Meets our requirements from a cost and requirements perspective
What is our primary use case?
We use it for Log Management and also for another bit of management. It feeds data into Splunk and Splunk writes the rules and based on that, it will pick up incidents. It is good from a cost perspective, in terms of the cost of the data you're looking at. There is no cost barrier.
Pros and Cons
"For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
"The only thing I would say is an issue is the cost. It matches other products. The costs can be justified for the value that we gain. The entire threat analysis stack should come in a bundle. If the cost was matchable with other products I think Splunk would pick up in the market."
What other advice do I have?
I would rate Splunk a nine out of ten. The queries and pulling out the exact reports is a little challenging. I get complaints about it. I would like to see more reports or default out of the box reports. That would be more useful, useful, and then people can avoid writing inquiries.