Try our new research platform with insights from 80,000+ expert users
Splunk User Behavior Analytics Logo

Splunk User Behavior Analytics pros and cons

Vendor: Splunk
4.1 out of 5
Badge Leader
Leave a review

Pros & Cons summary

Splunk User Behavior Analytics excels in searching large data volumes and analyzing complex attack vectors. Notable features include data aggregation, threat identification, and recommended actions, along with advanced analytics, data correlation, and effective dashboards. Its integration with various vendors aids adaptability. Despite its higher price than competitors and setup complexity, improved correlation rules and simplified analytics are desirable. Occasional bugs and high data ingestion costs pose challenges for enterprises.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk User Behavior Analytics excels in data aggregation, automatic threat identification, and recommending actions.
Splunk is highly scalable, allowing users to frequently expand their usage.
Its advanced analytics and data correlation detect patterns, anomalies, and security threats efficiently.
Features such as alerts and auto report generation add significant value.
The integration with other vendors and the ability to query large data sets highlight its versatility and utility.

CONS

There are occasional bugs, and the initial setup can be complex due to required customization.
Scaling Splunk User Behavior Analytics on-premise is challenging, and high costs make it less competitive against alternatives like ArcSight and LogRhythm.
The correlation engine needs more persistent and definable rules, as well as additional built-in searches and use cases informed by global customer experiences.
Advanced reporting is affected by latency and configuration challenges during lexical analysis, and storage model enhancements are necessary.
The machine learning algorithm, central to Splunk User Behavior Analytics, requires updates for improved functionality across features.
 

Splunk User Behavior Analytics Pros review quotes

NS
Aug 18, 2019
This intelligent user behavior analytics package is easy to configure and use while remaining feature filled.
Read full review
SK
Jun 18, 2025
The best features in Splunk User Behavior Analytics include anomaly detection, behavioral profiling, and risk scoring and prioritization functionality.
Read full review
AE
Aug 13, 2019
It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
September 2025
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
871,469 professionals have used our research since 2012.
BD
May 5, 2023
We are really pleased with Splunk and its features. It would be practically impossible to function without it. To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential.
Read full review
reviewer1418904 - PeerSpot reviewer
Sep 21, 2020
The product is at the forefront of auto-remediation networking. It's great.
Read full review
AT
Aug 19, 2019
The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk.
Read full review
Informat0a7b - PeerSpot reviewer
Mar 11, 2019
The most valuable feature is the ability to search through a large amount of data.
Read full review
Director5e75 - PeerSpot reviewer
May 9, 2019
The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus.
Read full review
reviewer1934946 - PeerSpot reviewer
Aug 22, 2022
It's easily scalable.
Read full review
SivaKuppala - PeerSpot reviewer
Mar 25, 2025
Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats.
Read full review
Show 10 more reviews (out of 25)
 

Splunk User Behavior Analytics Cons review quotes

NS
Aug 18, 2019
The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need.
Read full review
SK
Jun 18, 2025
A disadvantage is that it can lead to cost overrun if not properly factored or governed.
Read full review
AE
Aug 13, 2019
The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
September 2025
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
871,469 professionals have used our research since 2012.
BD
May 5, 2023
If the price was lowered and the setup process was less complex, I would consider rating it higher.
Read full review
reviewer1418904 - PeerSpot reviewer
Sep 21, 2020
Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.
Read full review
AT
Aug 19, 2019
They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases.
Read full review
reviewer1934946 - PeerSpot reviewer
Aug 22, 2022
We'd like the ability to do custom searches.
Read full review
SivaKuppala - PeerSpot reviewer
Mar 25, 2025
High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.
Read full review
Ahmed Naguib - PeerSpot reviewer
Aug 22, 2025
The machine learning algorithm in Splunk User Behavior Analytics is actually the core thing that needs to be updated because this feeds all the other functions inside it.
Read full review
AnupChapalgaonkar - PeerSpot reviewer
Dec 20, 2024
In terms of improvements, advanced reporting could see enhancements as there are some issues with latency.
Read full review
Show 10 more reviews (out of 23)

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics Logo
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
See all alternatives

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Fortinet FortiGate vs Splunk User Behavior Analytics Logo
Fortinet FortiGate vs Splunk User Behavior Analytics
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Varonis Platform vs Splunk User Behavior Analytics Logo
Varonis Platform vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics Logo
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics Logo
Proofpoint Insider Threat Management vs Splunk User Behavior Analytics
See all alternatives
Related questions
  • 38
Which is the best UEBA solution?
  • 10
Viable, Cost-Effective Competitors to Rapid7 InsightIDK
  • 118
What is your recommended cost-effective solution to detect and prevent APT attacks?
  • 29
Looking for recommendations and a pros/cons template for software to detect insider threats
  • 62
What are the main differences between UEBA and SIEM solutions?
  • 9
Monitoring Web Hosted Servers for unwanted guests
  • 105
Why is User Entity Behavior Analytics - UEBA important for companies?
  • 11
When evaluating User Behavior Analytics, what aspect do you think is the most important to look for?
  • 12
Which is the best User Entity Behavior Analytics (UEBA) solution?
  • 10
What are the different types of insider threats that UEBA solutions help to detect?