Splunk Overview

Splunk is the #1 ranked solution in our list of Log Management Software. It is most often compared to Datadog: Splunk vs Datadog

What is Splunk?

Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

Splunk is also known as Splunk Enterprise Security.

Splunk Buyer's Guide

Download the Splunk Buyer's Guide including reviews and more. Updated: December 2020

Splunk Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Splunk Video

Pricing Advice

What users are saying about Splunk pricing:
  • "The pricing model is expensive and a nightmare based on the amount of data."
  • "Our customers often complain that the price of Splunk is too high."
  • "Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market."

Splunk Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Balamurali Vellalath
Practice Head-CyberSecurity at a tech services company with 1,001-5,000 employees
MSP
Top 5Leaderboard
Nov 18, 2020
Good support with an intuitive dashboard but the cost is too high

What is our primary use case?

Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well. As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints… more »

Pros and Cons

  • "The most valuable aspect of the solution is the dashboard. It's very intuitive."
  • "There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."

What other advice do I have?

We're partners. We have a business relationship with Splunk. We're using the latest version of the solution. Overall, I would rate the solution at a seven out of ten. I'd advise potential new users to ensure they do proper sizing before deploying the product. If it's a very large deployment, the number of endpoints will be quite sizeable. You need to figure out the correct number of endpoints as well as endpoint devices, switches, routers, etc. It's also a good idea to look at use cases. Splunk is very strong in some use cases. It's important to look into deployment scenarios and check out the…
Steffen Klein
Senior Consultant at sectecs
Consultant
Top 5
Jan 4, 2021
Powerful programming language and search capability, but it is expensive and the vendor is inflexible

What is our primary use case?

My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product.

Pros and Cons

  • "What I really like is that even if you have already collected the data, you can extract fields and can build searches."
  • "I would like to see more SIEM functionality and a better ticket tool."

What other advice do I have?

This is a solution that I could recommend for somebody who wants a really powerful product. It is not an end to end orchestrated SIEM yet. This is a product that I would generally recommend, although I would not do so if the customer is really budget-driven. I would rate this solution a six out of ten.
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
454,950 professionals have used our research since 2012.
reviewer1317924
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
Real User
Nov 28, 2020
Flexible and scalable with good reporting

What is our primary use case?

The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system.

Pros and Cons

  • "The logs on the solution are excellent."
  • "It could be more user friendly, in terms of the end-user experience."

What other advice do I have?

We're just a customer. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'd advise those considering the solution to do some basic training before jumping into using the solution. It will help you understand how everything is supposed to work. I'd rate the solution at an eight out of ten, due to the fact that it's more flexible than other solutions. I like the idea of taking a log, any log, and putting it into a tool and creating your events and your conditions in order to get the output that you're looking for. It's more scalable and flexible…
reviewer1453023
CSSP Manager at a tech services company with 51-200 employees
MSP
Dec 20, 2020
Good at log collection and log management; not ideal for monitoring

What is our primary use case?

I'm the CSSP manager and we are customers of Splunk.

Pros and Cons

  • "Good for log collection and log management."
  • "This is not really a monitoring solution."

What other advice do I have?

It's important to prepare. You can't just get a solution and start to implement it. A big part of that needs to be preparation, and in IT, we're not great at that. I would go with Elastic, a similar product but better. The licensing is a little different but it gives you a little more freedom to do things. It's really flexible with what you can do and versatile in how you can use it. Splunk is still top when it comes to log collection. If you wanted anything more than that, you should probably look into using several different products. There isn't really one product that you're going to find…
reviewer1454661
Automation Specialist, Analytics at a computer software company with 10,001+ employees
Real User
Dec 5, 2020
Identifies data patterns and provides metrics and intelligence for business operations

What is our primary use case?

I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects.

Pros and Cons

  • "Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
  • "I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."

What other advice do I have?

I would definitely recommend using Splunk. They have free learning models available. There are models available on their learning page where you can gain a better understanding of how to use Splunk. Within one month alone, you can at least understand how to operate Splunk, whereas, with other tools, it can take a lot of time to understand. On a scale from one to ten, I would give Splunk a rating of nine. The only downside is the cost. Price is the only factor; sometimes, companies shy away from Splunk because of the price.
Gregg Woodcock
Consultant at Splunxter, Inc.
Real User
Top 5Leaderboard
Aug 5, 2019
Our clients are easily able to modify and evolve their implementations

What is our primary use case?

Security. We have built SIEM solutions three times from the ground up (not ES) using Splunk for some of the largest companies in the world.

Pros and Cons

  • "With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM"
  • "Our clients are easily able to modify and evolve their implementations."
  • "It needs a better way to export dynamic views without requiring a ton of code and user/pw."
  • "It needs integration with a configuration management solution."
  • "It needs integration with a configuration management solution."

What other advice do I have?

You can also get GREAT help at answers.splunk.com.
Presal0998
Presales Manager at a tech services company with 11-50 employees
Reseller
Feb 14, 2019
Clients benefit from the live security monitoring of their parent IP infrastructure base but Splunk should adjust the pricing

What is our primary use case?

We use it for security incident event management and for IT service intermediates.

Pros and Cons

  • "The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."
  • "Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."

What other advice do I have?

I will rate it as a security product an eight out of 10. There's no product which is perfect unless you go back and you create a psychic of the solutions.
Direct9887
Director of Information Security with 201-500 employees
Real User
Feb 12, 2019
Extremely scalable but they need to make purpose-built modules more robust

What is our primary use case?

* SIEM * Security information * Event management

Pros and Cons

  • "It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
  • "The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."

What other advice do I have?

As a logging solution, I would say it's probably an eight or nine. If you're talking about the SIEM I'd say it's probably about a five. For logging, I think they would have to change the costing model. The costing model is way out of line. It's built for very large organizations.
See 25 more Splunk Reviews
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros sharing their opinions.