Splunk Review

Does event matching between several appliances and correlates data from different sources.


What is most valuable?

  • Event matching between several appliances
  • Correlating data from different sources
  • Report viewer

How has it helped my organization?

It helps us to detect viruses and security events from our network.

What needs improvement?

It needs documentation, and "how-to-do" information. It's complicated to build reports and views.

For how long have I used the solution?

I have used Splunk for about two years.

What do I think about the stability of the solution?

There were no stability issues. It was running on a VM over Hyper-V.

What do I think about the scalability of the solution?

There were no scalability issues. It was running on a VM over Hyper-V.

How is customer service and technical support?

I used support a little bit for some templates for formatting data from Cisco and Fortinet logs. They were very fast with their response. I didn't have any support contract, but only entry level support.

Which solutions did we use previously?

This was our first try for log analysis.

How was the initial setup?

The setup was easy.

What's my experience with pricing, setup cost, and licensing?

There is nothing to say. At that time, it was for GBs of data received.

Which other solutions did I evaluate?

We did not look at alternatives. It was a consulting provider recommendation. It was a rapid implementation to accomplish legal requirements. After we used it for a while, we decided to keep it.

What other advice do I have?

Check for the plugin to format data of already completed templates for the appliance to which you want to keep logs and events.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email