. We haven't yet come to a point where we have decided on the process of the status for subsequent operational automation.
View full review »NS
Genrlmgr67
Senior Security Engineer at a government with 1,001-5,000 employees
Our primary use is intrusion detection and analysis. It is a great product because it is intelligent and does everything for us.
View full review »AE
Securityps67
Security PS Supervisor at a tech services company with 1,001-5,000 employees
The solution has two main uses. The primary use is for log management and storage. The secondary use is related to solution log coordination and selection.
View full review »We are a cybersecurity vendor and Splunk is the main product that we work with. We are predominantly a Splunk shop. We sell security solutions, so our primary use case for Splunk UBA is security.
View full review »AK
Anton Kudin
CISO at a financial services firm with 201-500 employees
Our main use of this solution is threat intelligence and we are very satisfied with it, as it is exactly what we need in our situation.
View full review »Splunk has features that no other solutions have. We work in organizations that have a big volume of data. Our primary use case of this solution is for indexing. The best solution that we found that could fit our needs was Splunk.
View full review »AT
Ali Tamimi
Managing Director at Hayyan Horizons
We primarily use this solution for security.
View full review »The primary use case for this solution is to collect data from multiple different sources to be able to use it to proactively prevent damages.
View full review »We use this product to support our operations.
View full review »We are performing a couple of integrations with other products.
We are using the latest version that is available.
View full review »Threat hunting is our primary use case.
View full review »We have been using it for performing analytics for the logs.
We resell it to our customers. We are also using the tool so that we can build more use cases for our clients. We basically look into understanding how it is performing analytics with Office 365 and how it is correlating those things.
View full review »CO
Camilo Orellana
Head of cybersecurity at NOVARED SA
Four technicians in our company work within the active directory to look for compartmental behaviors associated with users and conduct analytics like clustering, grouping, and searching.
View full review »Buyer's Guide
Splunk User Behavior Analytics
June 2025

Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,481 professionals have used our research since 2012.