Splunk Primary Use Case

Balamurali Vellalath
Practice Head-CyberSecurity at a tech services company with 1,001-5,000 employees
Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well. As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints and number of switches and routers. There were many regional branch offices and they have data centers and therefore, many assets in terms of endpoints. They had 30% of their assets are running on the cloud and they needed a complete solution from an incident monitoring and management perspective. That's why we deployed Splunk. They wanted to reduce the MTTR, and meantime resolution, and maintain detection. They didn't want to add more SOC analysts into their SOC as the organization scaled up. They have a plan to scale from 5,000 endpoints into 15-20,000 endpoints. They're very particular about deploying the SOC operation center. Splunk has since acquired Phantom as a SOAR platform. Therefore, we have tried to manage the security automation using Phantom with the help of Splunk deployments. It helps us meet the customer's requirements. View full review »
Steffen Klein
Senior Consultant at sectecs
My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product. View full review »
reviewer1317924
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system. View full review »
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,857 professionals have used our research since 2012.
reviewer1453023
CSSP Manager at a tech services company with 51-200 employees
I'm the CSSP manager and we are customers of Splunk. View full review »
reviewer1454661
Automation Specialist, Analytics at a computer software company with 10,001+ employees
I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects. View full review »
Gregg Woodcock
Consultant at Splunxter, Inc.
Security. We have built SIEM solutions three times from the ground up (not ES) using Splunk for some of the largest companies in the world. View full review »
reviewer1463439
Senior Informatica Administrator at a computer software company with 10,001+ employees
We use Splunk on-premise. We mostly use it for log analysis and fraud detection. We are also testing using it in machine learning and other solutions. We have 10 people managing Splunk and we have approximately 150 people using the product in total. View full review »
Praful Bhatnagar
Principal Systems Engineer at a computer software company with 10,001+ employees
We are a software development company and Splunk is one of the products that we have implemented for our clients. It is used for log analytics as well as the mobile SDK for checking the stability of mobile applications. View full review »
reviewer1470723
Assistant Vice President at a financial services firm with 10,001+ employees
We primarily use the solution for monitoring our infrastructure. View full review »
reviewer1200885
Engineer at a financial services firm with 201-500 employees
It's the primary place where I'd go to do an investigation if I want to see what's going on within an endpoint, or on a network, or with a user. View full review »
reviewer1505082
Assistant Manager System at a financial services firm with 10,001+ employees
We are using Splunk as a SIEM tool. We're using it for monitoring. View full review »
HimanshuTejwani
System administrator and devops engineer at a tech services company with 10,001+ employees
Our primary use case of Splunk is for log monitoring and infrastructure monitoring. If we want to diagnose any issue in our application, we just push our application logs. This is on any client server using the universal forwarder logs on the Splunk server. After indexing, we can create a base log, and create attractive dashboards that are simple to understand and use. I'm a system administrator and we are customers of Splunk. View full review »
Mui Tran
Project Manager at Idemitsu Oil & Gas
We need something to collect all our logs in a centralized solution. We have several servers but we don't have any log collection system. View full review »
Praful Bhatnagar
Principal Systems Engineer at a computer software company with 10,001+ employees
We are using the mobile SDK to check the stability of mobile applications. View full review »
Julio Ortiz
General Manager at Intersoft S.A.
We use Splunk for security and also PCI compliance. We have installed and implemented this solution for several clients in Bolivia with our team. We have received training from Splunk directly, and we have also provided training to our clients. We deploy two versions: one for on-premise and one for the cloud. Most of our customers purchase Splunk because they required a tool for gathering and collecting all of the logs from the infrastructure in order to make a correlation between data and to spot patterns surrounding security incidents. View full review »
reviewer1478619
IT System Developer/Admin at a manufacturing company with 10,001+ employees
The primary use case of this solution is to monitor Cyber Mission databases. I create the diagrams to create an architecture that is then implemented. However, creating these diagrams are for my own learnings since these implementations are usually already available in the cloud office logs. View full review »
reviewer1375737
Manager-TCTSL NGN Security-Practices at a comms service provider with 10,001+ employees
We assist telecom service providers to develop their SOC and transform to an automation center. We develop an SOC community for them. We are integrators and service providers, and I'm the security practices manager. View full review »
reviewer1062186
Sr. IT Manager at a government with 10,001+ employees
We use Splunk for log analysis and security monitoring. View full review »
reviewer1342776
Data Scientist at a tech vendor with 201-500 employees
We use a lot of sales metrics. We use machine learning models to provide sales forecasting. We create database connections and run a query on the database. The next step is to place the data into Splunk. We create indexes to get the data into the Splunk dashboard. View full review »
Engineer9887
Engineer at a integrator with 11-50 employees
Our primary use case is for monitoring and cybersecurity. View full review »
Rudi Wicaksono
Architecture and Security Team Leader at Offshore North West Java (ONWJ)
We were using Splunk for our networking to know exactly what kind of the traffic was going from one network to another network because we had a lot of the connections on other sites. View full review »
reviewer1062186
Sr. IT Manager at a government with 10,001+ employees
We are using Splunk to look at the logs, and see what is happening. View full review »
reviewer1404306
SOC Analyst at a wholesaler/distributor with 10,001+ employees
We have multiple use cases, almost 200 plus use cases. An example, travel activities where you log in. View full review »
Luiz Fernandes
Técnico Judiciário at a government with 1,001-5,000 employees
We use it to do SIEM. View full review »
M Ghuyoor Syed
Sr. Manager Information Security at Tapal Tea (Private) Limited
Log collection and search. View full review »
reviewer1048674
Cyber Analyst with 501-1,000 employees
Testing for insider threat behavior. View full review »
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,857 professionals have used our research since 2012.