Splunk Valuable Features
Balamurali Vellalath
Practice Head-CyberSecurity at a tech services company with 1,001-5,000 employees
The most valuable aspect of the solution is the dashboard. It's very intuitive. The reporting is excellent. The team and the SOC analyst are able to easily track the alerts and the correlation is very good compared to other SIEM tools. View full review »
Steffen Klein
Senior Consultant at sectecs
The Splunk programming language allows you to pipe searches into another searches. What I really like is that even if you have already collected the data, you can extract data and add fields which improves building searches. This is not the case with Elasticsearch, where this needs to be done upfront. View full review »
reviewer1317924
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
The logs on the solution are excellent. Mostly I see just the reports or the outcome, however, with the log portion, where you could actually take log entries and pass them through the system in order to create events or conditions, and get reports. You can set up your conditions to the logs that you invested into Splunk, and get the reports or the output that you want. View full review »
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
455,301 professionals have used our research since 2012.
reviewer1453023
CSSP Manager at a tech services company with 51-200 employees
Splunk is good at log collection and log management. View full review »
reviewer1454661
Automation Specialist, Analytics at a computer software company with 10,001+ employees
Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data. The ease of deploying the agent is great in Splunk. One can easily deploy the Universal Forwarder which can extract any amount of information and put it into an indexer. The flexibility of ingesting any kind of data is good with Splunk. In regards to action-oriented tasks, If an alert is triggered where I have to perform a certain action in the form of executing a Python script or invigorating a PowerShell script — this is easy to do with Splunk. The Splunkbase is great. There are thousands of apps that are already available, I can install those apps with full-connectivity and use them to extract any form of data. The community in the Splunkbase is also really strong. The ease of integration with third-party tools is great. In the Splunkbase, there are so many apps that are easy to integrate with. The user interface is really good. There is a machine learning toolkit — I like it a lot. They have use cases in place so that people with little experience in machine learning can go through these examples of use cases and gain a better understanding. View full review »
Gregg Woodcock
Consultant at Splunxter, Inc.
* Core Splunk * Saved searches * Dashboards (SimpleXML) With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM. View full review »
Presal0998
Presales Manager at a tech services company with 11-50 employees
Splunk has many good apps and has a contribution from all security vendors. That's where Splunk wins. View full review »
reviewer1463439
Senior Informatica Administrator at a computer software company with 10,001+ employees
The logging features are useful as are the dashboards and alerts in addition to the organization of data. It has options for creating dashboards and alerts. You can also create queries in the SQL language. Splunk is a user-friendly solution. View full review »
Praful Bhatnagar
Principal Systems Engineer at a computer software company with 10,001+ employees
It's the completeness of the solution that we like the most. It has a solution for backend log analytics, but also one for mobile applications. View full review »
reviewer1470723
Assistant Vice President at a financial services firm with 10,001+ employees
The models that we use are pretty mature at this point, which means we can be assured we are given the best use cases right out of the box. We can just plug into the applications and everything is set up. There's very little configuration necessary. The integrations that are offered with different tools are all very good. They offer integrations for all levels of security and have offerings from some of the other major solutions in the space. The initial setup is pretty straightforward. View full review »
reviewer1200885
Engineer at a financial services firm with 201-500 employees
The flexibility of the solution is quite good. The product is stable. It offers good scalability if you are willing to pay. The technical support on offer is responsive. View full review »
Shaveta Datta
Technical Project Manager at Altran
It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull up the reports very easily, take action, and notify stakeholders. View full review »
HimanshuTejwani
System Administrator at a tech services company with 51-200 employees
This is a straightforward solution, easy to configure and difficult to mess up. View full review »
Mui Tran
Project Manager at Idemitsu Oil & Gas
The most valuable feature of Splunk is the log monitoring. View full review »
Praful Bhatnagar
Principal Systems Engineer at a computer software company with 10,001+ employees
The completeness of the solution is what we like the most. View full review »
Julio Ortiz
General Manager at Intersoft S.A.
The correlation capabilities are the first value that our clients say they like with Splunk. Another benefit is that they can connect to any device or log from any device from anywhere. It's easy, the tool is very easy to install and set up. View full review »
reviewer1478619
IT System Developer/Admin at a manufacturing company with 10,001+ employees
The features I have found most valuable are the dashboards. I monitor the complete capacity that users are using in the company. View full review »
reviewer1375737
Manager-TCTSL NGN Security-Practices at a comms service provider with 10,001+ employees
This is a good solution and allows you to get different products developed, it provides very good features. There is a large community so we can get different apps and different modules provided by the open source community. We work with that and have built a partnership with them. The solution provides automation and good visualization. They have developed their products in such a way that you can have that product in your set up. View full review »
reviewer1062186
Sr. IT Manager at a government with 10,001+ employees
The most valuable feature is the log aggregation, being able to scan through all of the logs. View full review »
reviewer1342776
Data Scientist at a tech vendor with 201-500 employees
The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature. View full review »
Rudi Wicaksono
Architecture and Security Team Leader at Offshore North West Java (ONWJ)
All the features are valuable. It helps us uncover bottlenecks in the network. View full review »
Marc Chan
Net Sec at a tech services company with 11-50 employees
The search function for splunk is like a google search. You just enter and it will quickly show you the results. View full review »
reviewer1062186
Sr. IT Manager at a government with 10,001+ employees
The most valuable feature is that it's very good for log aggregation. View full review »
Luiz Fernandes
Técnico Judiciário at a government with 1,001-5,000 employees
Splunk is a good solution to collect more events than other solutions. It's a good solution, for me, for this reason. View full review »
RhondaTurner
VMware Engineer at First Data Corporation
* In-depth logs * Add-ons * The ability to ingest data from other tools * The detailed log view * It's easy to read View full review »
M Ghuyoor Syed
Sr. Manager Information Security at Tapal Tea (Private) Limited
Selecting the relevant events and records. View full review »
reviewer1048674
Cyber Analyst with 501-1,000 employees
The ability to correlate results. View full review »
Emad Ul Haq
Network & Telco Lead at Mercury
Log search and alerting/reporting. View full review »
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
455,301 professionals have used our research since 2012.
Product Categories
Security Information and Event Management (SIEM) Log Management IT Operations AnalyticsPopular Comparisons
Datadog
Dynatrace
IBM QRadar
Graylog
ELK Kibana
Zabbix
Fortinet FortiAnalyzer
ArcSight Enterprise Security Manager (ESM)
New Relic APM
AppDynamics
Devo
vRealize Log Insight
LogRhythm NextGen SIEM
ELK Logstash
Azure Monitor
Buyer's Guide
Download our free Splunk Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between Dynatrace and Splunk?
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?