Splunk Reviews

Sr. Principal Info Sec Analyst at a tech vendor with 5,001-10,000 employees
Real User
Top 10
Helped eliminate repetitive and redundant tasks, but custom functions and reporting need a lot of work
Pros and Cons
  • "When you design a playbook, you can integrate multiple log sources and define rules... After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved."
  • "Suppose I am initially granted user rights or analyst rights, but later on, I also get admin rights. SOAR is unable to amend the limitations of my role. I raised a support ticket with Splunk about this. They said it's a bug in their 5.3.5 version. To fix this, I had to reinstall the entire platform from scratch.."

What is our primary use case?

I'm using it mainly for SOC automation and reporting. It's for incident and threat modeling, incident reporting, and triage.

I come from a cybersecurity background and I used to work on the tickets for the security alerts we received from various sources, including Splunk and other SIEM tools. The major challenge was that we were occupied with a lot of noise and activities like validation of IP reports, DNS checks, and traffic monitoring. These were redundant activities that every analyst had to do. We wanted to stop these kinds of activities. 

How has it helped my organization?

Splunk SOAR has multiple integrations with various tools, such as VirusTotal. Once we purchased those tools from the respective owners and automated them, the kinds of redundant activities we were having to do were almost immediately stopped.

Also, the ingestion of multiple log sources together helped us eliminate false positives. Using the SOAR platform, our monthly alert count was reduced from 1,100 to 200 or 250. That was the best impact we have seen from implementing SOAR in our environment.

It has reduced our mean time to detect and mean time to respond, from 20 to 30 minutes to just 5 to 10 minutes. In cybersecurity, every moment can be a ticking time bomb for us. We need to get to a solution immediately, whenever any incident is triggered in our environment. SOAR has helped us a lot.

Using this platform has resulted in a better work-life balance for my team.

What is most valuable?

One of the features I like most is playbook creation, and custom functions are another. 

When you design a playbook, you can integrate multiple log sources and define rules. That used to be done by the analysts by going to the respective tools and doing tasks manually. Now, with playbook design, writing down those rules is a one-time activity that a SOAR admin has to do. After that, the platform automatically compiles all these activities and, based on the results, the analyst only has to indicate whether the result is a true or false positive. That reduces the time and effort involved. Our KPIs have greatly improved. An incident that used to take 15 to 20 minutes, was reduced to five minutes. This helped us speed up our response to any alert, whether it was a true positive or false positive.

Another of the best parts of the SOAR platform is its ability to integrate with other systems and applications. It provides API integrations and, through them, I can limit the rights for the tool, which is good. If I want to integrate any of the applications with CrowdStrike, but only for incident-review policies or just to review the work automation, I can grant rights only for those purposes. That is one of the best features available in SOAR. It is very easy to implement and very user-friendly.

What needs improvement?

The visibility of the solution’s playbook viewer depends on the right you assign to the analyst. SOAR has the flexibility to distinguish between the roles of analyst and owner. If the analyst's role is to just work on a ticket, they cannot view the playbook design platform. That is limited to the owner. That can be both a good and bad thing.

A major problem I have faced in SOAR's rights distribution is roles and responsibilities. Suppose I am initially granted user rights or analyst rights, but later on, I also get admin rights. SOAR is unable to amend the limitations of my role. I raised a support ticket with Splunk about this. They said it's a bug in their 5.3.5 version. To fix this, I had to reinstall the entire platform from scratch, just to amend the rights and responsibilities of one role. This bug was not fixed.

Also, the latest GUI is terrible. The previous one was better.

Another point is that while using Splunk SOAR in an investigation is not difficult, there are some complex parameters. We have SOAR case management, but the licensing is going to put a big hole in your pocket. Also, there is an issue with investigation node addition. When you are doing node additions you cannot grant the entire environment to have SOAR visibility into the incident. So when you integrate it with an ITSM tool, like ServiceNow or Jira for ticketing purposes, there is a challenge. When you do nodes for investigation on a regular basis, sometimes it does not update our ServiceNow platform, which is terrible. It is a redundant activity for an analyst to update that in the case management as well as in the ITSM tool. Although SOAR provides integration, the functionality of investigation and nodes is terrible when it comes to integration.

An additional area for improvement is custom function creation. It's terrible. A newbie cannot create custom functions right away. They would require a solid understanding first.

Also, the reporting is really awful. If I want to do a report for a customized time period, such as the last three days or the last four days, or from the 10th to the 12th of June, that is not available in SOAR at all. That kind of feature is available in Cortex XSOAR. Reporting is a real challenge.

For how long have I used the solution?

I have been using Splunk SOAR for four years.

What do I think about the stability of the solution?

