TrustRadius: an HG Insights company

Splunk Enterprise

Score8.5 out of 10

476 Reviews and Ratings

Get a Demo

Top Performing Features

+11%

Event and log normalization/management

Ability to normalize event syntax so that logs can be compared and are machine-understandable

Cat avg: 8.5

+7%

Correlation

Correlation of logs and events to pinpoint significant threats

Cat avg: 8.4

-1%

Centralized event and log data collection

Effectiveness of real-time centralized event and log data collection

Cat avg: 9

-1%

Data integration/API management

Ease and quality of data integrations between SIEM and other systems

Cat avg: 8.1

Worst Performing Features

-33%

Host and network-based intrusion detection

Ability to detect both endpoint intrusion and network ingress detection

Cat avg: 7.4

-20%

Behavioral analytics and baselining

How effectively activity and behavior baselines are established and maintained

Cat avg: 7.5

-25%

Custom dashboards and workspaces

dashboards that can be customized to meet the needs of specific groups

Cat avg: 8

Splunk Enterprise Features from Reviews

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.1-11%

  • Centralized event and log data collection

    Effectiveness of real-time centralized event and log data collection

    Category average: 9

  • Correlation

    Correlation of logs and events to pinpoint significant threats

    Category average: 8.4

  • Event and log normalization/management

    Ability to normalize event syntax so that logs can be compared and are machine-understandable

    Category average: 8.5

  • Deployment flexibility

    Ability to tune system to maximize threat detection and minimize false positives

    Category average: 7.7

  • Integration with Identity and Access Management Tools

    Integration with access control tools like Active Directory and LDAP

    Category average: 7.7

  • Custom dashboards and workspaces

    dashboards that can be customized to meet the needs of specific groups

    Category average: 8

  • Host and network-based intrusion detection

    Ability to detect both endpoint intrusion and network ingress detection

    Category average: 7.4

  • Data integration/API management

    Ease and quality of data integrations between SIEM and other systems

    Category average: 8.1

  • Behavioral analytics and baselining

    How effectively activity and behavior baselines are established and maintained

    Category average: 7.5

  • Rules-based and algorithmic detection thresholds

    Effectiveness of manually-established rules and algorithmically-determined detection thresholds

    Category average: 8.2

  • Response orchestration and automation

    Quality of built-in response orchestration and automation in Next-Gen SIEM

    Category average: 7.1

  • Reporting and compliance management

    Ease and quality of reporting and compliance functions

    Category average: 8.3

  • Incident indexing/searching

    Effectiveness of searching across structured and unstructured events and incidents within SIEM

    Category average: 8.8