Loading product reviews...
4.2 out of 5.0 (66 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Splunk but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 4 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    ease of use and installation, and how processes large amounts of data

    Overall Comment

    Pros The charts and visualizations that you can create in general have a good look and it has the minimum functionalities expected as a user (export, filtering, search, etc), I spent some time trying to understand the interface and functionalities but once I started to load some data and use the search I was able to see the capabilities of the product. Recommendations I am happy with this software and I would recommend this if you want to analyze real time data.


  • 3 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    SPLUNK - Cloud Rollout of ES

    Overall Comment

    bad custoer support and service; difficult excalation and support paths; low lovel of engagement with the vendor since sale

    What one piece of advice would you give other prospective customers?

    Must hold vendor accountable; relationship deteriates quickly

    What do you like most about the product or service?

    capabilites - future vision of the company, features

    What do you dislike most about the product?

    customer support, lack of functionality in the cloud, consistent customer relatons throughout the engagement

    What one thing do you wish the vendor did differently?

    stay engaged

    If you could start over, what would your organization do differently?

    Pressure the vendor for better support and a more interactive role at the beginning of the project; better POC process for better product evaluation

    Product capabilities - overall comment

    Splunk Cloud is the issue; cannot control our own destiny and implement our desired features and capabilities

    Service & support - overall comment

    Unacceptable response time, custoer relationship development, and engagement from the vendor. Literally, could not be worse


  • 5 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security, Other...

    Easy to implement and run.

    Overall Comment

    Great level of support! Local engineers and customer base are extremely supportive.

    What do you like most about the product or service?

    Flexibility!

    What one thing do you wish the vendor did differently?

    Cloud deployments are restrictive due to their SOC-2 controls. I wish they gave us more flexibility if we did not rely on their controls.

    If you could start over, what would your organization do differently?

    Plan for the unplanned - establish a procedure for onboarding and documenting new data sources.

    Service & support - overall comment

    Cloud support is great, however they can be rigid with deploying new applications, limiting your ability to drive value from the system.


  • 4 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Great search tool beyond just cyber security operations. A Swiss army knife for the IT.

    Overall Comment

    Great product for what's designed to do. A bit learning curve for staff who ever used the Splunk search language.

    What one piece of advice would you give other prospective customers?

    beware of the learning curve.

    What do you like most about the product or service?

    very powerful tool for all aspect of IT.

    What do you dislike most about the product?

    license can be expensive.

    What one thing do you wish the vendor did differently?

    explain customers what do data modeling really meant.

    If you could start over, what would your organization do differently?

    Have more IT groups outside of cyber involved at the beginning of the project. Take a deep dive on data modeling concept before committing ES.


  • 3 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Splunk review.

    Overall Comment

    The tool is working alright from the log gathering perspective. Splunk, however, is not a do-it-yourself piece of open source software. It requires technical configuration such as editing configuration files, indexing data, writing regular expression. It also requires a learning curve to understand where data is coming from and how Splunk will see them. Good feedback from Splunk includes: easy to search for data (i.e. type the string/parameter of info that you're looking for (e.g. a username), select a time range, and click the 'green - go' butter. Log entries pertained to a username displayed, while the query continues to run in the background if you selected a wider time range. Additionally, the log searching is fairly fast and it can return the requested data in a speedy manner.

    What one piece of advice would you give other prospective customers?

    Taking time to learn Splunk to maximize your investment if you're planning to use the Splunk logs extensively.

    What do you like most about the product or service?

    easy to search for data and output result is fairly fast.

    What do you dislike most about the product?

    Getting the dashboards views into traditional reports is hard in Splunk. You can generate PDF from the simple screen reports. However, complex reports, to satisfy auditor request is not easy to attain. Alerting is not a strong feature for Splunk. Alerts can only be generated based on standards Splunk queries, so any relationship between alerts or dependencies will be either difficult/impossible to express in Splunk's alerting system.

    What one thing do you wish the vendor did differently?

    Splunk is pushing hard on applications as they understand that applications are key to the future of their product. Our security group noted that the applications in Splunkbase fill some, but not all, of the gap between the command line techie-friendly searches you get out-of-the-box and what network managers have come to expect from modern applications.

    If you could start over, what would your organization do differently?

    Implement a centralized logging mechanism that is easy to configure and is scalable to fit the growing data demand.

    Product capabilities - overall comment

    Splunk log collecting is good.

    Service & support - overall comment

    support is good and there is vast amount of knowledge on common questions and issues via the Splunk website.

    Integration & Deployment - Overall comment

    Splunk is easy to complete with the initial implementation; however, while your company is trying to extend beyond the normal, it requires time, resources, investment, and monitoring. Many hidden issues need to be considered and well plan. Your company should work with professional services to determine architecture design that fits with your environment. Support is very good and there is large amount of knowledge and FAQ posted on Splunk's web site.


  • 5 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Great SIEM tool and very easily customizable.

    Overall Comment

    Great product and vendor support from Splunk.

    What do you like most about the product or service?

    Easily customizable machine learning capability and can be used for other functions such as Business data analysis.

    If you could start over, what would your organization do differently?

    Select a different partner for the implementation or work directly with Splunk.


  • 5 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Splunk is very flexible.

    Overall Comment

    Splunk is great because of its flexibility. Many products have pre-defined views, where with Splunk, the sky is the limit.

