- Can ingest data from various data sources.
- Is very useful for organizations who are attempting to meet compliance requirements.
- Is able to fully configure and integrate various solutions into one tool and provide actionable results.
My use of Splunk at my previous place of employment improved how we functioned.
I have used Splunk for three years.
We didn’t have any stability issues.
We didn’t have any scalability issues.
During our use of Splunk, we had professional services assisting and not actual technical support. However, the professional services team was great.
Our organization did not have an established SIEM tool.
The initial setup is straightforward, depending on the level of implementation of the tool.
Take into consideration the labor costs for a dedicated Splunk developer who can craft the required queries needed for each organization. Organizations usually have their own form of implementation of each tool.
We didn’t evaluate any alternatives.