Try our new research platform with insights from 80,000+ expert users
Splunk User Behavior Analytics Logo

Splunk User Behavior Analytics pros and cons

Vendor: Splunk
4.1 out of 5
Badge Leader
644 followers
Start review

Pros & Cons summary

Splunk User Behavior Analytics offers scalability and flexibility for evolving business needs with advanced analytics for pattern and threat detection. Integration with other vendors extends its functionality, while powerful search and indexing aid data analysis. Users report challenges with setup complexity, high costs, and on-premise scalability. More correlation searches and automation for bot hunting are desired improvements. Despite these issues, its data aggregation and threat identification capabilities provide significant security insights.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Splunk User Behavior Analytics excels in data aggregation and automatic threat identification, suggesting recommended actions.
The integration capabilities with other vendors enhance its effectiveness in analyzing attack vectors and querying logs.
It offers exceptional scalability, regularly allowing users to scale up after installation.
Advanced analytics and data correlation are key strengths, aiding in detecting patterns, anomalies, and security threats.
Features such as anomaly detection, behavioral profiling, and risk scoring and prioritization are highly valuable.

CONS

Splunk User Behavior Analytics is expensive compared to competitors like ArcSight or LogRhythm, making it hard to sell to customers.
Scaling is challenging for on-premise deployments.
The initial setup is complex due to customization needs.
Advanced reporting suffers from latency issues.
High data ingestion costs can lead to cost overrun for large enterprises.
 

Splunk User Behavior Analytics Pros review quotes

NS
Aug 18, 2019
This intelligent user behavior analytics package is easy to configure and use while remaining feature filled.
Read full review
SK
Jun 18, 2025
The best features in Splunk User Behavior Analytics include anomaly detection, behavioral profiling, and risk scoring and prioritization functionality.
Read full review
AE
Aug 13, 2019
It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
June 2025
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
859,687 professionals have used our research since 2012.
BD
May 5, 2023
We are really pleased with Splunk and its features. It would be practically impossible to function without it. To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential.
Read full review
reviewer1418904 - PeerSpot reviewer
Sep 21, 2020
The product is at the forefront of auto-remediation networking. It's great.
Read full review
AT
Aug 19, 2019
The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk.
Read full review
Informat0a7b - PeerSpot reviewer
Mar 11, 2019
The most valuable feature is the ability to search through a large amount of data.
Read full review
Director5e75 - PeerSpot reviewer
May 9, 2019
The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus.
Read full review
reviewer1934946 - PeerSpot reviewer
Aug 22, 2022
It's easily scalable.
Read full review
SivaKuppala - PeerSpot reviewer
Mar 25, 2025
Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats.
Read full review
Show 10 more reviews (out of 24)
 

Splunk User Behavior Analytics Cons review quotes

NS
Aug 18, 2019
The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need.
Read full review
SK
Jun 18, 2025
A disadvantage is that it can lead to cost overrun if not properly factored or governed.
Read full review
AE
Aug 13, 2019
The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes.
Read full review
Buyer's Guide
Splunk User Behavior Analytics
June 2025
Free Report: Splunk User Behavior Analytics Reviews and More
Learn what your peers think about Splunk User Behavior Analytics. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
DOWNLOAD NOW
859,687 professionals have used our research since 2012.
BD
May 5, 2023
If the price was lowered and the setup process was less complex, I would consider rating it higher.
Read full review
reviewer1418904 - PeerSpot reviewer
Sep 21, 2020
Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.
Read full review
AT
Aug 19, 2019
They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases.
Read full review
reviewer1934946 - PeerSpot reviewer
Aug 22, 2022
We'd like the ability to do custom searches.
Read full review
SivaKuppala - PeerSpot reviewer
Mar 25, 2025
High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.
Read full review
AnupChapalgaonkar - PeerSpot reviewer
Dec 20, 2024
In terms of improvements, advanced reporting could see enhancements as there are some issues with latency.
Read full review
Subhayu Chakraborty - PeerSpot reviewer
Jan 6, 2025
The dashboard part could be improved.
Read full review
Show 10 more reviews (out of 22)

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Fortinet FortiGate IPS vs Splunk User Behavior Analytics Logo
Fortinet FortiGate IPS vs Splunk User Behavior Analytics
Palo Alto Networks URL Filtering with PAN-DB vs Splunk User Behavior Analytics Logo
Palo Alto Networks URL Filtering with PAN-DB vs Splunk User Behavior Analytics
LogRhythm UEBA vs Splunk User Behavior Analytics Logo
LogRhythm UEBA vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics Logo
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics
See all alternatives

Product Categories

Product Categories
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS)

Popular Comparisons

Popular Comparisons
Darktrace vs Splunk User Behavior Analytics Logo
Darktrace vs Splunk User Behavior Analytics
IBM Security QRadar vs Splunk User Behavior Analytics Logo
IBM Security QRadar vs Splunk User Behavior Analytics
Vectra AI vs Splunk User Behavior Analytics Logo
Vectra AI vs Splunk User Behavior Analytics
Rapid7 InsightIDR vs Splunk User Behavior Analytics Logo
Rapid7 InsightIDR vs Splunk User Behavior Analytics
Cynet vs Splunk User Behavior Analytics Logo
Cynet vs Splunk User Behavior Analytics
KerioControl vs Splunk User Behavior Analytics Logo
KerioControl vs Splunk User Behavior Analytics
Trend Micro Deep Discovery vs Splunk User Behavior Analytics Logo
Trend Micro Deep Discovery vs Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics Logo
Palo Alto Networks Advanced Threat Prevention vs Splunk User Behavior Analytics
Exabeam vs Splunk User Behavior Analytics Logo
Exabeam vs Splunk User Behavior Analytics
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics Logo
Trend Micro TippingPoint Threat Protection System vs Splunk User Behavior Analytics
Fortinet FortiGate IPS vs Splunk User Behavior Analytics Logo
Fortinet FortiGate IPS vs Splunk User Behavior Analytics
Palo Alto Networks URL Filtering with PAN-DB vs Splunk User Behavior Analytics Logo
Palo Alto Networks URL Filtering with PAN-DB vs Splunk User Behavior Analytics
LogRhythm UEBA vs Splunk User Behavior Analytics Logo
LogRhythm UEBA vs Splunk User Behavior Analytics
Lumu vs Splunk User Behavior Analytics Logo
Lumu vs Splunk User Behavior Analytics
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics Logo
Cisco Sourcefire SNORT vs Splunk User Behavior Analytics
See all alternatives
Related questions
  • 35
Which is the best UEBA solution?
  • 7
Viable, Cost-Effective Competitors to Rapid7 InsightIDK
  • 150
What is your recommended cost-effective solution to detect and prevent APT attacks?
  • 28
Looking for recommendations and a pros/cons template for software to detect insider threats
  • 234
What are the main differences between UEBA and SIEM solutions?
  • 7
Monitoring Web Hosted Servers for unwanted guests
  • 76
Why is User Entity Behavior Analytics - UEBA important for companies?
  • 2
When evaluating User Behavior Analytics, what aspect do you think is the most important to look for?
  • 10
Which is the best User Entity Behavior Analytics (UEBA) solution?
  • 8
What are the different types of insider threats that UEBA solutions help to detect?