Splunk User Behavior Analytics Reviews

Name: Splunk User Behavior Analytics
Brand: Splunk
Rating: 4.1 (23 reviews)

Vendor: Splunk

4.1 out of 5

23 reviews
100% willing to recommend

668 followers

Start review

What is Splunk User Behavior Analytics?

Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.

Get the Splunk User Behavior Analytics Buyer's Guide and find out what your peers are saying about Splunk User Behavior Analytics, Darktrace, IBM Security QRadar and more!

Splunk User Behavior Analytics is the #4 ranked solution in top User Entity Behavior Analytics (UEBA) solutions and #12 ranked solution in top Intrusion Detection and Prevention Software. PeerSpot users give Splunk User Behavior Analytics an average rating of 8.2 out of 10. Splunk User Behavior Analytics is most commonly compared to Darktrace: Splunk User Behavior Analytics vs Darktrace. Splunk User Behavior Analytics is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Buyer's Guide

Splunk User Behavior Analytics

May 2025

Get the report

Helped 856,807 peers since 2012

Featured Splunk User Behavior Analytics reviews

Subhayu Chakraborty

System Engineer at Infosys

The focus is on applications and their behavior. For example, some edits might lead to unusual behavior. Based on these observations, I have made use of the solution Features like alerts and auto report generation are valuable. Reports are generated automatically, which is a significant benefit.…

Read full review

SivaKuppala

Enterprise Architect at Wipro Limited

Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats. We can collect data from multiple sources in real time, and it is known for customizable dashboards with real-time updates. It is highly scalable and stable, even in large-scale enterprise environments.

Read full review

AnupChapalgaonkar

Cloud Solution Architect at Tech Mahindra Limited

I use Splunk User Behavior Analytics for SAML authentication, behavior analysis, and integration purposes. Integration allows me to identify version controls in CRM systems and analyze remote users. Additionally, I use it for streaming and machine learning kit integration, focusing on behavior…

Read full review

Splunk User Behavior Analytics mindshare

Product category:

As of June 2025, the mindshare of Splunk User Behavior Analytics in the User Entity Behavior Analytics (UEBA) category stands at 9.1%, down from 11.4% compared to the previous year, according to calculations based on PeerSpot user engagement data.

User Entity Behavior Analytics (UEBA)

PeerResearch reports based on Splunk User Behavior Analytics reviews

Type	Title	Date
Category	User Entity Behavior Analytics (UEBA)	Jun 13, 2025	Download
Product	Reviews, tips, and advice from real users	Jun 13, 2025	Download
Comparison	Splunk User Behavior Analytics vs IBM Security QRadar	Jun 13, 2025	Download
Comparison	Splunk User Behavior Analytics vs Exabeam	Jun 13, 2025	Download
Comparison	Splunk User Behavior Analytics vs Cynet	Jun 13, 2025	Download

Title	Rating	Mindshare	Recommending
Darktrace	4.1	N/A	94%	82 interviews Add to research
IBM Security QRadar	4.0	11.3%	91%	209 interviews Add to research

Valuable Features

Splunk User Behavior Analytics excels at data aggregation, large-scale searching, threat identification, and rapid decision-making. Users appreciate its customizable dashboards, ease of integration, and powerful search features. The system offers advanced analytics, anomaly detection, and risk scoring capabilities, which aid in security threat detection. Its intuitive interface and scalability support smooth data management while enhancing security postures. Automation, alerts, and auto-report generation boost efficiency and usability across various environments.

"Splunk User Behavior Analytics is known for its advanced analytics and data correlation capabilities, which help in detecting patterns, anomalies, and security threats."
"Splunk's technical support is amazing."
"Features like alerts and auto report generation are valuable."

Room for Improvement

Splunk User Behavior Analytics could benefit from improved integration with other tools, more flexible configuration, and enhanced dashboards. Pricing is a common concern, with calls for better licensing options. Feature enhancements like advanced reporting, user-friendly interfaces, automation for rule creation, and process mining capabilities are desirable. There are also suggestions for developing a built-in analytics engine, lowering data ingestion costs, and creating persistent correlation rules.

"High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed."
"I would like to see an enhancement in the automation of creating the rules."
"The dashboard part could be improved. While using it, I noticed two options: Classic, which is adequate yet only in black and white, and another one that is more advanced or smart."

ROI

Splunk User Behavior Analytics shows variable ROI. Many observe around 30-35% returns, mainly from time and cost savings, yet some only note soft returns. Staff productivity reports a 20% improvement with enhanced incident resolution and reduced security costs. Others struggle with high costs, often resorting to additional tools to manage expenses, yet remain committed due to significant infrastructure investment. ROI hinges on effective use and implementation competencies.

Pricing

Enterprise buyers evaluating Splunk User Behavior Analytics should note that pricing is complex and varies based on licensing models, platform requirements, and data volume. Costs can escalate unpredictably, with annual fees potentially increasing significantly. The licensing model includes term subscriptions with variable charges based on data usage rather than per user. While some find it relatively expensive, others suggest it aligns with market standards. Configuration and additional integrations also impact the overall cost, making exact budgeting challenging.

"I am not aware of the price, but it is expensive."
"Pricing varies based on the packages you choose and the volume of your usage."
"The licensing costs is around 10,000 dollars."

Popular Use Cases

Organizations use Splunk User Behavior Analytics for threat intelligence, intrusion detection, and analyzing anomalous behavior. It assists in security, log management, and monitoring. They integrate it with products, utilizing machine learning and behavior analysis to detect threats and unusual activities. It supports operations by collecting data from various sources for threat identification, governance, and telemetry. Splunk is leveraged for indexing, streamlining network data, and providing dashboards for analytics and user experience metrics.

Service and Support

Customer support for Splunk User Behavior Analytics is largely positive. Many find technical assistance professional, responsive, and good, despite some describing it as average. Some users mention satisfaction with various support tiers, including standard to mission-critical. Issues around support quality in sanctioned regions like Iran exist, relying on forums due to restrictions. Others point to minimal need for support due to system stability or high internal expertise. Interaction and satisfaction levels vary across customer experiences.

Deployment

Many found Splunk User Behavior Analytics's initial setup complex, citing the need for custom configurations and vendor dependency, especially with multiple data centers or intricate environments. Others described it as straightforward, requiring fundamental understanding and basic configurations. Typically, deployment varied between quick processes taking hours to more extensive ones up to six months, depending on environments and prerequisites. Challenges included managing workflows and minimizing false positives.

Scalability

Splunk User Behavior Analytics offers significant scalability, accommodating diverse user needs. While some users report scalability challenges with on-premise implementations and storage restrictions, others praise its ability to support extensive server, desktop, and security device deployments. Users appreciate that it supports numerous users and enables seamless scaling as log volumes grow. Designed for enterprise environments, it facilitates expansion with ease, with many organizations planning to increase usage due to its scalable nature.

Stability

Splunk User Behavior Analytics is regarded as highly reliable, suitable for enterprise use. Users find it straightforward in configuration and monitoring compared to competitors like HP ArcSight. It performs well with minimal disruptions, offering robust performance without bugs or glitches. While some issues can arise with long-term data, these are not exclusive to Splunk. Proper deployments and maintenance are essential for its superior stability, and users rate it very positively for its stability features.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Splunk User Behavior Analytics Buyer's Guide for additional reliable information.