IT Central Station is now PeerSpot: Here's why

What advice do you have for others considering Splunk User Behavior Analytics?

If you were talking to someone whose organization is considering Splunk User Behavior Analytics, what would you say?

How would you rate it and why? Any other tips or advice?

PeerSpot user
1212 Answers

reviewer1276995 - PeerSpot reviewer
Top 10LeaderboardReal User

The biggest lesson that I have learned from working with this product is that it is priced high, and you can achieve much of what it does through other methods. That combination makes it hard to sell. I would rate this solution a nine out of ten.

reviewer1418904 - PeerSpot reviewer
Top 10LeaderboardReal User

We're simply customers. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'm not sure of the exact version number. I'd recommend the solution to other companies. On a scale from one to ten, I'd rate it at a seven. If the cost was more reasonable, I might rate it a bit higher. It's not too expensive, but it could always be better.

reviewer890208 - PeerSpot reviewer
Top 20Real User

After more than three years of using this solution, I would recommend this solution, especially for environments that have a big volume of data. I would rate this solution a nine out of ten. It is a really great product.

Ali Tamimi - PeerSpot reviewer
Top 20LeaderboardReal User

We use the on-premises deployment model of the solution. The more types of clusters you have feeding into Splunk, the better the results you have. If you have a customer environment in which you have diverse solutions and technologies, which cater to a large network of applications you are able to inject more value for the customer. One of the key lessons from using Splunk is to have adequate hardware and pre-plan the implementation. It is reasonably balanced, in terms of how much it uses a CPU and the amount of memory it needs. It's important that you start with good infrastructure when you implement Splunk, or you may run into issues. Also, make sure to have trained people working on the solution. Otherwise, it will be a waste of investment. I would rate the solution nine out of ten. I would recommend the solution to others.

Anton Kudin - PeerSpot reviewer
Real User

I will rate this product a seven out of ten, and I would definitely recommend it to others.

Genrlmgr67 - PeerSpot reviewer
Real User

From my experience and from the security perspective, I recommend this product for all the people that need good security for investigation. The Splunk team and products are good for those purposes. The storage gets better priced with the amount you use. The storage is very expensive if you take some of the license options from the company. We won't be using unlimited storage for how much data will be imported from our bandwidth. I think the unlimited license is good because we will use a lot. On a scale from one to ten when one is the worst and ten is the best, I would rate Splunk User Behavior as a nine. I didn't give them ten because Splunk does not provide something for the professional investigation. There is something that prevents you from using data the way you want to use data for in an investigation. Sometimes with Splunk, we cannot bring the data out in a better form and some users cannot understand it exactly. What I am talking about is options for a more professional investigation, not for normal behaviors. If you want to just look at normal behavior the program will give all you need. But sometimes you need other use cases to see the action.

Securityps67 - PeerSpot reviewer
Real User

I'm a system integrator, which provides the solution to end-users and customers. We handle the on-premises deployment model. I would recommend the solution because of the ease of use, the simple administration, the good level of support, the predefined use cases, and the predefined user behavior analytics. I would rate the solution seven out of ten.

Director5e75 - PeerSpot reviewer
Real User

If I had to rate Splunk from one through ten, one being the worst and ten being the best, I would give it a nine. There's always room for opportunity, but I think it's been working pretty good. I rate it a nine because I think that the ease of use with the product, like the installation and the support that we receive. From what I hear everything goes well. There's nothing that stands out. We haven't had any vulnerabilities or compliance issues with the product, and we do with others, so those are the reasons why I'd rate it a nine. Anyone else looking for a product that can consolidate logs this product does what it says it will do.

Informat0a7b - PeerSpot reviewer
Real User

I wouldn't buy Splunk because of the cost, because you can't budget for it. You think you can and then you find out later you can't. The company is still using it, but they're adding other pieces in to reduce the cost of Splunk. They're spending money to buy another product to pre-process so then they can save money on it. We've been improving and the maturity's pretty great. This is just one small piece in the overall platform. And the overall platform, from a cybersecurity maturity perspective, is doing well. If you look at it from that perspective, it's had a positive impact, it has not been a drag. The product itself is a seven out of ten. It's somewhat efficient, if you have the right staff and if everything's working properly. You have to have at least one person do care and feeding at the backend to make sure the infrastructure's working.

ITConsul6a61 - PeerSpot reviewer

There is a lot of potential in the product. We have seen the product grow over time. There is potential to grow a bit more and become more proactive than it is right now. First assess the use cases. Then, assess the scale and complexity of the use cases that you are trying to solve before implementing the solution. Do not try to find a solution which fits the use case after the implementation.

Securityc88d - PeerSpot reviewer
Real User

It helps us make decisions faster.

Enterprise677 - PeerSpot reviewer
Real User

It is a helpful tool, especially for customers who deal with the service industry.

Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
May 2022
Find out what your peers are saying about Splunk, Darktrace, Cisco and others in Intrusion Detection and Prevention Software (IDPS). Updated: May 2022.
597,415 professionals have used our research since 2012.