We changed our name from IT Central Station: Here's why
Julio Ortiz
General Manager at Intersoft S.A.
Reseller
Top 20
A great solution for application management, security and compliance
Pros and Cons
  • "The correlation capabilities are the first value that our clients say they like with Splunk."
  • "The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."

What is our primary use case?

We use Splunk for security and also PCI compliance.

We have installed and implemented this solution for several clients in Bolivia with our team. We have received training from Splunk directly, and we have also provided training to our clients.

We deploy two versions: one for on-premise and one for the cloud.

Most of our customers purchase Splunk because they required a tool for gathering and collecting all of the logs from the infrastructure in order to make a correlation between data and to spot patterns surrounding security incidents.

What is most valuable?

The correlation capabilities are the first value that our clients say they like with Splunk. Another benefit is that they can connect to any device or log from any device from anywhere.

It's easy, the tool is very easy to install and set up. 

What needs improvement?

They could have more dashboards done or predefined so our clients could use them directly in order to have more information ready to use.

The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client.

For how long have I used the solution?

We have been using this solution for more than five years.

What do I think about the stability of the solution?

Stability-wise, it's great.

What do I think about the scalability of the solution?

We do not require much scalability here because the clients are not so big; however, the hardware where we installed the products was enough to handle all the transactions of Splunk.

How are customer service and technical support?

The support is not so good, I would only give them a rating of six or seven.

They should provide support in Spanish here in Latin America. Their response time to inquires or requirement tickets is too long. It should be shorter.

How was the initial setup?

Deployment took us two weeks.

What other advice do I have?

I would recommend Splunk to any company: small, medium, and large.

Splunk is a great tool but you should get a partner who knows what they are doing, implementation-wise. 

On a scale from one to ten, I would give Splunk a rating of nine.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Founder at a marketing services firm with 11-50 employees
Real User
Top 5
Easy to deploy and relatively simple learning curve; could be more user friendly
Pros and Cons
  • "Easy to deploy and simple to use."
  • "Could be more user friendly."

What is our primary use case?

We're using the solution to try to build a virtual network and put Splunk inside it and do some kind of transcentralization with a log server. Our aim is to track connections, network traffic and some personal databases. I'm the founder of the company and we are customers of Splunk.

What is most valuable?

Splunk can quickly be deployed and it's not difficult to learn the solution. 

What needs improvement?

The solution could be more user friendly and it's difficult to know at this stage whether our requirements will be met by the solution. 

For how long have I used the solution?

I've been using this solution for a couple of months. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

Scalability is good with Splunk. 

How was the initial setup?

The initial setup doesn't take much time especially if there's good bandwidth. In a small company deployment might take a month or two. If you have 100 devices then a technical team of three should be sufficient. They would need to be able to deal with log analysis, forensics and have general knowledge about admin systems. In time, we would expect to have thousands of users. 

What's my experience with pricing, setup cost, and licensing?

I think Splunk is expensive compared to other tools at the purchase stage. It's possible that if we can keep control of the costs involved down the track, it won't be so bad.

Which other solutions did I evaluate?

We studied four or five tools including Logrhythm and Exabeam. We went with Splunk for now and will see how that goes.

What other advice do I have?

I think this is a good solution and rate it a seven out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Splunk. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,643 professionals have used our research since 2012.
Account Presale at a tech services company with 1,001-5,000 employees
Real User
A flexible solution
Pros and Cons
  • "Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
  • "I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."

What is our primary use case?

The project we are working on with Splunk is short as the customer has given us two months to implement. My company is a Splunk partner.

What is most valuable?

Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later.

What needs improvement?

I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.

For how long have I used the solution?

I have been working with Splunk for three months.

What do I think about the scalability of the solution?

Splunk is quite good if you want to scale it.

Which solution did I use previously and why did I switch?

My client has some pain points with QRadar and does not feel the kilogram function is accurate. Other features do not match with the customer behavior as well. They want to replace QRadar with Splunk because they are familiar with this solution.

