- Highest Rating
- Lowest Rating
- Review Length
Dec 27 2018
What is most valuable?We like the dashboard creation and the ease with which we can harness the APIs to create custom BI dashboards on the fly. This adds most value for us. The nature of some of our microservices that I have run on the cloud are mixed workloads, wherein with the flow of data, it can change over time. In… more»
What needs improvement?For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is… more»
What other advice do I have?Make sure it fits your use case. Be clear about what you want to achieve, get out of the product, and how you want to integrate it. Once you tie the solution into your systems, it is not trivial or easy to walk away from. Therefore, due diligence needs to be made to understand what your requirements… more»
Which other solutions did I evaluate?I wasn't there when the evaluation was done. When I came on board, this product was handed down to me, and we have not evaluated any other solutions or products since then.
Dec 24 2018
It is easy for our developers to use if they want to search their logs. Something should be built into the product that if you're close to your license, then it shuts things down.
What is most valuable?Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc.
How has it helped my organization?We have used the alerts for a lot of things. They gave us the ability to kind of make an alert simply. So, we did one for SQL injection. We also had some services which… more»
What needs improvement?A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started… more»
What's my experience with pricing, setup cost, and licensing?The pricing seems good relative to the other vendors that we have had here. However, they need to find ways to be more flexible with the licensing and be able to deal with… more»
Which solution did I use previously and why did I switch?Before Splunk, we used Kibana and Elasticsearch. Sometimes, with them, logs wouldn't even be there. We have received an infinite time reduction there. We couldn't use what… more»
What other advice do I have?Implement something and watch how much data you are sending to it, then have some way to shut it off without redeploying your app in case things get hairy. We use the… more»
Which other solutions did I evaluate?There are a lot of vendors in the space at the conference this year. Therefore, we probably talked to six or seven different ones, and the market seems to be… more»
Find out what your peers are saying about Splunk, IBM, LogRhythm and others in Security Information and Event Management (SIEM). Updated: February 2020.
399,757 professionals have used our research since 2012.
Jan 09 2019
We were able to create a catalog of dashboards and have a holistic view at all levels, understanding our business better
What is most valuable?The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports. The dashboards are very intuitive and similar to… more»
How has it helped my organization?Every team immediately created their own Splunk dashboard, and all the product owners were ecstatic about this. We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much… more»
What needs improvement?The query language is pretty slick and easy, but it is not consistent in parts. Some of it feels a little esoteric. Personally, some of my engineers are coming from SQL or other languages. Some things are a little bit surprising in Splunk… more»
What other advice do I have?Go with Splunk. A lot of people know how to use it because they have experience with it. It works well. While it has some pain points, it provides reports and data visibility. It integrates great with Opsgenie, PagerDuty and Slack. We love… more»
Which other solutions did I evaluate?We knew we were going to go with Splunk. It was the leader and the one we liked. We didn't consider any others since Splunk met our needs. We chose Splunk because of the ease of the UI, querying, and creating dashboards. It has a… more»
Dec 19 2018
What is most valuable?The most valuable feature is its centralized log analytics.
How has it helped my organization?We have a one stop dashboard for health of some of our services where you can click in and it takes you to other dashboards that have custom near real-time metrics that show the application's health. From there, you can drill in to see the… more»
What needs improvement?The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer. Splunk is good about viewing data within the last seven or 14 days, but if you want to see a year-over-year trend, you… more»
What other advice do I have?It works well when searching logs. If you looked to try to do things beyond this, the problem that we ran into is that we treated it as the hammer which hits all nails. That is not really feasible, and there are other tools out there that… more»
Which other solutions did I evaluate?We looked at the Elk Stack, Kibana, and Sumo Logic. We chose Splunk because their cost is better, the maintenance factor is a little higher, and the core functionality is higher than what other products provide. The core functionality is… more»
Jan 01 2019
What is most valuable?The ability to create dashboards. You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do.
How has it helped my organization?We use it primarily for troubleshooting. We had an issue with SaltStack recently and were able to look for the same log entry on a thousand servers simultaneously, making the process easy.
What needs improvement?When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved. I would like to see an updated dashboard. The dashboard… more»
What other advice do I have?Build your environment a lot bigger than you think you will need it, because you fill it up quickly. We log somewhere in the neighborhood of two to four terabytes a day per data center. We use both AWS and SaaS versions. With the SaaS… more»
Which other solutions did I evaluate?Splunk has no real competition. It is just Splunk, and that is it.
Aug 05 2019
What is most valuable?* Core Splunk * Saved searches * Dashboards (SimpleXML) With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with… more»
How has it helped my organization?Out clients went from unhappy using inflexible, poorly-supported products (in some cases barely functionally) to confident and excited when using Splunk. Not only are they… more»
What needs improvement?* It needs integration with a configuration management solution. * It could use better password management for forwarders. * It needs a better way to export dynamic views… more»
What's my experience with pricing, setup cost, and licensing?Get free PS if you can (ask) or USE THE DOCS. The documentation will get you to success. If you are not getting more value out of Splunk than the license you are paying… more»
Which solution did I use previously and why did I switch?I have dabbled with LogRythm and ArcSight and they are both OK, but Time-To-Value is WAY shorter with Splunk, IMHO.
What other advice do I have?You can also get GREAT help at answers.splunk.com.
Which other solutions did I evaluate?No,we went with the free trial and got so much value so quickly we bought in.
Feb 14 2019
Clients benefit from the live security monitoring of their parent IP infrastructure base but Splunk should adjust the pricing
What is most valuable?Splunk has many good apps and has a contribution from all security vendors. That's where Splunk wins.
How has it helped my organization?We sell it to clients so clients benefit from Splunk in terms of live security monitoring of their parent IP infrastructure base. Their IP security and network application base is where we have a 24/7 monitoring interface.
What needs improvement?Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market. Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote… more»
What's my experience with pricing, setup cost, and licensing?Pricing is one factor that hurts everybody on the market; the client, the reseller, everybody that touches it. Only Splunk makes money. It is hard to have it for the long term if it's a stretch for your budget. Pricing becomes a problem and… more»
What other advice do I have?I will rate it as a security product an eight out of 10. There's no product which is perfect unless you go back and you create a psychic of the solutions.
Feb 12 2019
What needs improvement?The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the… more»
Which solution did I use previously and why did I switch?* AlienVault * LogRhthym * ArcSight * QRadar I've used a whole bunch of different solutions. For a SIEM based solution, they are more purpose-built for that function. Where Splunk is purpose-built for a general logging and data capture solution so you'd be able to capture a lot of different information.
What other advice do I have?As a logging solution, I would say it's probably an eight or nine. If you're talking about the SIEM I'd say it's probably about a five. For logging, I think they would have to change the costing model. The costing model is way out of line. It's built for very large organizations.
See 49 More Splunk Reviews
User Assessments By Topic About Splunk
Read Archived Reviews
What is Splunk?
Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.
Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.