    What do you like most about the product or service?

    Flexibility of data flowing into Splunk.

    What one thing do you wish the vendor did differently?

    Licensing costs too high.

    If you could start over, what would your organization do differently?

    We should have engaged a third-party, instead of Splunk professional services. Our third party implementers have been very knowledgeable.


  • 4 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Solid product with broad applicability.

    Overall Comment

    Pre-sales experience very positive. Innovative and engaged account team. Onboarding process for cloud offering smooth and efficient. Professional services engagement held a few surprises - on-prem requirements that were not identified in planning meetings. Functionally the product is solid and the account team engaged.

    What one piece of advice would you give other prospective customers?

    Catalog your sources and have finite goals for the initial deployment.

    What do you like most about the product or service?

    Functionally rich and extensible to many areas of operational monitoring.

    What do you dislike most about the product?

    Nothing yet.

    What one thing do you wish the vendor did differently?

    Charged less? Worth hoping for.

    If you could start over, what would your organization do differently?

    Other than to have provisioned the on-prem servers we eventually learned we'd need, not much.

    Integration & Deployment - Overall comment

    Up and running in 3 weeks.


  • 5 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Very easy to implement and build reports.

    Overall Comment

    Splunk seems to be working very nicely and we are meeting all targets. Only problem is that the user experience is slow.

    What one piece of advice would you give other prospective customers?

    Look at it as a tool that can be used for multiple purpose.

    What do you like most about the product or service?

    The UI is brilliant.

    What do you dislike most about the product?

    Slow response time.

    What one thing do you wish the vendor did differently?

    Speed up the response time.

    If you could start over, what would your organization do differently?

    Looked at it from a much wider usage point of view. The original project was a small one, should have looked at it from an enterprise point of view.


  • 3 out of 5.0, Reviewed

    Product(s): Splunk App for Enterprise Security

    Next time - use managed services.

    Overall Comment

    The product was very difficult to implement and configure. We brought Splunk engineers on-site multiple times, with poor results. We finally hired 3rd party engineers who were experts with Splunk technology and they were able to get our system up and running. Splunk requires much training and time.

    What one piece of advice would you give other prospective customers?

    Make sure you have the resources to dedicate to log monitoring after the product is in place.

    What do you like most about the product or service?

    I like the concept of centralized log management. I also like Splunk's approach to it. The product can be used for business problems as well. I don't think we will ever get there in our environment though.

    What do you dislike most about the product?

    Complexity.

    What one thing do you wish the vendor did differently?

    I wish the vendor was more responsive and helpful with configuring the system. That was very problematic.

    If you could start over, what would your organization do differently?

    If we could start over, we would look at managed services for this. In fact, I expect us to consider this in the near future as we just do not have the resources to monitor the logs today.

    Integration & Deployment - Overall comment

    The deployment was dismal.


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(50)
4.0

Ability to understand your organization's needs

(53)
4.1

Timely and complete response to product questions

(56)
4.2

Pricing and contract flexibility (pricing and terms)

(54)
3.7
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(62)
4.1

How long did your deployment take?

3 - 6 months (<6)

0 - 3 months (<3)

6 - 9 months (<9)

12 months or more

9 - 12 months (<12)


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(42)
4.0

Ease of integration using standard APIs and tools

(55)
4.0

Quality and availability of end-user training

(56)
4.0

Ease of deployment

(59)
3.7
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(61)
4.0

Did you purchase a support package from the vendor?

Yes

No


Timeliness of vendor's response

(55)
4.0

Quality of technical support

(56)
4.2

Quality of peer user community

(53)
4.4
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(63)
4.4

Real-Time Monitoring

(58)
4.2

Threat Intelligence

(53)
3.8

Behavior Profiling

(48)
3.8

Data and User Monitoring

(57)
4.2

Application Monitoring

(57)
4.2

Analytics

(56)
4.4

Log Management and Reporting

(59)
4.5

Deployment/Support Simplicity

(56)
4.2
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Technical Assessment

Executive Sponsor

Functional Assessment

Vendor/Product Selection

Rollout and Install

Vendor Management

Application Lead

Maintenance and Support

Development/Integration

User Training

Other...


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Enable/improve log collection, reporting and retention capabilities

Meet regulatory or commercial compliance requirements

Enable/improve behavioral analysis of users and other entities

Enable/improve security incident workflow and reporting

Enable/improve tracking access to and activities related to databases, applications

Reduce costs for threat management operations

Enable/improve security incident workflow and reporting

Meet customer or business partner expectations about your security monitoring program

Reduce costs for meeting compliance mandates

Other...


What other vendors were considered?

LogRhythm

Hewlett Packard Enterprise

SolarWinds

Intel Security (McAfee)

NetIQ

Splunk

RSA, The Security Division of EMC

AlienVault

IBM

Trustwave

AccelOps

EventTracker

ManageEngine

Symantec

CheckPoint Software Technologies

LogStorm Security (dba BlackStratus)

Other...


What were the key factors that drove your decision for selecting the vendor?

Product functionality and performance

Product roadmap and future vision

Strong technical/product support

Overall cost

Strong user community

Pre-existing relationships

Strong consulting partnership

Availability of managed services

Strong customer focus

Financial/organizational viability

Other...


In which region(s) did your deployment take place? Multiple responses allowed.

North Amerca

North America

EMEA