It's a stable environment. I don't have any complaints about it in terms of its stability.

What do I think about the scalability of the solution?

Aside from the issue I described where I started with an analyst's role in the solution and then was granted an admin role but the privileges remained those of an analyst, and I had to reinstall the entire platform, overall, the scalability is good.

How are customer service and support?

We have contacted their tech support many times. They are readily available if I raise a P-1 ticket, because SOAR is not something we can work without. Their support is good and more capable than the SME we hired.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Before SOAR was purchased by Splunk, it was named Phantom and that is what I have worked with most of the time. I have also worked on Demisto, which is now Palo Alto Cortex XSOAR. That was a bit more user-friendly compared to Splunk SOAR.

How was the initial setup?

The initial deployment of SOAR is very complex. In my previous company, the deployment took me almost 10 days, and that was with a Splunk SME sitting with us. We paid them money to have the SME, but even he was unable to do what we needed to be done. Later on, we raised a support ticket with them and there were multiple escalations from our upper management to the Splunk management team. They then sent a good technical guy and he fixed the issue within five minutes. Before that, we were unable to do the DR instance. It took around 10 to 15 days just to fix that.

It's very difficult to install. No newbie could install SOAR on his own. He will require support. Here, I'm specifically talking about the later versions, not Phantom, rather once it became Splunk SOAR v5.3.5.

We had three people involved.

There is some maintenance. For example, it was using Python 2.7 and then there was the decommissioning of that version and the move to Python 3.x. That meant upgrading all the playbooks.

What's my experience with pricing, setup cost, and licensing?

It's very overpriced because it is based on the number of users. There is no bulk licensing.

What other advice do I have?

My advice would be to negotiate the cost. And if your organization is on the smaller side, with between 200 to 500 employees, you should not purchase it because it will blow up your finances. A bigger environment, with 2,000-plus employees, can go with the Splunk SOAR solution.

And if you are going with this solution, you should confirm what support they are going to provide, such as whether they are going to provide training credits or not. Sometimes they don't provide Splunk credits for training. Any newbie who is going to work on this will find it terrible to work in this environment. He will not be able to work without guidance. Other SOAR solutions, like Demisto (Cortex SOAR) are very user-friendly.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

Splunk Questions

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

Hi Everyone,

What do you like most about Splunk Insights for Infrastructure?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 27 2024

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 27 2024

Please share with the community what you think needs improvement with Splunk Insights for Infrastructure.

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 27 2024

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 27 2024

If you were talking to someone whose organization is considering Splunk Insights for Infrastructure, what would you say?

How would you rate it and why? Any other tips or advice?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Gregg Woodcock - PeerSpot reviewer
Gregg Woodcock#1 is InfoSec #2 is BI #3 is IoT
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraBusiness indicators (KPIs) for specific (and limited) purpose together IT area… more »
143 Answers
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraCost versus volume in the medium/long term are heavy. It is a great tool but you… more »
92 Answers
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

If you were talking to someone whose organization is considering Splunk, what would you say?

How would you rate it and why? Any other tips or advice?

Engineercb47 - PeerSpot reviewer
Engineercb47Make sure it fits your use case. Be clear about what you want to achieve, get… more »
Tomi Juslin - PeerSpot reviewer
Tomi JuslinSplunk's website is quite useful. You can find a lot of information on it. I… more »
Gavan McLaughlin - PeerSpot reviewer
Gavan McLaughlinIt works well when searching logs. If you looked to try to do things beyond… more »
131 Answers
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

Hi Everyone,

What do you like most about Splunk?

Thanks for sharing your thoughts with the community!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 27 2024

Hi Everyone,

What needs improvement with Splunk?

Thanks for sharing your thoughts with the community!

Shaveta Datta - PeerSpot reviewer
Shaveta DattaI would like to see them develop integration with the help of a rack rest API… more »
it_user762567 - PeerSpot reviewer
it_user762567The tool itself is very difficult to configure. It's great for its number of… more »
Mui Tran - PeerSpot reviewer
Mui TranIf possible, we would like to have not only a log monitoring system but a… more »
130 Answers
Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 16 2024

Hi Everyone,

What do you like most about Splunk Cloud?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 16 2024

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 16 2024

Please share with the community what you think needs improvement with Splunk Cloud.

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 16 2024

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 16 2024

If you were talking to someone whose organization is considering Splunk Cloud, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 09 2024

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 09 2024

Hi Everyone,

What do you like most about Splunk Enterprise Platform?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 09 2024

Please share with the community what you think needs improvement with Splunk Enterprise Platform.

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 09 2024

If you were talking to someone whose organization is considering Splunk Enterprise Platform, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 09 2024

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 02 2024

Hi Everyone,

What do you like most about Splunk Phantom?

Thanks for sharing your thoughts with the community!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 02 2024

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 02 2024

Please share with the community what you think needs improvement with Splunk Phantom.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Feb 02 2024

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Feb 02 2024

If you were talking to someone whose organization is considering Splunk Phantom, what would you say?

How would you rate it and why? Any other tips or advice?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Dec 20 2023

If you were talking to someone whose organization is considering Splunk IT Service Intelligence (ITSI), what would you say?

How would you rate it and why? Any other tips or advice?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Dec 20 2023

Hi Everyone,

What do you like most about Splunk IT Service Intelligence (ITSI)?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

Please share with the community what you think needs improvement with Splunk IT Service Intelligence (ITSI).

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

Hi Everyone,

What do you like most about SignalFx?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

If you were talking to someone whose organization is considering SignalFx, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 20 2023

Please share with the community what you think needs improvement with SignalFx.

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 19 2023

Hi Everyone,

What do you like most about Splunk Incident Intelligence?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 19 2023

Please share with the community what you think needs improvement with Splunk Incident Intelligence.

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 19 2023

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 19 2023

If you were talking to someone whose organization is considering Splunk Incident Intelligence, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Dec 19 2023

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
Nov 15 2023

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

If you were talking to someone whose organization is considering Splunk Real User Monitoring (RUM), what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Hi Everyone,

What do you like most about Splunk Real User Monitoring (RUM)?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Please share with the community what you think needs improvement with Splunk Real User Monitoring (RUM).

What are its weaknesses? What would you like to see changed in a future version?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

Hi Everyone,

What do you like most about Splunk User Behavior Analytics?

Thanks for sharing your thoughts with the community!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Please share with the community what you think needs improvement with Splunk User Behavior Analytics.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

If you were talking to someone whose organization is considering Splunk User Behavior Analytics, what would you say?

How would you rate it and why? Any other tips or advice?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Hi Everyone,

What do you like most about VictorOps?

Thanks for sharing your thoughts with the community!

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Please share with the community what you think needs improvement with VictorOps.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot

If you were talking to someone whose organization is considering VictorOps, what would you say?

How would you rate it and why? Any other tips or advice?

Shibu Babuchandran - PeerSpot reviewer
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees

Hi dear professionals,

How would you compare Securonix and Splunk as a SIEM enterprise solution? 

Manoj Gautam - PeerSpot reviewer
Manoj GautamI believe when we built a solution for any customer SOC environment, we need to… more »
1 Answer
Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)

Which is better and why?

Shibu Babuchandran - PeerSpot reviewer
Shibu BabuchandranHi @Netanya Carmi​ Below are some comparisons on features and Integrations.… more »
2 Answers
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)

Why?

David Swift - PeerSpot reviewer
David SwiftIt would really depend on (1) which logs you need to ingest and (2) what are… more »
1 Answer
Navin Rehnius - PeerSpot reviewer
Navin Rehnius
SOC Analyst at Tata Consultancy Services, Ltd

Hi community members,

I'm a security engineer at a Tech Services company and I'm currently exploring SOC solutions, such as Rapid7 InsightIDR, Splunk, IBM QRadar and ArcSight Analytics.

Based on your experience, which SOC tool/solution would you recommend and why?

Kumar Mahadevan - PeerSpot reviewer
Kumar MahadevanI haven't used these big-name ones like Splunk etc. but I feel they're… more »
Jack Callaghan - PeerSpot reviewer
Jack CallaghanFor tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing… more »
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraApache Metron, ELK, OSSIM, Splunk and Qradar (in cost/benefit order for… more »
12 Answers
William Milton - PeerSpot reviewer
William Milton
Works at VAE-MARMARA8

Hi peers,

I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions.

Can anyone help with the insights?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick ClearSkies SaaS NG SIEM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Seceon Open Threat Management Platform or Splunk? What are the advantages and disadvantages of each? Are there specific use cases where one provides a better solution than the other?
Read More »
Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick SIEMStorm or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Elastic SIEM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick SolarWinds MSP Threat Monitor or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick AlienVault OSSIM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Devo or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick DNIF or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Rapid7 InsightIDR or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick IBM Watson for Cyber Security or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Exabeam or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot
When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Oracle Security Monitoring and Analytics Cloud Service or Splunk? What are the advantages and disadvantages of each? Are there specific use cases where one provides a better solution than th...
Read More »
Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Snare or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Masergy or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick ManageEngine Log360 or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Securonix Security Analytics or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Interset UEBA or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick LogPoint or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick AT&T AlienVault USM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick LogRhythm NextGen SIEM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick Splunk or ThetaRay?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick NetIQ Sentinel or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick McAfee ESM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick LogLogic or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick ArcSight or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick SolarWinds LEM or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick SenSage AP or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Julia Miller - PeerSpot reviewer
Julia Miller
PeerSpot

When looking for a Security Information and Event Management (SIEM) solution, are you more likely to pick IBM QRadar or Splunk?

