External reviews
External reviews are not included in the AWS star rating for the product.
Awesome SIEM Tool Small and Medium Organizations
What do you like best about the product?
Its User Friendly for beginners to maintain and come with a Built-in case management system. Also gives a response very fast for any logs which come in Splunk. It makes integration very easy for other tools and technology.
What do you dislike about the product?
The license cost of the Enterprise is prohibitive because of the budget. So the startup organization can't afford the license. It also required a very steep learning Curve. And the tricky part is Automation.
What problems is the product solving and how is that benefiting you?
The best part of the Enterprise version is that it has many features compared to the free or community versions. Which also gives a huge drop back on the security capabilities of large organizations.
- Leave a Comment |
- Mark review as helpful
Splunk Enterprise: - Boss of Siem Solution
What do you like best about the product?
Splunk provides a detailed overview of notable events, web intelligence to prove web traffic in our network, automates event response, recommends proper remediation for alerts, and risk assessment with the help of risk score.
What do you dislike about the product?
All the functionalities are well designed, and SLA needs to improve some audit-compliance reporting parts to help remediation teams to remediate it properly. And also Licensing Costs.
What problems is the product solving and how is that benefiting you?
Incident management, log management, and Real-time threat detection for securing our environment from the cyber attack may cause a considerable business loss if it happens.
Splunk - extraordinary for validation
What do you like best about the product?
Splunk platform provides great insights on the back end calls and events that takes place when an application is submitted. The best part of Splunk is it has customization to various events.
What do you dislike about the product?
At times the values corresponding to the query does not reflect, this may be due to some Splunk platform being down. But it occurs at times and that could be resolved.
What problems is the product solving and how is that benefiting you?
Splunk is widely used for event validation. The ultimate feature is we can get events from even days before that is really helpful. Also Splunk has the capacity to load multiple events at same trigger time.
Powerful SIEM
What do you like best about the product?
Splunk can do a lot many things which free to use SIEM tools do nothave. It comes with ML/AL inbuilt and can also be used with different data sources by default.
What do you dislike about the product?
The price can be a little bit costly for new start-ups. The navigation in the app also needs to be changed so that we can get to the logs/alerts faster. It is kind of resource heavy.
What problems is the product solving and how is that benefiting you?
Understanding of different logs and data sources. It also gives us trends and provides us with reports that we can use for our internal audit and monitoring of security.
Best SIEM for medium-large oragnizations
What do you like best about the product?
Easy to maintain and comes in-built case management system. Fast response for any logs which come into Splunk. Easy integration with major tools and technology.
What do you dislike about the product?
The licensing cost for the enterprise version can be costly and may not be over budget for startups. The navigation panel needs to be improve so that we can find details easily.
What problems is the product solving and how is that benefiting you?
The enterprise version has many features which the free/community version does not have. This does increase our Security capabilities in a big enterprise environment.
I really love working on slunk enterprise as it is user friendly.
What do you like best about the product?
It's GUI very gives all the features the same as the backend as well. Also, love the case management feature as well.
What do you dislike about the product?
It is pretty costly. That's the only backdrop I see.
What problems is the product solving and how is that benefiting you?
I use Splunk for SIEM and case management as well for monitoring purposes.
Splunk is very good product such a great experience while using Splunk.
What do you like best about the product?
Splunk provides excellent service because we need to cover all the tools logs and give all the expected values also while analyzing records, it provides such an excellent service.
What do you dislike about the product?
Most probably not muck dislike, but sometimes it's taking much time for the given output of queries, but the whole scenario, it's a great product. Not another aversion from my end.
What problems is the product solving and how is that benefiting you?
One Time i was an issue while catching the cloud logs from the tool console. So I used the Splunk tool, which provided me with complete records for all the required time.
A must have tool to know your environment better and troubleshoot issues
What do you like best about the product?
I use Splunk every day to troubleshoot network-related issues and identify the root cause of the problems. Splunk is a great tool to correlate the event logs from multiple sources and get a deeper understanding of what is happening in your environment. Splunk is a powerful tool to visualize the events logs and highly customizable queries, get metrics and monitor any abnormality in your environment.
What do you dislike about the product?
Due to the scale of our environment, I have observed performance issues sometimes, queries are queued, and it takes time to return the query result.
What problems is the product solving and how is that benefiting you?
Cyber threat management, even correlation, Log management, and efficient incident management.
Searching tool- Splunk
What do you like best about the product?
The Splunk tool is one of the most helpful tool for creating customise searching of big data from different system with correct logging and responses. Splunk is very efficient searching tool with different visualisation.
What do you dislike about the product?
I don't see any drawback expect the point that for some system is it able to display data for only 3 months or few months data. Apart from this cost is something which I would consider goes higer if we are accessing large data.
What problems is the product solving and how is that benefiting you?
I have been allocated to a insurance project Where I need to see the session with request and responses. Splunk help me see that data and error logged from any system as per the date range .
Making Tenable.io talk to Splunk
What do you like best about the product?
Integrating Tenable.io with Splunk was far easier than I initially thought. All thanks to a nifty Plugin that does all the hard work for you.
Enter your details in the plugin for both sides of communication, and there you go. It can't get easier than that.
Enter your details in the plugin for both sides of communication, and there you go. It can't get easier than that.
What do you dislike about the product?
The plugin only worked on version 4, which gave some issues in the beginning, but after upgrading, all went well.
Only other potential issue i foresee is that newbies might get a little overwhelmed with the cheer amount of data that can be imported.
Only other potential issue i foresee is that newbies might get a little overwhelmed with the cheer amount of data that can be imported.
What problems is the product solving and how is that benefiting you?
Importing any telemetry data into Splunk makes monitoring much easier as I don't nessacarily need to log into Tenable,io and Splunk Interface. Splunk can feed me all the info I need and want
showing 71 - 80