Splunk Overview
Splunk is the #1 ranked solution in our list of Log Management Software. It is most often compared to Datadog: Splunk vs Datadog
What is Splunk?
Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.
Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.
Splunk is also known as Splunk Enterprise Security.
Splunk Buyer's Guide
Download the Splunk Buyer's Guide including reviews and more. Updated: December 2020
Splunk Customers
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Splunk Video
Pricing Advice
What users are saying about Splunk pricing:
- "The pricing model is expensive and a nightmare based on the amount of data."
- "Our customers often complain that the price of Splunk is too high."
- "Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market."
Splunk Reviews
Filter by:
Loading...
Filter Unavailable
Loading...
Filter Unavailable
Loading...
Filter Unavailable
Loading...
Filter Unavailable
Loading...
Filter Unavailable
Order by:
Loading...
Search:
Balamurali Vellalath
Practice Head-CyberSecurity at a tech services company with 1,001-5,000 employees
Good support with an intuitive dashboard but the cost is too high
What is our primary use case?
Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well. As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints… more »Pros and Cons
- "The most valuable aspect of the solution is the dashboard. It's very intuitive."
- "There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
What other advice do I have?
We're partners. We have a business relationship with Splunk. We're using the latest version of the solution. Overall, I would rate the solution at a seven out of ten. I'd advise potential new users to ensure they do proper sizing before deploying the product. If it's a very large deployment, the number of endpoints will be quite sizeable. You need to figure out the correct number of endpoints as well as endpoint devices, switches, routers, etc. It's also a good idea to look at use cases. Splunk is very strong in some use cases. It's important to look into deployment scenarios and check out the…
Steffen Klein
Senior Consultant at sectecs
Powerful programming language and search capability, but it is expensive and the vendor is inflexible
What is our primary use case?
My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product.Pros and Cons
- "What I really like is that even if you have already collected the data, you can extract fields and can build searches."
- "I would like to see more SIEM functionality and a better ticket tool."
What other advice do I have?
This is a solution that I could recommend for somebody who wants a really powerful product. It is not an end to end orchestrated SIEM yet. This is a product that I would generally recommend, although I would not do so if the customer is really budget-driven. I would rate this solution a six out of ten.
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
454,950 professionals have used our research since 2012.
reviewer1317924
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
Flexible and scalable with good reporting
What is our primary use case?
The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system.Pros and Cons
- "The logs on the solution are excellent."
- "It could be more user friendly, in terms of the end-user experience."
What other advice do I have?
We're just a customer. We don't have a business relationship with Splunk. We're using the latest version of the solution. I'd advise those considering the solution to do some basic training before jumping into using the solution. It will help you understand how everything is supposed to work. I'd rate the solution at an eight out of ten, due to the fact that it's more flexible than other solutions. I like the idea of taking a log, any log, and putting it into a tool and creating your events and your conditions in order to get the output that you're looking for. It's more scalable and flexible…reviewer1453023
CSSP Manager at a tech services company with 51-200 employees
Good at log collection and log management; not ideal for monitoring
What is our primary use case?
I'm the CSSP manager and we are customers of Splunk.Pros and Cons
- "Good for log collection and log management."
- "This is not really a monitoring solution."
What other advice do I have?
It's important to prepare. You can't just get a solution and start to implement it. A big part of that needs to be preparation, and in IT, we're not great at that. I would go with Elastic, a similar product but better. The licensing is a little different but it gives you a little more freedom to do things. It's really flexible with what you can do and versatile in how you can use it. Splunk is still top when it comes to log collection. If you wanted anything more than that, you should probably look into using several different products. There isn't really one product that you're going to find…reviewer1454661
Automation Specialist, Analytics at a computer software company with 10,001+ employees
Identifies data patterns and provides metrics and intelligence for business operations
What is our primary use case?
I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects.Pros and Cons
- "Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
- "I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."
What other advice do I have?
I would definitely recommend using Splunk. They have free learning models available. There are models available on their learning page where you can gain a better understanding of how to use Splunk. Within one month alone, you can at least understand how to operate Splunk, whereas, with other tools, it can take a lot of time to understand. On a scale from one to ten, I would give Splunk a rating of nine. The only downside is the cost. Price is the only factor; sometimes, companies shy away from Splunk because of the price.
Gregg Woodcock
Consultant at Splunxter, Inc.
Our clients are easily able to modify and evolve their implementations
What is our primary use case?
Security. We have built SIEM solutions three times from the ground up (not ES) using Splunk for some of the largest companies in the world.Pros and Cons
- "With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM"
- "Our clients are easily able to modify and evolve their implementations."
- "It needs a better way to export dynamic views without requiring a ton of code and user/pw."
- "It needs integration with a configuration management solution."
- "It needs integration with a configuration management solution."
What other advice do I have?
You can also get GREAT help at answers.splunk.com.Presal0998
Presales Manager at a tech services company with 11-50 employees
Clients benefit from the live security monitoring of their parent IP infrastructure base but Splunk should adjust the pricing
What is our primary use case?
We use it for security incident event management and for IT service intermediates.Pros and Cons
- "The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."
- "Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."
What other advice do I have?
I will rate it as a security product an eight out of 10. There's no product which is perfect unless you go back and you create a psychic of the solutions.Direct9887
Director of Information Security with 201-500 employees
Extremely scalable but they need to make purpose-built modules more robust
What is our primary use case?
* SIEM * Security information * Event managementPros and Cons
- "It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
- "The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
What other advice do I have?
As a logging solution, I would say it's probably an eight or nine. If you're talking about the SIEM I'd say it's probably about a five. For logging, I think they would have to change the costing model. The costing model is way out of line. It's built for very large organizations.See 25 more Splunk Reviews
Product Categories
Security Information and Event Management (SIEM) Log Management IT Operations AnalyticsPopular Comparisons
Datadog
Dynatrace
IBM QRadar
Graylog
ELK Kibana
Zabbix
Fortinet FortiAnalyzer
ArcSight Enterprise Security Manager (ESM)
New Relic APM
Devo
AppDynamics
vRealize Log Insight
LogRhythm NextGen SIEM
ELK Logstash
Azure Monitor
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Dynatrace and Splunk?
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?