What are the advantages and disadvantages of each?

Are there specific use cases where one provides a better solution than the other?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot
Hi community,  One of the most popular comparisons on IT Central Station is Dynatrace vs Splunk. People like you are trying to decide which one is best for their company. Can you help them out? What is the biggest difference between Dynatrace and Splunk? Which of these two solutions would yo...
Read More »
Bernd Harzog - PeerSpot reviewer
Bernd HarzogThe two things are entirely different Splunk is primarily a log collection,… more »
informat792312 - PeerSpot reviewer
informat792312Splunk and Dynatrace are two different solutions. Most organizations use both of… more »
Stacy Ness - PeerSpot reviewer
Stacy NessIt really depends on the use case. Dynatrace can actually enrich the data… more »
7 Answers
Vivek Vijayan - PeerSpot reviewer
Vivek Vijayan
DevOps Engineer at a tech company with 10,001+ employees
Hi Experts, I'm a DevOps Engineer for a Tech Services company with 10,000+ employees. I'm comparing ELK and Splunk. We're looking to use one solution to process logs for our IBM CLM application and for application server log analysis. Which of these two solutions would you recommend and...
Read More »
reviewer1182204 - PeerSpot reviewer
reviewer1182204Generally Elastic is very strong in datasearch, and Splunk has a strong security… more »
Dirk Becker - PeerSpot reviewer
Dirk BeckerFirst of all, we need to understand what those two softwares are; Splunk is a… more »
Norman Freitag - PeerSpot reviewer
Norman FreitagWe use ELK or other freeware stacks in isolated small scenarios Think of a… more »
4 Answers
it_user870255 - PeerSpot reviewer
Works at a comms service provider with 10,001+ employees

Which do you recommend, Phantom or Demisto Enterprise? Can you give examples of how those tools can eliminate manual work?

Claudia  Lorat - PeerSpot reviewer
Claudia LoratI would not recommend Phantom or Demisto, but rather JASK! JASK is modernizing… more »
2 Answers
it_user544149 - PeerSpot reviewer
Works at a tech services company with 10,001+ employees
From a few reviews I saw that Elastic Stack, which is an open source stack solution is gaining popularity.  Splunk has been in the market for quite some time but is commercial product.  Is it possible to replace Splunk with Elastic Stack?  If so, what are all ...
Read More »
it_user438393 - PeerSpot reviewer
IT Manager at a healthcare company with 1,001-5,000 employees
Folks,   What are your experiences in using Splunk as an Enterprise Class monitoring solution in either the infrastructure or application performance monitoring spaces?  How might it compare to a matured (or even not matured) instance of CA's suite inclusive of APM/Wily, CEM, ADA, ...
Read More »
it_user536142 - PeerSpot reviewer
it_user536142Hi Well I will summarize my answer in the simplest possible way. It all… more »
it_user708444 - PeerSpot reviewer
it_user708444Totally agree. Splunk is mainly an IT Ops Analytics solution (log manaegment… more »
10 Answers
it_user326337 - PeerSpot reviewer
Customer Success Manager at PeerSpot
Recently, our user activity has shown that Splunk is the most commonly searched solution on our site.  3,643 of our community members follow Splunk, and it's listed in five of our product categories: Log Management, Data Visualization, IT Operations Analytics, and Security Informat...
Read More »
Randall Hinds - PeerSpot reviewer
Randall HindsI agree with Aaron & Tom on their points. Along their use cases, I have been… more »
it_user113184 - PeerSpot reviewer
it_user113184Good log management solution you can use if you know what you ae looking for… more »
it_user380727 - PeerSpot reviewer
it_user380727The flexibility that it offers, One of the most powerful features of Splunk is… more »
8 Answers
Avigail Sugarman - PeerSpot reviewer
Avigail Sugarman
Community Manager at PeerSpot (formerly IT Central Station)

What are your experiences with these vendors/solutions? Pros and Cons?

it_user235365 - PeerSpot reviewer
it_user235365Hello As someone who worked with Splunk, Arcsight and Qradar. I am sorry but… more »
6 Answers
Avigail Sugarman - PeerSpot reviewer
Avigail Sugarman
Community Manager at PeerSpot (formerly IT Central Station)
The Wall Street Journal this week reported on new additions to the Splunk App to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data. The app also includes new features to help users connect and visualize data on the fly and introduces guid...
Read More »