Splunk Review

In the event of an incident, it has a rapid response search environment

What is our primary use case?

Although my company uses Splunk extensively, my use case is primarily the Enterprise Security add-on.

How has it helped my organization?

Splunk has enabled us to utilize many different data sources and is easy-to-use. It has a rapid response search environment in the event of an incident.

What is most valuable?

The correlation searches (properly configured) populate the Incident Management dashboard and provide me a quick birds-eye view of my most important concerns.

What needs improvement?

ES is very powerful, but it requires a mature security posture at the company to take advantage of it currently. The use cases provided by Splunk are a good starting point, but could cover many additional topics to ensure that a smaller or less experienced shop might maximize the value of an ES deployment.

For how long have I used the solution?

Less than one year.

Which solution did I use previously and why did I switch?

We were using a different SIEM, which was old-fashioned and very structured.

Which version of this solution are you currently using?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Splunk reviews from users
...who work at a Financial Services Firm
...who compared it with LogRhythm NextGen SIEM
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
512,711 professionals have used our research since 2012.
Add a Comment
ITCS user