Splunk Review

Aggregation searches have reduced time and difficulty of identifying trends and conditions which need to reviewed


What is our primary use case?

We primary use Splunk for log aggregation and search across multiple systems with Splunk Enterprise Security layered on top. 

How has it helped my organization?

Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations. This has not only
increased our speed of response, but our efficiency dealing with the issue(s)
raised.

What is most valuable?

Aggregation searches, allowing for conditions to be automatically found in the data, have reduced time and difficulty of identifying trends and conditions which need to reviewed.

What needs improvement?

The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement.

For how long have I used the solution?

One to three years.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Splunk reviews from users
...who work at a Financial Services Firm
...who compared it with LogRhythm NextGen SIEM
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
510,204 professionals have used our research since 2012.
Add a Comment
Guest