Splunk Review

The ability to see logs and correlate them using Splunk has greatly improved our organization's functionality with auditing and troubleshooting.


How has it helped my organization?

The ability to see logs and correlate them using Splunk has greatly improved our organization's functionality with auditing and troubleshooting.

What is most valuable?

Splunk's capability to receive any types of logs and index them is a very good feature. To get visibility from your network devices, servers, and security devices is a great feature.

What needs improvement?

Better directions on search head clusters. A lot of the documentation that I saw was either old or out of date. I believe I ended up doing a lot of searching and ended up not completing the feature. I opted out of creating a search head cluster.

What do I think about the stability of the solution?

Not at all.

What do I think about the scalability of the solution?

None.

How is customer service and technical support?

Customer Service:

Excellent. I didn't call often however, when I did they pretty much solved my problem.

Technical Support:

Excellent. I didn't call often however, when I did they pretty much solved my problem.

Which solutions did we use previously?

No solution was available at the time.

How was the initial setup?

No the initial setup was fairly basic.

What about the implementation team?

In-house. We had professional services however, we did the install prior to the consultant arriving. So, his workload was light considering we had already installed and configured the Splunk servers.

What was our ROI?

We purchased and paid for it as an annual subscription for three years and working on purchasing the Perpetual edition.

What's my experience with pricing, setup cost, and licensing?

Pricing is pretty fair. However, I would suggest you trial for at least 90 days if you can get the sales person to offer you the option to renew your 30 day trial a couple of more times to evaluate. The 30 day trial is not enough.

Which other solutions did I evaluate?

The other SIEM solution providers we looked at were ArcSight, QRadar and SolarWinds LEM.

What other advice do I have?

Splunk is a good product. Pricing is a bit high however, after it's installed you can understand why and get caught up in reading the logs that are available.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
2 Comments
HenryReal UserTOP REVIEWERTOP 5

I love my Splunk who could read most of the maching logs

07 August 17
Alireza GhahroodReal UserTOP 5LEADERBOARD

splunk is user friendly-Better than other similar products

08 August 17
Guest

Sign Up with Email