Splunk Review

Search language is easy to understand and teach to new users

What is our primary use case?

  • Monitoring IT and other processes for a large university.
  • Leveraging alerts and dashboards to detect and predict security breaches and other events.

How has it helped my organization?

Splunk has enabled us to detect, even predict potential security issues, before they become severe. It has enabled our operations and development teams to more efficiently monitor and troubleshoot their systems.

What is most valuable?

The search language is easy to understand and teach to new users. The SDK is comprehensive and has incredible levels of integration with the platform and data. 

What needs improvement?

  • Certain sections of the developer documentation could use some updating and clarification.
  • Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling. 
  • Some terminology is vague and confusing (examples: deployer versus deployment server or search head versus search peer).

For how long have I used the solution?

Three to five years.

How is customer service and technical support?

Support is quick and competent.

Which version of this solution are you currently using?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Splunk reviews from users
...who work at a Financial Services Firm
...who compared it with LogRhythm NextGen SIEM
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
512,711 professionals have used our research since 2012.
Add a Comment
ITCS user