TrustRadius Insights for Splunk Enterprise are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Valuable Log Gathering and Summarization: Users have expressed positive opinions about Splunk's ability to gather and summarize log messages from multiple sources. Many reviewers find this feature valuable, as it allows them to easily access and analyze log data in a centralized location without the need for manual aggregation.
Simplicity and Advanced Search Capabilities: Splunk's reporting functionality is highly regarded by users for its simplicity and advanced search capabilities. Several reviewers appreciate how easy it is to use Splunk's reporting features, while also being able to perform complex searches that provide detailed insights into their data.
Effective Web Traffic Catching and Dashboards: The effectiveness of Splunk in catching web traffic and providing helpful dashboards is another aspect praised by users. Many reviewers highlight how Splunk's web monitoring capabilities enable them to track website activity effectively, while the intuitive dashboards allow for quick visualization and analysis of important metrics.
It is a very ease to use tool. You can write custom query and visualize date by building customer dashboards. It is a center repository for all Infrastructure devices. It can integrate with service now to generate a customer alert. It has apps for the different vendors which can be also easily deployed.
Pros
Data parsing
Data sorting
Data visualization
Cons
Out of box dashboard
Out of box queries
Likelihood to Recommend
Splunk Enterprise is well suited for end to end integration. You can configure application and infrastructure to minimize the troubleshooting time. We use Splunk Enterprise for custom alerting with Google chat. BGP up and down or interface up and down. It can not parse the ACI logs as expected. Expensive tool to have.
VU
Verified User
Account Manager in Information Technology (1001-5000 employees)
We send the logs for most of our devices to Splunk, so that's going to be routers, switches, firewalls, f5, and they are collected in Splunk. And whenever there's any sort of outage, we're investigating an issue or troubleshooting a problem, we utilize Splunk to combine all of our efforts and see if we can identify what the problem is using the Splunk logging. So it's quite helpful in that regard.
Pros
One thing that Splunk does particularly well is that it gives an excellent view of historical data. So let's say that we identify an issue that happens earlier in the morning, but we suspect that this may be a recurrence of that problem and we can specifically bring in, because we can look at a huge amount of historical data from multiple points of views, we can basically graph out any possible instance of that problem happening in the past. As long as we have that data.
Cons
One area of improvement I would say is that there are some situations where the logs are missing from our devices where it gets forwarded to Splunk, but there's a problem with the forwarders and some indications where it's not functioning as we have expected to, would definitely be an improvement.
Likelihood to Recommend
It would be best suited for a situation where you need to identify, for example, if you're looking for traffic that is being blocked by your firewall or your proxy and you need to look for all of that in one place without having to go to that firewall or to that proxy, you can just look for it there and identify it by the specific action that the platform is taking. One situation where it wouldn't be suited for that, I would say perhaps a case with possibly hardware logs, but I haven't encountered a case where Splunk isn't suited for it, so I'd probably have to think on that.
VU
Verified User
Engineer in Information Technology (10,001+ employees)
I use it for all kinds of operational incident response, troubleshooting and investigations to help investigate, identify root causes of problems and reduce the meantime of resolution.
Pros
The Splunk language is very easy to learn and because of that I can do a search and get the answers very quickly.
Cons
Pricing.
Likelihood to Recommend
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
VU
Verified User
Employee in Information Technology (10,001+ employees)
We're utilizing it to troubleshoot network events, so we'll go in there and get the analysis and utilize it to come to a root cause of an issue.
Pros
The analysis and really deep diving in to find what the root of a problem is.
Cons
It does very well. So there's not a whole lot I can suggest around where it can improve. I think it's doing an excellent job.
Likelihood to Recommend
zIt helps us when we're working really large issues to pinpoint the issue. It makes it quicker and reliable to get the right information. It's a really good product. We use it a lot, but I don't have a whole lot on improvements for it.
VU
Verified User
Director in Information Technology (10,001+ employees)
Splunk Enterprise is used as log management tool in our organization.
