Splunk Review

Great Log Management and Investigation tool, but Operational SIEM capability needs improvement


Valuable Features

Great Log management capabilities with flexible and comprehensive search capabilities. Scalable and Easy to use.

Room for Improvement

Operational Workflow, Use Case Framework, and ticketing systems to make it suitable for SOC environments

Use of Solution

3 years

Scalability Issues

Splunk is extremely scalable with the limit being the hardware in use.

Customer Service and Technical Support

If you get the right people engaged, support can be a bliss.

Initial Setup

Setup is simple and straight forward.

Other Advice

http://infosecnirvana.com/splunk-enterprise-need-know/

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email