User Reviews Overview

About Splunk Enterprise

The Splunk Enterprise platform allows users to process and index most forms of data in their native format. It includes data indexing tools, which enable users to locate specific data across large data sets. The software is...

Learn more

Feature ratings

Value for Money
4.2
Features
4.5
Ease of Use
4.1
Customer Support
4.3

Browse Splunk Enterprise Reviews

149 of 149 reviews
Sort by:
vikas
  • Industry: Information Technology & Services
  • Company size: 10,000+ Employees
  • Used Daily for 6-12 months
  • Review Source
Value for Money
5
Features
5
Ease of Use
5
Customer Support
4

5
Reviewed on 13/07/2022

Best application for monitoring of SAP system, server and database health

Overall Splunk Enterprise is excellent and one of the best business application for early analysis of system performance. Also, tool is really fast and provides analytical report of every system, which is really useful for detailed analysis.

Pros

Sofware is really excellent and best suited for small and large scale business who would like their systems, interfaces, server space and database health check to be performed.

Cons

Sometimes the Splunk alerts creates multiple tickets in ITSM tool during issue. Hence it may result in spending sometime for closure of open incidents.

shabbir
  • Industry: Information Technology & Services
  • Company size: 51-200 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
5
Features
4
Ease of Use
4
Customer Support
4

5
Reviewed on 03/10/2021

Complete Security operations with Splunk

Splunk data visualization and its analytics handling chunks of data is exceptional.

Pros

Data visualization, Analytics skills with AI-powered and can handle data in TB/per day without any interruptions in services. Live dashboards, developing use-cases and their capabilities (correlation).

Cons

complex architecture and efficient skills are required, financial is also not feasible for small and medium customers. no inbuilt query builders for beginners to understand the platform.

Alternatives Considered

AlienVault OSSIM

Reasons for Choosing Splunk Enterprise

Its niche player was can handle only a few products data and not so feasible in terms of query building and customization in dashboards. Good for small businesses not for enterpraises.

Switched From

AlienVault OSSIM

Reasons for Switching to Splunk Enterprise

Not so feasible in handling data and its simple architecture cannot handle logs from all the data sources.
Lina
  • Industry: Banking
  • Company size: 1,001-5,000 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
4
Features
4
Ease of Use
4
Customer Support
4

4
Reviewed on 04/07/2022

Master of multiple event log data collection with excellent intrusion detection capability

Flexible product with extensive data collection capability for complete visibility to ensure effective threat investigation.

Pros

Advanced security analytics to quickly detect malicious threats within our networks and devices with rapid response and effective alert prioritization to accelerate investigation.

Cons

Great integration to collect multiple data easily and in built-threat intelligence that helps to accelerate our investigations. Full of incredible features, there is nothing to dislike.

Top Splunk Enterprise Alternatives

Patrick
  • Used Daily for 2+ years
  • Review Source
Value for Money
N/A
Features
3
Ease of Use
4
Customer Support
N/A

3
Reviewed on 17/05/2017

Spunk Review

Pros

It allows me to bring a lot of information into one friendly view. It's a great security audit tool.

Cons

It has limited functionality. It is a very memory intensive system. It does not integrate with Lennox.

Verified Reviewer
  • Industry: Health, Wellness & Fitness
  • Company size: 1,001-5,000 Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
4
Features
5
Ease of Use
5
Customer Support
4

5
Reviewed on 27/05/2022

Splunk Enterprise, not just a SIEM

We have been using Splunk Enterprise, ES, ITSI, and other Splunk parts for 6+ years in production. This has helped us reduce staff in some cases, increase response time in most cases, and allow non-IT teams to get data and metrics in a fast efficient way.

Pros

The versatility is amazing. The same data in logs, such as IIS, can be used for Security, Application performance, and even error handling. This allows us to use one log to help multiple teams. This is just one example.

Cons

Start up takes someone who has had some training. While searching and output is easy, its the onboarding of custom apps that takes the know how.

Alternatives Considered

Sumo Logic

Reasons for Switching to Splunk Enterprise

Versatility with custom applications we create in house.
Verified Reviewer
  • Industry: Financial Services
  • Company size: 10,000+ Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
5
Features
4
Ease of Use
5
Customer Support
5

5
Reviewed on 03/03/2020

Splunk is a great solution for SIEM and also for monitoring your infrastructure

We needed a way to monitor our internal environment and start to be more proactive with issues, so we started sending all of our logs to Splunk and we we able to get insights we did not know we needed. It is a great solution and they are constantly innovating.