Varius automations are also in place using Splunk Enterprise as golden source of data.
Few of the examples of automation using Splunk Enterprise is integration of Splunk Enterprise with Service now.
Recently Service Now was integrated with Splunk Enterprise.
Service now picks up the data from Splunk Enterprise and create the INC accordingly
Pros
Log Management tool
Helps the ticketing tool to provide data
Collects the logs using Splunk Enterprise agent
Build dashboard
Cons
Filters need to be improved
Search engine to be more enhanced
Integration of more graphs
Likelihood to Recommend
We recently used it as golden source for ticketing tool where our ITSM tool i.e. Service Now picks up all the data from Splunk Enterprise and create the tickets accordingly.
All the data like queue name where ticket need to be assigned is also picked up from Splunk Enterprise itself which really helped us a lot
We use Splunk Enterprise to aggregate all of our syslogs. We also use it to alert on certain syslogs that could indicate an issue or event in our environment. We have many dashboards that are both internal and external customer facing. These dashboards are very popular for tracking issues and status of all facets of our infrastructure.
Pros
syslog collection
searching
dashboards
Cons
more detailed guides on deployment
increase efficiency
Likelihood to Recommend
It is very well suited for environments where you have many different devices or sending syslog. It can be very tiring and wasteful to manually pour through all that data. Having a central location where you can search centrally is very helpful. I personally would not recommend Splunk Enterprise for teams that don't know what they are doing, you can easily crash it with bad searches.
We use Splunk for proactive appplication management with more then 40 scrum teams. we want to stay ahead of disruptions and have visibility into our applications through application logging , dashboarding , reporting and alerting, the essence of Splunk is that we can monitor easy our applications with it with multiple dissiplines in the scrum teams.
Pros
easy to use for non technicals
powerfull logging tool
very good documentation
Cons
user interface has not changed for many years
not for metrics
data retention
Likelihood to Recommend
Splunk is a powerfull tooling for deep insight into log data. We use this daily to get insight information how our applications are running. It is amazing to see that also non developers can use the tooling for their need. The easy way of using the query language, his dashboards and alerting.
VU
Verified User
Engineer in Quality Assurance (1001-5000 employees)
Splunk Enterprise is used in the company by the IT department. Mainly to monitor security events on process-relevant systems where the degree of security must be as high as possible. Monitoring and rapid response helps reduce downtime of vital systems.
Pros
Ingest data and present it in a easy to read and process format
Correlation
Analysis and presentation of data
Ease of operation and maintenance compared to other solutions of its kind
Easier to implement and maintain than other solutions
Cons
It would be useful to have more standardization of some of the information stored
An expensive solution
Documentation could be more accurate and up-to-date
Likelihood to Recommend
It will be suitable for large organizations. Easier to train users and scales well. Unfortunately, it will be too expensive for small businesses and enterprises.It is a consistent solution. By combining multiple tools from the same company, you can get a stable environment.My experience shows that it is not the most flexible solution on the market. Before selecting a SIEM solution, gather requirements and choose a solution according to your needs. If your organization has standard needs, Splunk will not be a bad choice.
VU
Verified User
Administrator in Information Technology (11-50 employees)
We use Splunk Enterprise as a SIEM and a separate pool to use for medical record auditing. The SIEM catalogues information from multiple courses to provide efficiency and security data to the organization. Our medical record audit system is a custom written Splunk Enterprise app that takes audits from our EHR to determine suspicious activities
Pros
Searching of information.
Report building
Flexibility
Cons
Cost
Easier guides
Data normalization.
Likelihood to Recommend
Primary issue with Splunk Enterprise is cost. The licenses can get extremely expensive very quickly in my opinion. If the organization can afford to have all of their data in it then the program is amazing. We have been able to solve multiple problems or find things that would normally take hours within seconds with the tool
VU
Verified User
Analyst in Information Technology (1001-5000 employees)
