What is your experience regarding pricing and costs for Splunk?
Thanks for sharing your thoughts with the community!
Cost versus volume in the medium/long term are heavy. It is a great tool but you have to be careful in storing a lot of data (without any criteria). Use it as an "smart-data/small-data repository", not as a "raw centralizer, stage-area or pure-SIEM". Before choose any tool and define your BSOC (Business/Sec Operation Center), read about datamart/datawarehouse concepts and models (design and archicture too) defended by Inmon & Kimball. You'll saving a lot of $ in future.
Everything we do is either yearly or multi-year. I don't know if there is any additional cost to standard license fees.
The price of Splunk is reasonable.
Filter the noise out.
I think Splunk is expensive compared to other tools at the purchase stage. It's possible that if we can keep control of the costs involved down the track, it won't be so bad.
The problem with the product is that the price of Splunk is very high. It is an industry leader and therefore it's high in terms of price. That is the issue in our country. Sometimes people want to buy Splunk, however, due to the budget, they are not able to.
The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution.
Its pricing model can be improved.
Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive.
It is economical than other solutions.
When you compare the services and features, the pricing is reasonable. That said, if you compare Splunk to other options on the market, it is more expensive.
The solution is a little expensive.
The pricing model is expensive and could lead into a budget nightmare based on the amount of data. A better pricing plan would be an improvement.
While I do understand that it is a premium tool, they could work to make it a bit less in terms of cost. It's a bit expensive.
We have a 100 gig annual license. I'm not sure of the cost. Their licensing is based on the amount of data you collect. There is an additional cost for Enterprise Security. If there are any other kind of applications, the APIs that we created that we want to add, there are costs for most of those as well. Their pricing structure really could use a revamp. They really need to review and look at that and see if there's a better way that they can do it. Elasticsearch is a little cheaper and a better product in my view.
The price is comparable.
Its cost model is dependent upon the amount of data used — how many GBs we extract in a day determines our price. The price is not dependent upon how many instances we installed in Splunk. I can install thousands of instances, but it will only charge me according to how many GBs I extract per day. Overall, our customers complain that the price is too high.
Licencing occurs yearly. We now have a three-yearly support contract as of now. Licensing is a yearly, one-time cost.
We find the solution to be quite expensive. Therefore, we're looking for other options. I don't know of the exact costs, as licensing is handled by another department.
I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it. However, I wish that they were less expensive. I am not talking about a single product but rather, all of the ones that are in the domain of log analytics.
In terms of a comparison with the rest of the competition, the licensing cost would be, I would say, 30% higher than most.
The licensing cost model is complicated. I think that most of the monitoring solutions are expensive. I wish they were less expensive, for all types of products for monitoring.
Splunk is on expensive side. There are some premium add-ons like Splunk Enterprise Security or ITSI which makes it more expensive.
The pricing and licensing of the product are quite high.
Pricing is one factor that hurts everybody on the market; the client, the reseller, everybody that touches it. Only Splunk makes money. It is hard to have it for the long term if it's a stretch for your budget. Pricing becomes a problem and people are just focused on numbers rather than creating a vision for the entire product. That is the biggest factor I found with Splunk, that they just want to make money and they don't care about anything else. They lost national, country-level projects because of this attitude.
It's a little bit expensive for a small to medium enterprise.
The price could be improved.
I assume that the pricing is reasonable, because if it was too costly, there are other alternatives. However, with some of the other solutions, you have to spend time on them and manage them yourself. It might also take you three times to get it right. So, Splunk may be more costly upfront, but in the long run, it saves on time and man-hours.
The pricing seems good relative to the other vendors that we have had here. However, they need to find ways to be more flexible with the licensing and be able to deal with situations where we start generating more logs. Maybe having some controls in the Splunk interface to turn it off, so we don't have to change anything in our application. We have an existing contract with Splunk, so it makes sense to stay with them for now. Our license is for a 100 GB/logs a day.
It would be nice if the pricing were cheaper. However, we did purchase it.
Splunk is not free.
I am not personally involved with the pricing of the solution.
I have no opinion on the pricing of the product.
It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases.
It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation.
Splunk is a bit pricier, but the benefits and ROI are huge.
It is a pretty high cost solution, but if your organization has the funds, it can bring many benefits.
Truly evaluate the data you want to ingest and go slow. Pulling in data that can provide no use to your mission only wastes data against your license.
Get free PS if you can (ask) or USE THE DOCS. The documentation will get you to success. If you are not getting more value out of Splunk than the license you are paying, then you are doing something wrong and should spend a tiny bit more to get a consultant like Splunxter.com to help you.
Be upfront about your needs and expectations. Splunk is one of the top SIEM solutions to work with.
The licensing model can be expensive, but the value it provides is significant.
Pricing can be a limiting factor. You have to continuously tune what you are bringing in and make sure what you bring in is of value.
Make it cheaper to help small organisations implement it easier.
Setup cost is cheap: It is free, it is user-friendly, and it is fast. I would highly recommend anyone evaluating this option to download the free trial which allows for the ingestion of 500MB of data per day in order to get a feel for what Splunk does at its core. It will get pricey once your ingestion rates start to sky rocket, but I would consider it expensive given the amount of information that it allows you to analyze and react on straight out-of-the-box.
Which is better and why?
Let the community know what you think. Share your professional opinion!