Splunk Review

Makes use of all logs and takes proactive actions

What is our primary use case?

We used it to create a full security operations center (SOC) for our IT department by adding all network and security devices, the AD, and mail servers to it. Then Splunk started to receive their logs, it analyzed them, and provided useful reports.  

How has it helped my organization?

It helps the IT staff to monitor the full structure. It also makes use of all logs and takes proactive actions.

What is most valuable?

Integrity with many vendors: This simplifies the implementation and integration with different devices. 

What needs improvement?

Enterprise security: Splunk must work on clarifying the solution to customers and explain how to gain more from it.

For how long have I used the solution?

One to three years.
**Disclosure: My company has a business relationship with this vendor other than being a customer: We are a partner with Splunk.
Add a Comment