2018-04-20T18:39:00Z

What is your primary use case for Splunk?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Guest
2626 Answers

author avatar
Top 5LeaderboardReal User

Business indicators (KPIs) for specific (and limited) purpose together IT area, some tests with security build-in "use-cases" and like a correlation tool using pre-defined SPL (Search Processing Language).

2021-05-11T18:16:03Z
author avatar
Top 5LeaderboardReal User

We are using Splunk for cybersecurity operations.

2021-04-19T15:09:49Z
author avatar
Top 5LeaderboardReal User

We are a solution provider and Splunk is something that we provide as a service to our customers.

2021-03-05T11:09:33Z
author avatar
Top 10Real User

We are using Splunk as a SIEM tool. We're using it for monitoring.

2021-02-17T09:35:39Z
author avatar
Top 5LeaderboardReal User

We have multiple use cases, almost 200 plus use cases. An example, travel activities where you log in.

2021-01-22T16:57:51Z
author avatar
Top 5LeaderboardConsultant

My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product.

2021-01-04T14:26:19Z
author avatar
Top 20Real User

The primary use case of this solution is to monitor Cyber Mission databases. I create the diagrams to create an architecture that is then implemented. However, creating these diagrams are for my own learnings since these implementations are usually already available in the cloud office logs.

2020-12-27T09:14:00Z
author avatar
Top 10Real User

We primarily use the solution for monitoring our infrastructure.

2020-12-19T13:28:50Z
author avatar
Top 5LeaderboardMSP

I'm the CSSP manager and we are customers of Splunk.

2020-12-16T06:34:38Z
author avatar
Top 10Reseller

We use Splunk for security and also PCI compliance. We have installed and implemented this solution for several clients in Bolivia with our team. We have received training from Splunk directly, and we have also provided training to our clients. We deploy two versions: one for on-premise and one for the cloud. Most of our customers purchase Splunk because they required a tool for gathering and collecting all of the logs from the infrastructure in order to make a correlation between data and to spot patterns surrounding security incidents.

2020-12-15T22:53:44Z
author avatar
Top 5LeaderboardReal User

We are using Splunk to look at the logs, and see what is happening.

2020-12-15T15:05:19Z
author avatar
Top 20Real User

We use a lot of sales metrics. We use machine learning models to provide sales forecasting. We create database connections and run a query on the database. The next step is to place the data into Splunk. We create indexes to get the data into the Splunk dashboard.

2020-12-09T16:02:00Z
author avatar
Top 5LeaderboardReal User

We use Splunk for log analysis and security monitoring.

2020-12-07T22:17:33Z
author avatar
Top 10Real User

I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects.

2020-12-02T20:10:59Z
author avatar
Top 10Real User

We use Splunk on-premise. We mostly use it for log analysis and fraud detection. We are also testing using it in machine learning and other solutions. We have 10 people managing Splunk and we have approximately 150 people using the product in total.

2020-12-02T19:50:00Z
author avatar
Top 20Real User

The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system.

2020-11-27T18:12:28Z
author avatar
Top 5LeaderboardReal User

Our primary use case of Splunk is for log monitoring and infrastructure monitoring. If we want to diagnose any issue in our application, we just push our application logs. This is on any client server using the universal forwarder logs on the Splunk server. After indexing, we can create a base log, and create attractive dashboards that are simple to understand and use. I'm a system administrator and we are customers of Splunk.

2020-11-23T21:49:36Z
author avatar
Top 10Real User

It's the primary place where I'd go to do an investigation if I want to see what's going on within an endpoint, or on a network, or with a user.

2020-11-23T17:00:05Z
author avatar
Top 5LeaderboardReal User

We are a software development company and Splunk is one of the products that we have implemented for our clients. It is used for log analytics as well as the mobile SDK for checking the stability of mobile applications.

2020-11-19T12:12:05Z
author avatar
Top 5LeaderboardMSP

Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well. As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints and number of switches and routers. There were many regional branch offices and they have data centers and therefore, many assets in terms of endpoints. They had 30% of their assets are running on the cloud and they needed a complete solution from an incident monitoring and management perspective. That's why we deployed Splunk. They wanted to reduce the MTTR, and meantime resolution, and maintain detection. They didn't want to add more SOC analysts into their SOC as the organization scaled up. They have a plan to scale from 5,000 endpoints into 15-20,000 endpoints. They're very particular about deploying the SOC operation center. Splunk has since acquired Phantom as a SOAR platform. Therefore, we have tried to manage the security automation using Phantom with the help of Splunk deployments. It helps us meet the customer's requirements.

2020-11-18T18:48:43Z
author avatar
Top 5LeaderboardReal User

We are using the mobile SDK to check the stability of mobile applications.

2020-11-13T19:55:12Z
author avatar
Real User

Log collection and search.

2019-03-27T11:05:00Z
author avatar
Real User

Our primary use case is for monitoring and cybersecurity.

2019-03-14T11:34:00Z
author avatar
Real User

We were using Splunk for our networking to know exactly what kind of the traffic was going from one network to another network because we had a lot of the connections on other sites.

2019-03-10T16:43:00Z
author avatar
Real User

We need something to collect all our logs in a centralized solution. We have several servers but we don't have any log collection system.

2019-03-06T07:41:00Z
author avatar
Top 5Real User

Security. We have built SIEM solutions three times from the ground up (not ES) using Splunk for some of the largest companies in the world.

2018-04-20T18:39:00Z
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
509,820 professionals have used our research since 2012.