Pros

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Cons

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Alternatives Considered

Elastic Stack

Reasons for Switching to Splunk Enterprise

Spelunking was simple to setup and the customer service is great. It performed very well and proved to be a valuable assets to run in Production.
Verified Reviewer
  • Industry: Government Administration
  • Company size: 51-200 Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
5
Features
5
Ease of Use
4
Customer Support
4

5
Reviewed on 02/12/2021

Great Choice for an SIEM

Pros

Provides a single location for collecting and analyzing logs. Provides ease of use for non-technical users, but powerful features for security and IT. There is an add-on/app for anything you could imagine.

Cons

Some documentation is vague, and when certain things don't work, it can be difficult to find out a solution to the problem.

Alternatives Considered

Sumo Logic

Reasons for Switching to Splunk Enterprise

We needed a product that we could host ourselves.
Karen
  • Industry: Aviation & Aerospace
  • Company size: 10,000+ Employees
  • Used Weekly for 6-12 months
  • Review Source
Value for Money
N/A
Features
4
Ease of Use
4
Customer Support
N/A

4
Reviewed on 30/06/2022

Splunk - A Necessary SIEM Tool

Pros

I worked with a team member to integrate McAfee Endpoint Security with Splunk Enterprise so that virus scanning logs could be easily monitored. Integration was extremely smooth, and the data was nicely visualized on Splunk. There was very little delay in the virus detection logs being updated on Splunk as we performed several tests for virus scanning. As a user, it was very easy to navigate and I greatly enjoyed the usage of filters for filtering specific events that occurred.

Cons

It's a great product for boosting your security posture, however the cost of the tool and additional storage was a bit steep. It was also a bit difficult to create filters for the logs, which was a necessity for our end user.

Cedeno
  • Industry: Marketing & Advertising
  • Company size: 201-500 Employees
  • Used Weekly for 1+ year
  • Review Source
Value for Money
5
Features
5
Ease of Use
4
Customer Support
5

4
Reviewed on 17/06/2022

Robust Solution for Enhancing Security and Resilience

Monitor endpoints to detect and remediate cyber threats in real-time.

Pros

Block security threats on endpoints.

It enhances applications development.

Cons

The price is high but the results are remarkable.

Nate
  • Industry: Warehousing
  • Company size: 1,001-5,000 Employees
  • Used Monthly for 6-12 months
  • Review Source
Value for Money
N/A
Features
5
Ease of Use
4
Customer Support
N/A

5
Reviewed on 17/06/2022

It does what I need it to do

Pros

This software is great at collecting and organizing data from my companies operation.

Cons

Initially it feels unintuitive and there is a definite learning curve. Once I learned how to navigate and manipulate the software, its features were powerful and helpful.

THOMAS
  • Industry: Telecommunications
  • Company size: 51-200 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
5
Features
5
Ease of Use
5
Customer Support
5

5
Reviewed on 18/02/2021

Splunk an Enterprise Business intelligent user tool

Is a robust and intelligent management tool that enables everyone with user computer knowledge to navigate in real-time, consolidate vast data into a visualized report of dashboard features , reliable and web based, no major equipment required for setup, user need a smartphone or compute to access the platform through the web, you can navigate the system as long as you have computer knowledge without any training required(user friendly) .

Pros

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

Cons

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge.
The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it
It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

Gabe
  • Industry: Information Technology & Services
  • Company size: 5,001-10,000 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
3
Features
5
Ease of Use
4
Customer Support
5

5
Reviewed on 22/02/2018

A powerful log aggregation solution with immensely useful tools built-in for popular applicatio...

Pros

- Free to use for small 500MB or less daily ingress, quite nice for small use cases and learning
- No development work required to deploy and provide value.
- Deployment flexibility: client agents are available to use, or clientless configurations for multiple OS platforms. It's also very easy to deploy, not just flexible. its a very simple affair.
- Segmentation of logs: You can create separate instances of of logs to aggregate, based on organization needs. And those instances can have their own individual storage policies to optimize consumption of storage resources.
- Configuration design: Thoughtful and mature documentation and design of the application regarding enterprise-class scaling on network storage.
-POWERFUL tools: The user interface lends itself to learning more about your organization from the logs you collect, through metrics of trends of the logs being gathered. There are also specific modules/add-ons for popular applications to provide more value and event-based monitoring, all without having to develop in-house dashboards and intelligence of those logs.
- Customization: You can create your own queries of logs, and event-based alerts.
- Web-based GUI that clean is powerful
- Sales/Technical Reps are top notch in fielding questions and evaluating environment for deployment. They were extremely helpful in helping our organization develop procedures and scaling our environment for expansion with our existing infrastructure.

