Splunk User Behavior Analytics Reviews

Name: Splunk User Behavior Analytics
Brand: Splunk
Rating: 4.1 (24 reviews)

Vendor: Splunk

4.1 out of 5

24 reviews
100% willing to recommend

644 followers

Start review

What is Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Get the Splunk User Behavior Analytics Buyer's Guide and find out what your peers are saying about Splunk User Behavior Analytics, Darktrace, IBM Security QRadar and more!

Splunk User Behavior Analytics is the #4 ranked solution in top User Entity Behavior Analytics (UEBA) solutions and #12 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Splunk User Behavior Analytics an average rating of 8.2 out of 10. Splunk User Behavior Analytics is most commonly compared to Darktrace: Splunk User Behavior Analytics vs Darktrace. Splunk User Behavior Analytics is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Buyer's Guide

Splunk User Behavior Analytics

June 2025

Get the report

Helped 859,687 peers since 2012

Featured Splunk User Behavior Analytics reviews

Subhayu Chakraborty

System Engineer at Infosys

The focus is on applications and their behavior. For example, some edits might lead to unusual behavior. Based on these observations, I have made use of the solution Features like alerts and auto report generation are valuable. Reports are generated automatically, which is a significant benefit.…

Read full review

SivaKuppala

Enterprise Architect at Wipro Limited

Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats. We can collect data from multiple sources in real time, and it is known for customizable dashboards with real-time updates. It is highly scalable and stable, even in large-scale enterprise environments.

Read full review

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

I use Splunk User Behavior Analytics for SAML authentication, behavior analysis, and integration purposes. Integration allows me to identify version controls in CRM systems and analyze remote users. Additionally, I use it for streaming and machine learning kit integration, focusing on behavior…

Read full review

Splunk User Behavior Analytics mindshare

Product category:

As of July 2025, the mindshare of Splunk User Behavior Analytics in the User Entity Behavior Analytics (UEBA) category stands at 8.9%, down from 11.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

User Entity Behavior Analytics (UEBA)

PeerResearch reports based on Splunk User Behavior Analytics reviews

Type	Title	Date
Category	User Entity Behavior Analytics (UEBA)	Jul 2, 2025	Download
Product	Reviews, tips, and advice from real users	Jul 2, 2025	Download
Comparison	Splunk User Behavior Analytics vs IBM Security QRadar	Jul 2, 2025	Download
Comparison	Splunk User Behavior Analytics vs Exabeam	Jul 2, 2025	Download
Comparison	Splunk User Behavior Analytics vs Cynet	Jul 2, 2025	Download

Title	Rating	Mindshare	Recommending
Darktrace	4.1	N/A	94%	82 interviews Add to research
IBM Security QRadar	4.0	10.8%	91%	209 interviews Add to research

Valuable Features

Splunk User Behavior Analytics excels in data aggregation, advanced analytics, and machine learning for threat detection. It offers rapid search capabilities, customizable dashboards, and powerful query functions. Integration with various platforms provides improved user experience. Automated reporting, anomaly detection, and risk scoring enhance security. Users benefit from the ease of use, scalability, stability, and intelligent insights for decision-making across large datasets, enabling efficient monitoring and response to potential threats.

"The best features in Splunk User Behavior Analytics include anomaly detection, behavioral profiling, and risk scoring and prioritization functionality."
"Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats."
"Splunk's technical support is amazing."

Room for Improvement

Splunk User Behavior Analytics could benefit from lower costs, better integration with other tools, and enhanced flexibility in configurations. Users desire improved dashboards, greater correlation capabilities, and a more intuitive interface. Network and storage features need upgrades, while automation and AI enhancements are also sought after. Pricing and licensing schemes are points of contention, and simplifying the setup process could increase user satisfaction. Users also express a need for better data ingestion management and scalable options.

"A disadvantage is that it can lead to cost overrun if not properly factored or governed."
"High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed."
"I would like to see an enhancement in the automation of creating the rules."

ROI

Organizations investing in Splunk User Behavior Analytics have mixed experiences regarding returns. Some report a 20% increase in staff productivity, while others mention 30-35% returns in cost and time savings, particularly in incident resolution. However, many find it challenging to identify concrete savings, with most benefits being indirect. Despite the high investment, the outcome depends on efficient implementation and execution. While some users report positive returns, others resort to supplementary tools to manage costs.

Pricing

Pricing for Splunk User Behavior Analytics is complex and generally expensive, with costs influenced by data volume, licensing models, and additional functionality. Pricing unpredictability is a challenge, with frequent increases making long-term budgeting difficult. Enterprises face extra costs for integration and setup, which involves various components. Licenses are subscription-based, with options for volume discounts and savings through reserved instances. The solution's high-level investment requires careful consideration of use and implementation needs.

"I am not aware of the price, but it is expensive."
"Pricing varies based on the packages you choose and the volume of your usage."
"The licensing costs is around 10,000 dollars."

Popular Use Cases

Splunk User Behavior Analytics is primarily used for threat detection, security management, intrusion detection, and anomaly analysis. Organizations integrate it for log management, telemetry data display, threat intelligence, and security-related analytics. It supports operations like clustering, log correlation, and machine learning in cybersecurity. Companies utilize it to prevent threats, analyze behavior patterns, and detect insider threats. Other uses include security governance, user analytics, dashboard creation, and real-time threat tracking.

Service and Support

Users report mixed experiences with customer service and support for Splunk User Behavior Analytics. Some praise its responsiveness and professional technicians, citing high satisfaction with technical assistance. Issues are generally resolved efficiently, though some note service is adequate but not exceptional, requiring improvement. Various support tiers are available, with premium and mission-critical providing extensive coverage. Access can be limited by regional constraints. Community forums and resources supplement official assistance, offering additional support avenues.

Deployment

Some described Splunk User Behavior Analytics's initial setup as complex with numerous configurations needed, vendor dependency, and customization. Others found it straightforward, requiring a good understanding of installations and configurations. The process duration varied significantly, ranging from a few days to months, depending on the environment and scale. Some relied on project managers and technical support. While open-source components eased setup, workflow complexity was noted as a factor impacting setup efficiency.

Scalability

Splunk User Behavior Analytics offers significant scalability, accommodating numerous users and devices with ease. Enterprises frequently find it well-suited for expansion, with capability to handle substantial data ingestion and user growth. It performs well across diverse infrastructure setups, though storage constraints may arise in log management. Organizations have experienced its capacity to scale efficiently with on-premise advantages. Customers appreciate its scalability, often expanding without difficulty, reflecting its enterprise-oriented design.

Stability

Splunk User Behavior Analytics is recognized for its stability, being reliable and dependable. Users report ease of configuration and monitoring, and note that it does not exhibit bugs or crashes. Many have rated its stability highly, appreciating its performance in enterprise settings. Some mention potential issues with long-term data, but emphasize its stability when properly deployed and maintained. The platform achieves high uptime with built-in redundancy and automated scaling capabilities.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Splunk User Behavior Analytics Buyer's Guide for additional reliable information.