How was the initial setup?

The initial setup of Splunk is complex. It requires a lot of equipment and uploads.

What about the implementation team?

My company provides the implementation and maintenance services to our customers.

What's my experience with pricing, setup cost, and licensing?

Splunk licensing requires you to purchase licenses for any feature per user. For example, if you need UEBA, it is difficult to propose in the project. QRadar has a free upcharge for UEBA. Customers cannot calculate the additional costs based on gigabytes per day because they can not forecast the future.

What other advice do I have?

Due to the cost of Splunk, I recommend it for larger companies. Splunk is powerful when sorting huge amounts of data. 

Implementation of Splunk takes preparation. It requires a lot of resources and needs the infrastructure to support the project.

I would rate the solution an 8 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
AdityaAgrawal
Information Security Analyst at a tech services company with 1,001-5,000 employees
Consultant
Good integration, easy UI, and very stable and scalable
Pros and Cons
  • "Its integration is most valuable. Its UI is also pretty much easy."
  • "Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."

What is most valuable?

Its integration is most valuable. Its UI is also pretty much easy.

What needs improvement?

Its setup is a little bit complex for a distributed environment. 

Their support can also be better. If we raise a case with Splunk support and by any chance we missed to respond for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply. In that case What they can do is they can send a followup mail before closing.

For how long have I used the solution?

I have been using this solution for a year now.

What do I think about the stability of the solution?

It is very stable haven't encounter any glitches or bugs till now.

What do I think about the scalability of the solution?

It is very much scalable. I am acting as an admin, and we have more than a hundred users of this solution in our company. We use it on a regular basis. We currently don't have any plan to increase its usage.

How are customer service and technical support?

I would rate them an eight out of ten. Their response speed is okay, but if, by any chance, we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply.

Which solution did I use previously and why did I switch?

This is the only solution that we have been using.

How was the initial setup?

Its setup is pretty much easy for standalone, but for a distributed environment, it is a little bit complex.

What other advice do I have?

I would recommend this solution to others, but it should meet their needs and architecture.

I would rate Splunk a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT System Developer/Admin at a manufacturing company with 10,001+ employees
Real User
A stable, scalable solution with comprehensive dashboards and helpful technical support
Pros and Cons
  • "The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
  • "An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."

What is our primary use case?

The primary use case of this solution is to monitor Cyber Mission databases.

I create the diagrams to create an architecture that is then implemented. However, creating these diagrams are for my own learnings since these implementations are usually already available in the cloud office logs.

What is most valuable?

The features I have found most valuable are the dashboards. 

I monitor the complete capacity that users are using in the company.

What needs improvement?

An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times.

They also need to update their documentation.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data.

How are customer service and technical support?

The customer service/technical support was helpful and they answered my questions as best they could.

How was the initial setup?

The setup was easy, but you have to have a VPN connection depending on the security protocols in place.

What about the implementation team?

The deployment was in-house and took about two days with the correct licenses and permissions.

What other advice do I have?

It is important to define different guidelines to integrate Splunk in development, QA, and production deployments. Additionally, define the applications that will be used and the configuration of the databases to collect the data. If this is not done, there will be a lot of issues due to, for example, master access or permissions to use the database collector and blocks.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Operations Center Engineer at a tech company with 51-200 employees
Real User
Top 5Leaderboard
A stable and scalable solution which is easy to install and use and has good tech support

What is our primary use case?

We use the solution for monitoring systems. We also use it with servers and CG routers from the data center, as well as for collecting the ADL from all networks which are located in our regions of the country.

What is most valuable?

I like that the solution is easy to use and stable. 

What needs improvement?

The price of the solution could be cheaper. 

For how long have I used the solution?

I am currently working with Splunk and have a year's experience doing so. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable. 

How are customer service and support?

Support is at a level one department and I am responsible for managing…

What is our primary use case?