Cons

- Price: This product is not free for more than the minimal use. Pricing can be very expensive, relative to open source offerings. That is the trade-off you pay for not having in-house development of open source offerings. As this product is priced based on gigabytes of indexed logs, it is important to understand the scope of licensing necessary for your environment to determine if it is a good fit for your organization.
- Watch your saved queries and hardware resources: Users have the ability to create and save queries. Like in database queries, some are more efficient than others. Large inefficient queries can be very resource-intensive. If you notice slowness in day-to-day queries, or navigation in the UI, or resource use in contention, keep an eye on saved queries and user practices.

Amit
  • Industry: Telecommunications
  • Company size: 10,000+ Employees
  • Used Daily for 6-12 months
  • Review Source
Value for Money
4
Features
5
Ease of Use
4
Customer Support
5

5
Reviewed on 15/04/2020

Best tool for Distributed logs data analysis

We have several micro-services deployed in production which require to lookup application access as well as server logs and analyze data for their usage. We created several reports/charts for visualization. We use splunk as security logs tool to see the firewall traffic, tracing any vulnerable access, any database related crash ..etc.
It helps easily to find issue and fixed quickly by black listed in system.

Pros

Splunk Enterprise is best tool to analyze the data based on different visualization. It help us to lookup distributed logs for micro-services . It enables field based lookup. For complex logging, we can use search query using expression. We can create multiple reports/charts for visualization such as a pie or bar chart for our data. Best feature what i like , We can visualize our search results and share them with others using dashboard panels. If Already have a dashboard, we can add a new panel from a report, clone from another dashboard, or add a prebuilt panel. Fully customization available. Interfaces is very flexible. We export it in different formats, or refresh it to visualize the newest data. Online Support is available through different community.

Cons

Search query builder is fully based on technical. for Non technical users, its really difficult to lookup logs. Sometimes, error thrown by query builder is more difficult to understand. Deep Learning is required to use splunk for production data. For Large application installation, it need to manage more.

Avinash
  • Industry: Computer & Network Security
  • Company size: 10,000+ Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
4
Features
4
Ease of Use
4
Customer Support
3

5
Reviewed on 17/04/2021

Splunk - Onestop Log Management & Forensics

Overall i like the product but as the user base grows the logs grows too. This busts the limits of the licensing.
We need to keep on doing housekeeping to ensure that our license limits is not crossed.

Pros

The ablitity to configure and tweak the use cases. Building Intelligence into forensics. The AI feature is gud but needs more enhancements.

Cons

The log management needs to be efficient , If the auditing logs is enabled then a huge influx of logs are pumed into splunk but no meaningful meaning can be derived.

Alternatives Considered

McAfee Endpoint Security

Reasons for Switching to Splunk Enterprise

Splunk is a one whole package with features like AI & Forensics and also keeps you updated with the latest and newest threats..
Verified Reviewer
  • Industry: Computer Software
  • Company size: 1,001-5,000 Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
3
Features
4
Ease of Use
3
Customer Support
3

4
Reviewed on 11/05/2021

Great, wholistic centralized monitoring solution

I've been using Splunk for over 8 years. I've seen it constantly improve and change a lot. I do enjoy it. Cloud is getting better and much better parity with on-prem

Pros

We use this as our SIEM. The ability to have the data ingest, visualization, alerting and correlation all in one product is very important to me from a security standpoint. We're cloud-first so having that ability with large cloud providers is important to me (AWS, Okta, GCP, etc)

Cons

The cost can be a little concerning and htere is a bit of a learning curve when you first get into Splunk. User groups, their forum and pro serv all help with that.

Alternatives Considered

Datadog and Elastic Stack

Reasons for Switching to Splunk Enterprise

Better product.
devaun
  • Used Daily for 2+ years
  • Review Source
Value for Money
N/A
Features
4
Ease of Use
3
Customer Support
N/A

5
Reviewed on 02/02/2018

Query your log statements for your production apps in REAL TIME to triage and monitor...

XRAY vision on your production instances. Every day we code our applications so that we will be splunk friendly with our app log statements. For example "featureX=value" allows you to query for every customer that engaged with featureX.

Pros

Splunk allows us to see exactly what is going on in production! I work on commerce for a fortune 100 company, and we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time. You will learn that you can place strategic log statements in your code that allows you to identify situations in production and be proactive at solving them. For example, you can log your customer's session cookie ID, and track any given customer's activity on your website via your app logs. It gives you dials and charting capabilities to monitor even the slightest drops in customer activities due to flaws in code or slowing network calls.

Cons

PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses.

Divyang
  • Industry: Information Technology & Services
  • Company size: 201-500 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
2
Features
5
Ease of Use
5
Customer Support
5

4
Reviewed on 28/09/2020

Manipulate You Data

Splunk is widely used for manipulation of data and we encounter the use of this tool almostl twice a week. Even though it costs much more but still we have not found any alternative that is able to offer all these functionalities.

Pros

Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn.
Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process.
Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it.

Cons

There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does.
Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.

Sachin
  • Industry: Computer Software
  • Company size: 10,000+ Employees
  • Used Daily for 6-12 months
  • Review Source
Value for Money
5
Features
5
Ease of Use
4
Customer Support
4

5
Reviewed on 30/04/2022

Splunk: A Monitoring Tool for all your needs

If i have put a word it would say "Fantastic". The functionalities Splunk provides eases team to manage/monitor their IT infrastructure and internal application you will be well aware about the performance of your applications. Setup alerting and take necessary actions in stipulated time to overcome all the issues which may affect your application performance.

Pros

Splunk offers various features whether you need to setup monitoring on your server, application logs based on logs ingestion set alerts so that teams got notified on real time and take actions accordingly. In this way, it helps to monitor application which are mission critical. You can make dashboards in Splunk where you can configure various components such indexes, data inputs and schedule reports as well. To achieve additional functionalities we can install third party apps as well such as AWS Add on for cloud watch log ingestion.

Cons

From Admin perspective, I found user access management a little difficult. The roles of access management becomes complicated because some time the config files for that didn't came very handy. Other then that I think all in all Splunk provides fulfill all of the requirements.

David
  • Industry: Entertainment
  • Used Daily for 2+ years
  • Review Source
Value for Money
4
Features
5
Ease of Use
5
Customer Support
4

5
Reviewed on 07/02/2018

Offers more than you think

We've used the software to detect layer 7 attacks, unearth issues we didn't realize were happening and gives us end to end insight into our stack.

Pros

The system is highly intuitive to use. It is faster than other solutions I've used on the market and has a huge library of 3rd party plugins to get more from the system. It is easy to create scheduled searches, dashboards, reports etc. but there are a number of additional plugins (at an extra cost) to help with security, single pane of glass and metric collection.

Cons

It offers challenges for a decentralized working model. Where Splunk is centrally managed, it is easy to ensure that best practices are maintained. Where the system is opened up for an entire department to utilize and on-board their logs, it becomes more difficult. However, with some creative thinking and good process, this issue can be overcome.

kalaiselvan
  • Industry: Information Technology & Services
  • Company size: 501-1,000 Employees
  • Used Daily for 1+ year
  • Review Source
Value for Money
4
Features
4
Ease of Use
5
Customer Support
4

5
Reviewed on 12/07/2019

Splunk review

Overall, it is a very good monitoring tool for an support team and developers for doing root cause analysis.

Pros

Splunk Visually represents the logs mainly from production servers in the web UI .

People who Usually has no access to logs in production servers, will access the logs through splunk UI with very simplified and friendly search query.

It has lot of features like you can query for particular date and time range with specific characters. The search engine is very fast which will bring the query response effectively.

we can access all types of logs including XML and JSON.

we can create a custom dashboard with custom query for each projects and can relatively trigger the email to the support team in case of any issues.

This tool is boon for production support team in any enterprise company.

Cons

Licensing cost is quite higher for enterprise usage.

Query response time will be slow when you are searching for relatively longer history(Eg. 3 months old data)

Verified Reviewer
  • Industry: Retail
  • Company size: 10,000+ Employees
  • Used Daily for 6-12 months
  • Review Source
Value for Money
5
Features
5
Ease of Use
3
Customer Support
5

5
Reviewed on 16/10/2020

A tool which is one for all

Splunk has made me realize the ability to correlate different data from different realms altogether and generate valuable insights.

Pros

The ability to use this software for security operations, data analysis, creating dashboards, generating tickets and everything else

Cons

Splunk uses its own SPL, which is not very easy to learn. However, there are lots of documentation that Splunk provides to its customers. There is paid training available which is useful for beginners to learn.

Robert
  • Industry: Management Consulting
  • Review Source
Value for Money
N/A
Features
5
Ease of Use
4
Customer Support
5

5
Reviewed on 30/06/2015

Finding Splunk Before Splunk Finds You

Pros

Splunk is more than a tool or a product, it is a big data platform. Splunk can be used as a simple log aggregator all the way to a Big Data engine to find efficiency in operations of the Internet of Things. Splunk is less about its abilities, and more about your imagination about what you can do with Splunk. That is the beauty of the platform. Splunk shines in providing operational intelligence about systems and processes. Finding out how your systems are operating, how your processes are functioning leads to quick resolution of problems and points to where budgets are best spent.

Cons

Splunk is deceptively easy to set up and use. But like learning to play chess, you can learn the moves in half an hour, but take a lifetime to master. Splunk quickly provides value, but requires imagination and creativity as well as wide ranging knowledge of systems and processes to move to the next level. Not every organization needs that kind of talent to get a great return from Splunk, but the companies who compete and win will.

Frank
  • Industry: Computer Software
  • Company size: 5,001-10,000 Employees
  • Used Weekly for 2+ years
  • Review Source
Value for Money
N/A
Features
4
Ease of Use
3
Customer Support
N/A

5
Reviewed on 20/12/2020

Doing setup redundant servers without Splunk

Saved my a$$ many times. In a multi-server environment, if you don't have Splunk or something like it, it will be a nightmare to try and coordinate the various log files involved.

Pros

Several of our applications are distributed across multiple systems. It is the same software running on each server but doing the same job for different users. Each server would generate its own log files. When things went wrong, we used Splunk to be able to see what was going on on each server. Click a few buttons and you get two logs from two different servers listed together coordinated by time. But that leads you to discover that the issue came from a separate upstream or downstream server, then bring in those logs too . . . all coordinated by time. Don't get me wrong, the IT guys love these tools for their own enterprise reasons, but as a server stack developer, this was a resource I used OFTEN.

Cons

I never fully grokked their SQL like language. I could do basic things daily without issue. However, I often had to hit the documentation to do anything more than a simple "find this" query.

Or
  • Industry: Computer Software
  • Company size: 10,000+ Employees
  • Used Daily for 2+ years
  • Review Source
Value for Money
N/A
Features
4
Ease of Use
4
Customer Support
3

4
Reviewed on 18/12/2021

Splunk helps us to walk in the darkness, for sure in the Prod arena

We are in Autodesk, use it much, as part of the monitoring tool. We like it and would like it to be improved and even more useful

Pros

Dashboards feature is amazing, I use it much. Alerts and queries are easy to set up. Mostly it works fast so it's kind of Dev friendly so it's easy to onboard the new guys

Cons

Alerts should have a better way to manage it. There should be a way to promote alerts to different environments - so we will be able to set the Dev/Stg/Prod
Sometimes some things that we want to do take a while searching on the internet for a solution - they might think how to do it better - maybe some examples or better documentation

shashank
  • Industry: Information Technology & Services
  • Company size: 1,001-5,000 Employees
  • Used Weekly for 6-12 months
  • Review Source
Value for Money
5
Features
5
Ease of Use
5
Customer Support
5

5
Reviewed on 15/04/2019

Best Tool for Monitoring Purposes.

As a user of Splunk, we generally used to monitor the log provided by the server clusters belonging to a tool called API Connect. As the logs are stored in Splunk, we tally the transaction count from API Connect tool and filter the log search in Splunk with a particular search query. We can download the logs of particular time and date of API Connect servers in case of transaction count issues. We create a dashboard for all the individual API's transaction count in terms of total transaction count of all API's. In this way, it makes our work easier to find out which API has the highest transaction count. We even use Splunk to know the state of the machine. Reports generated by the Splunk helps us to find out the API with the highest response time. In this way, Splunk makes our work a lot easier as it is very fast and highly secure.

Pros

1) Accepts multiple data formats like CSV, JSON, XML
2) Does the hard work for us i.e converting machine data to a human-readable format.
3) Can create customized alerts to serve our business purpose.
4) Searching on the based on queries is pretty simple.
5) We can create dashboards to analyze and visualize our search results.
6) Can export the log content to our Personal computers.
7) Setting up plugins and integrating with any tool that needs monitoring is pretty easy.
8) Technical support for the Splunk is very quick as they have a dedicated staff for that.

Cons

I did not find any flaws with this software.

149 reviews