Splunk Overview

Splunk is the #1 ranked solution in our list of Log Management Software. It is most often compared to Dynatrace: Splunk vs Dynatrace

What is Splunk?

Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

Splunk is also known as Splunk Enterprise Security.

Splunk Buyer's Guide

Download the Splunk Buyer's Guide including reviews and more. Updated: May 2021

Splunk Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Splunk Video

Pricing Advice

What users are saying about Splunk pricing:
  • "The pricing model is expensive and a nightmare based on the amount of data."
  • "Our customers often complain that the price of Splunk is too high."
  • "It is economical than other solutions."
  • "Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Practice Head-CyberSecurity at a tech services company with 1,001-5,000 employees
MSP
Top 5Leaderboard
Good support with an intuitive dashboard but the cost is too high

What is our primary use case?

Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well. As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints… more »

Pros and Cons

  • "The most valuable aspect of the solution is the dashboard. It's very intuitive."
  • "There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."

What other advice do I have?

We're partners. We have a business relationship with Splunk. We're using the latest version of the solution. Overall, I would rate the solution at a seven out of ten. I'd advise potential new users to ensure they do proper sizing before deploying the product. If it's a very large deployment, the number of endpoints will be quite sizeable. You need to figure out the correct number of endpoints as well as endpoint devices, switches, routers, etc. It's also a good idea to look at use cases. Splunk is very strong in some use cases. It's important to look into deployment scenarios and check out the…
SK
Senior Consultant at sectecs
Consultant
Top 5Leaderboard
Powerful programming language and search capability, but it is expensive and the vendor is inflexible

What is our primary use case?

My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product.

Pros and Cons

  • "What I really like is that even if you have already collected the data, you can extract fields and can build searches."
  • "I would like to see more SIEM functionality and a better ticket tool."

What other advice do I have?

This is a solution that I could recommend for somebody who wants a really powerful product. It is not an end to end orchestrated SIEM yet. This is a product that I would generally recommend, although I would not do so if the customer is really budget-driven. I would rate this solution a six out of ten.
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
509,570 professionals have used our research since 2012.
RM
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
Real User
Top 20
Flexible and scalable with good reporting

What is our primary use case?

The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system.

Pros and Cons

  • "The logs on the solution are excellent."
  • "It could be more user friendly, in terms of the end-user experience."

What other advice do I have?

We're just a customer. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'd advise those considering the solution to do some basic training before jumping into using the solution. It will help you understand how everything is supposed to work. I'd rate the solution at an eight out of ten, due to the fact that it's more flexible than other solutions. I like the idea of taking a log, any log, and putting it into a tool and creating your events and your conditions in order to get the output that you're looking for. It's more scalable and flexible…
DG
CSSP Manager at a tech services company with 51-200 employees
MSP
Top 5Leaderboard
Good at log collection and log management; not ideal for monitoring

What is our primary use case?

I'm the CSSP manager and we are customers of Splunk.

Pros and Cons

  • "Good for log collection and log management."
  • "This is not really a monitoring solution."

What other advice do I have?

It's important to prepare. You can't just get a solution and start to implement it. A big part of that needs to be preparation, and in IT, we're not great at that. I would go with Elastic, a similar product but better. The licensing is a little different but it gives you a little more freedom to do things. It's really flexible with what you can do and versatile in how you can use it. Splunk is still top when it comes to log collection. If you wanted anything more than that, you should probably look into using several different products. There isn't really one product that you're going to find…
RB
Automation Specialist, Analytics at a computer software company with 10,001+ employees
Real User
Top 10
Identifies data patterns and provides metrics and intelligence for business operations

What is our primary use case?

I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects.

Pros and Cons

  • "Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
  • "I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."

What other advice do I have?

I would definitely recommend using Splunk. They have free learning models available. There are models available on their learning page where you can gain a better understanding of how to use Splunk. Within one month alone, you can at least understand how to operate Splunk, whereas, with other tools, it can take a lot of time to understand. On a scale from one to ten, I would give Splunk a rating of nine. The only downside is the cost. Price is the only factor; sometimes, companies shy away from Splunk because of the price.
Solutions Consultant at a tech services company with 1,001-5,000 employees
Real User
Top 10
Easy to use, provides a lot of analytics, and allows you to do pretty much whatever you want

Pros and Cons

  • "It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want."
  • "If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide."

What other advice do I have?

I would definitely recommend Splunk. It is quite a decent tool, and it is there in a lot of enterprises. I would rate Splunk an eight out of ten.
RU
Senior Solutions Architect with 51-200 employees
Real User
Top 5Leaderboard
Seamless integration with devices and operating systems, centralized management and control, and proactive support

What is our primary use case?

We are a solution provider and Splunk is something that we provide as a service to our customers.

Pros and Cons

  • "The integration is seamless with many devices and operating systems."
  • "Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."

What other advice do I have?

This is a product that I recommend for anybody who wants and advanced SIEM solutions. Of the three that I have used including QRadar and ArcSight, Splunk is the one that I prefer. I would rate this solution a nine out of ten.
Technical Account Manager at Trustaira
Reseller
Top 20
Straightforward to set up with great integration capabilities and a high level of maturity

What is our primary use case?

We primarily use the solution for monitoring and security. We can use the solution to try to find some correlational data. For example, in banks, there is usually a protocol whereby users cannot withdraw more than a certain amount of money from an ATM. However, we find that, when people are on holiday, they are trying to withdraw more than the allowed amount. It's a use case we can deploy in our country. You can set certain rules and watch the data in order to gain insights.

Pros and Cons

  • "The solution has proven to be quite stable."
  • "The product is relatively expensive."

What other advice do I have?

We are resellers. We use a variety of deployment models, including private cloud and hybrid. This solution is the best security solution. If a company is looking for the best, they have to buy Splunk. It is a very good and very mature solution. It is very easy to integrate with some other service or security solutions. If they have specific solutions that need to be integrated for monitoring purposes, it should be a problem. For example, it integrates very well with Cisco. I'd rate the solution at a ten out of ten. We are quite happy with its capabilities.
See 22 more Splunk Reviews
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros sharing their opinions.