We use the solution for monitoring systems. We also use it with servers and CG routers from the data center, as well as for collecting the ADL from all networks which are located in our regions of the country.

What is most valuable?

I like that the solution is easy to use and stable. 

What needs improvement?

The price of the solution could be cheaper. 

For how long have I used the solution?

I am currently working with Splunk and have a year's experience doing so. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable. 

How are customer service and support?

Support is at a level one department and I am responsible for managing both IT support and node engineers. 

I am satisfied with the support. 

How was the initial setup?

The solution is easy to install. 

It took half a day. 

What about the implementation team?

We were able to handle the installation on our own. 

There are 40 people responsible for the deployment and maintenance of the solution, four of whom are engineers. There is a computer DE who is responsible for the engineering and a candidate for graduation in 2022.

What's my experience with pricing, setup cost, and licensing?

The solution could be more cost-effective, as we charge our customers the cheapest price. 

The subscription is monthly. 

What other advice do I have?

The solution is cloud-based. 

There are more than a thousand users making use of the solution in our organization, who are connected with us in over 530 different areas. 

I recommend the solution and plan to continue using it. 

I rate Splunk as a seven out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Product Manager, CyberSecurity at a tech services company with 201-500 employees
Reseller
Top 5
Has good security features but needs a better pricing model
Pros and Cons
  • "The initial setup isn't overly complex."
  • "Splunk can be an expensive solution. Technical support could be improved as well."

What is most valuable?

Because I'm security focused, I prefer the security features such as Splunk Phantom and Splunk Enterprise Security.

What needs improvement?

We need to get a Splunk Cloud instance inside South Africa's borders. At this stage, we are pushing Splunk Cloud, but it is not yet within South Africa's borders. So we've got data sovereignty issues, especially with government organizations.

Technical support could be improved as well.

Splunk can be an expensive solution. I think that they need to change their pricing model. At present, it is based on the number of gigabytes that you ingest into the Splunk system. Their competitors are now starting with a pricing model where you pay per device talking back. If Splunk could have a similar alternative, it would then allow people to choose the data model they want such as set data or a set number of devices.

For how long have I used the solution?

I have been using Splunk for three years.

How are customer service and technical support?

The technical support here in South Africa hasn't been great, but I understand why as we make up less than 3% of Splunk's total revenue in the world.

How was the initial setup?

The initial setup isn't overly complex, but it's not easy either.

What's my experience with pricing, setup cost, and licensing?

The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution.

What other advice do I have?

Plan your requirements properly from the beginning so that you can get the most value in a shorter space of time.

On a scale from one to ten, I would rate Splunk at six.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Telecom Tech at a university with 501-1,000 employees
Real User
Easy to configure with user-friendly alerts and good search functionality
Pros and Cons
  • "We can easily configure things as required in relation to our use cases."
  • "From the commercial point of view, they have to bring down their costs."

What is most valuable?

We enjoy the whole solution. It is meeting our requirements, especially the SIM solution. 

The alerts are very user-friendly.

We can easily configure things as required in relation to our use cases.

The search functionality is good. It works like Google. 

Onboarding is quite easy.

The scalability is good.

Product-wise, the performance is good. 

What needs improvement?

From the commercial point of view, they have to bring down their costs. It's a bit pricey right now. The license is quite expensive. 

Much like the SOAR platform, which has security, orchestration, and automation response, all of that should be part of the SIM solution itself. Currently, it is actually separated.  We understand that we have to integrate a SIM with a SOAR platform, however, if they could combine these two products together, that would be ideal. It would make things easy to implement and make more automation possible to avoid false-positive alerts.

For how long have I used the solution?

We've been using the solution for the last four years. It's been a while. 

What do I think about the stability of the solution?

The performance is good. It's stable. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The scalability of the solution is very good. If a company needs to expand, it can do so. It's easy.

What's my experience with pricing, setup cost, and licensing?

The solution can be expensive. It's not cheap.

What other advice do I have?

We are customers and end-users. 

I'd rate the solution at a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate