Splunk Enterprise – Bewertungsseite 2

Vorteile

The saying "you only get out what you put in" is rather apt when utilising Splunk as a SIEM tool - i.e. the more logs / data you can feed into the solution the better the results. Ingesting multiple log files from numerous systems / applications is essential when reviewing security incidents and ensures everything is in one place.

Nachteile

For all that is good with Splunk, the costs are rather high and could force Customers to other solutions unless they make themselves more competitive in the pricing market

Vorteile

es una herramienta de facin configuracion e implementacion, aparte de ser intuitiva.

Nachteile

hay veces que se traba la interfas cuando se sastura el equipo.

Vorteile

The search feature allows for quick searching of signatures for new KBs

Nachteile

It feels very clunky to set up, explained by the whole certification track just for using splunk..

Vorteile

Splunk Enterprise is a great tool for security analytics, IT operations, and business intelligence. I especially like the way it can help me identify potential threats and improve our IT infrastructure.

Nachteile

The pricing for Splunk Enterprise may be out of reach for some small businesses.

Vorteile

Splunk is a great tool for cyber security professionals wanting to build out their security infrastructure.

Nachteile

There are other options out there that doesn't require as much configuration.

Vorteile

splunk is the best tool for real time analysis and monitoring tool and also it is providing the powerful threat incident response.

Nachteile

from my perspective, these no downside of the splunk . but about costing is too much for single user

Vorteile

facile a installer et configurer sur le serveur et aussi la partie cliente

Nachteile

les add-on sont pas toutes la et le SPL difficile a apprndre

Vorteile

Splunk est un logiciel tres pratique qui me permet de mieux géré le quotidien dans mon entreprise

Nachteile

Grâce a splunk je n'est plus de souci pour la gestion hebdomadaire des activités de mon entreprise

Vorteile

Le logiciel splunk entreprise est très bon pour la gestion de l'intelligence aux entreprises.

Nachteile

Ce logiciel splunk entreprise a un rapport prix accessibles que j'ai pas grand chose à souligner

Vorteile

Without worrying too much about data type or normalization, Splunk Enterprise can efficiently manage massive amounts of data from numerous sources. Data may be accessed in a flash, and there are a number of options for tailoring and integrating data analysis workflows to create bespoke dashboards or utilizing apps from our other product partners.

Nachteile

There isn't much I dislike about splunk, however if we have to be picky, it would be that it's more difficult to maintain as an administrator when splunk is installed on outdated architecture.

Vorteile

Powerful and versatile data mining tool with excellent integration capabilities.

Nachteile

Challenging initial setup and learning curve, particularly with query language and high cost.

Vorteile

Afin d'analyser les données personnalisables permettant d'enquêter, dd surveiller et d'agir en temps réel, ce logiciel est très important. Il répond également aux éventuels problèmes informatiques.

Nachteile

C'est un outil gestionnaire qui est sans inconvénient.

Vorteile

Splunk est un logiciel qui m'aide à mieux examiner les journaux

Nachteile

Splunk est un logiciel qui me permet d'être au courant des activités quotidiennes

Vorteile

Le splunk enterprise est tres bon pour les analyses des produits.

Nachteile

Il a un rapport prix acceptable que j'ai pas imaginé

Vorteile

C'est un très bon logiciel en matière de sécurité , ses gens là ne rigole pas du tout. Grâce à ce logiciel , je peux maintenant mettre en ligne facilement mes données, même celles qui sont sensibles

Nachteile

Je n'ai retenu que du positif avec ce logiciel. Il est juste Wow

Vorteile

Ce logiciel est bien pour la gestion des journaux au quotidien. Et ça aide mieux à planifier.

Nachteile

C'est efficace ce logiciel,et c'est rapide pour les tâches.

Vorteile

Logiciel de qualité acceptée et recommandé à l'utilisateur pour la visualisation des données et assure la sécurité informatique.

Nachteile

Je n'ai pas d'inconvénients à soulever à ce logiciel. Je recommande ça à l'utilisateur.

Vorteile

Ce logiciel est recommandé car elle permet une meilleure analyse des journaux. Elle est très pratique

Nachteile

Ce logiciel est facile d'accès et n'est pas très coûteuse aussi.

Vorteile

Splunk Enterprise offers real-time data analysis tools makes it possible for my institution to see and take immediate action against security risks, performance difficulties, and other operational concerns.

Nachteile

Splunk Enterprise is really expensive and it is a huge part in our annual budget because we require add-ons.

Vorteile

It's giving live alert, triggers, dashboard system based on rules we already set. the dashboard helps to see and virtualize the data.

Nachteile

The only concern I feel it consumes the system space due to this my system running slow. without knowledge of Splunk query language, it is difficult to handle.

Vorteile

C'est un logiciel très fiable et très pratique pour l'utilisation

Nachteile

Pour moi, il est sans faille, je le recommande

Vorteile

C'est un bon logiciel de formation très facile

Nachteile

Je n'ai pas grand chose à reprocher. C'est très bon.

Vorteile

I am able to quickly act on pending issues as and when they arise and data is well protected because of their authorization features

Nachteile

We had to purchase additional computers with higher specs than what we previously had to be able to use Splunk effectively

Vorteile

Se cercare un SIEM stabile, affidabile e con cui monitorare costantemente i vostri sistemi Splunk è la soluzione giusta per voi. Nella soluzione cloud SaaS consente di gestire un elevatissimo numero di log. Ha un architettura complessa che consente la ridondanza e la gestione dei carichi di lavoro tramite bilanciamento. Permette una molteplicità di analisi che consentono all’analista di sicurezza di investigare a qualsiasi livello ciò che accade ed è accaduto. Il linguaggio SPL con il quale è possibile analizzare i dati è molto potente e versatile

Nachteile

A volte l’installazione su determinati sistemi operativi prevede un processo piuttosto complicato soprattutto se si ha intenzione di rispettare il principio del least priviledge e non installare il software con permessi di amministratore. Su determinati sistemi operativi come AIX e determinate versioni di Linux non è disponibile l’agent ma il solo inoltro dei log al cloud Splunk tramite protocollo syslog

Vorteile

I really like the platform, the data collection is ideal and the reports are detailed, it is the most appropriate SIEM service to monitor our IT infrastructure, it is an ideal software to take preventive measures, it is easy to customize the dashboards, the monitoring is constant and it gives us security in real time, the alerts are accurate and it helps us understand what is happening and fix it before it becomes serious.

Nachteile

It is a somewhat expensive service but with more powerful features than other free SIEM systems, and it is a bit complex to set up and use for inexperienced users, so a lot of help should be sought from experienced staff and support team at first.

Vorteile

There are lot of features which Splunk offers -
1) We can onboard data from any server, device or system using Universal Forwarder
2) Onboarded data are later stored in Indexers and searched further in Search Head for analyzing the internal logs
3) Using the data we can create customizable Dashboards and get proper insights of data and create Alerts to identify any kind of Threat or anomalies running in environment
4) Deployment is very easy on-prem servers
5) We can also use Hybrid Deployment on Cloud as well.

Nachteile

1) As it give large amount of features but licensing is too high
2) There are lot of other Open Source software which can be used as alternative of Splunk as Analytic tool because Splunk is paid one.

Vorteile

Splunk is provides a single tool for log aggregation, log analysis, and visualizations. Threat hunting, applying threat intelligence, and incident response are easily repeatable; pushing organizations to proactive security processes.

Nachteile

Splunk is expensive, especially when an organizations is exploring and building new security or data use cases. It also requires a lot of engineering maintenance, making the quality of the data highly-dependent on the skill(s) of those supporting it. Many organizations do not maximize its benefit because it is poorly managed or supported by low-skilled employees.

Vorteile

The versatility is amazing. The same data in logs, such as IIS, can be used for Security, Application performance, and even error handling. This allows us to use one log to help multiple teams. This is just one example.

Nachteile

Start up takes someone who has had some training. While searching and output is easy, its the onboarding of custom apps that takes the know how.

In Betracht gezogene Alternativen

Gründe für den Wechsel zu Splunk Enterprise

Vorteile

Data visualization, Analytics skills with AI-powered and can handle data in TB/per day without any interruptions in services. Live dashboards, developing use-cases and their capabilities (correlation).

Nachteile

complex architecture and efficient skills are required, financial is also not feasible for small and medium customers. no inbuilt query builders for beginners to understand the platform.

Vorteile

It is a very subtle program, when generating the setup it is not necessary to have a great knowledge of programming to install it, but to solve some configuration errors, when you start what I like the most is that you start from day one to organize your applications, then From that you can easily configure cybersecurity for each program, I particularly like the monitoring of data programs and that the program alerts you with notifications so that you see errors that sometimes jumps in the program.

Nachteile

What I don't like and I see that it is something widespread is that it has very poor support in technical help, I think that the old technical support collaborators have left and people who are not so qualified have arrived to answer the tickets.For my part it is not a big problem since I am a researcher and with the information that is on the splunk website it is enough for me to generate the resolutions of problems.

Vorteile

Provides a single location for collecting and analyzing logs. Provides ease of use for non-technical users, but powerful features for security and IT. There is an add-on/app for anything you could imagine.

Nachteile

Some documentation is vague, and when certain things don't work, it can be difficult to find out a solution to the problem.

In Betracht gezogene Alternativen

Gründe für den Wechsel zu Splunk Enterprise

Vorteile

The most useful thing about Splunk is the ease of integration with application. With uipath on-premises it was very much helpful as the business users can monitor the actions of robots through spluink without entering into uipath orchestrator

Nachteile

Expression creation for indexing was bit hard as it is not user-friendly to business users if they wanted to create any new fields, also the forwarder was not able to directly connect with uipath cloud so that the logs has to be shifted to intermediate file before uploading into splunk, but that seems not an issue with splunk but more related to uipath cloud

In Betracht gezogene Alternativen

Gründe für den Wechsel zu Splunk Enterprise

Vorteile

We are using Splunk for log monitoring . It is integrated with Kubernetes and pivot cloud via data bus. By Splunk we get Realtime log application. It provides best visualization of data generated by system. Splunk also provide option to filter data based on data range and time. We can configure email alert for specific issue. Splunk also provide ML model for data. Splunk use simple query to get data ,everyone can easily learn Splunk query.

Nachteile

I haven't found any issue yet the only problem with Splunk I have that log in Splunk is scattered . We need to build good query or better logging mechanism at application side.

Vorteile

Real Time monitoring is the best feature which we like most about this software. It helps to send the notification or alerts if they are something wrong is going on in the server. So, team member can quickly resolve the issue.

Nachteile

As of now, i don't have anything which i don't like about this software.

Vorteile

Aggregare più log è fondamentale quando c’è un flusso elevato di log. Lo trovo eccellente e rapido. Riesce a scalare senza problemi effettuando le ricerche in maniera intelligente per trovare prima i risultati. La sezione delle Dashboard è la cosa più interessante perché può mettere insieme diversi grafici consentendo di personalizzare l’interfaccia grafica con input e bottoni.

Nachteile

Con una grossa mole di dati e effettuando ricerche nel tempo (es 30 gg) può metterci veramente tanto ma trovo che nel complesso si comporta egregiamente e ovviamente dipende da server su cui viene installato.

Vorteile

It an intelligent business tool that provided me an opportunity to customize and build report from large volume of data from different departments within the 13 Africa countries in telecommunication sectors. The platform allows data to be consolidated accordingly to the organization need and produces visualized reports of dashboard features. I also noted that the system can analyst unstructured large volume of data speedily and is reliable and web based allowing for user flexible accessible from any part of the world if you have internet. The systems have been reliable and secured from the time (2 years) I started using it without any system intermittent, system errors and cyber-attack.

Nachteile

The system is built and use-able with structured and unstructured organization though the price in foreign currency could hamper small and medium organization to use it especially in most Africa country where the local currency has depreciated against the major trading foreign currency.so the Forex pricing is a challenge.
The navigation of the platform will require minor training though if the user is computer proficient, they would management with minor challenge and interpretation of the data. So, first time user it can be difficult to use it
It will depend on internet for access and internet tend to be pricey in most African country and therefore could increase the business cost for small and medium enterprise. It can increase business cost if not fully used

Vorteile

Its been a while since I started using Splunk Enterprise. I love its ability to cumulate data and logs from multiple sources and correlate them to help find incidents and their root cause. It consolidates logs and manages them form a central place. It is a great tool for log analysis as it segregates data and provides in depth profiling. Splunk enterprise also automates alerts and indexes on logs received.

Nachteile

It has a complex architecture making the learning curve quite steep

Vorteile

Through its robust log analysis and ability to collect data from different sources, we can easily perform analysis on various data and predict any future operational hazards. Splunk enterprise efficiently monitors our log activities and and gives results to any queries at faster speed than most SIEM tools.

Nachteile

The searches can be complex at times and the messages on query errors aren't always specific.

Vorteile

Security Information and Event management, log analytics, custom dashboards and workspaces

Nachteile

Auto upgrade management and notifications for Add-ons. Leaning more towards config file based implementation instead of UI based implementation

Vorteile

Nous a permis de faire des dashboards sur le suivi des patching de nos VM sur le Cloud et de l'installation de Crowdstrike. Mais aussi de traquer l'utilisation du NTLM V1 pour le désactiver sur nos serveurs

Nachteile

Les query sont un peu long et prennent un peu de temps à etre apprise

Vorteile

As Dashboards são incríveis e precisas. Podemos criar utilizando a interface do programa ou por Comandos muito parecidos com Pl SQL.

Nachteile

Nada a declarar, o software atende a todas as necessidades.

Vorteile

Splunk makes it easy to search through various data including logs. In the past I have had to pour through logs in order to find the one lines among the 100 of thousands of lines. Splunk allows me to search through those logs in a matter of seconds vs the hours it used to take.

Nachteile

Most of enterprise setup is done through the command line. It would be nice to have cluster configuration (index creation) as part of the UI.

Vorteile

The tool can collect all sorts of data from diffuse sources and preform advanced analytics on it. It has powerful monitoring capabilities useful in threat identification and maintaining the health of our IT infrastructure. Splunk enterprise helps us to foresee, trends through machine learning which has been a crucial to making informed business decisions.

Nachteile

Training new users is tough, the learning curve is very steep and it gets overwhelming for them. The installation and configuration process is very long and needs a lot of time.

Vorteile

Block security threats on endpoints.

It enhances applications development.

Nachteile

The price is high but the results are remarkable.

Vorteile

Splunk Light is ideal for independent on-premise organization.
Augment endpoint logging.
Can find and store logs from a wide range of resources.
Customization of dashboards.
Making applications dependent on your requirements.

Nachteile

Complex generally design.
Long execution time.
The instrument needs to incorporate AI to comprehend the framework logs and alarming ought to be founded on the auto learning.

Vorteile

Splunk is very easy to use due to high community support and many video tutorials available online for new users to learn.
Functionalities are robust and simple to use. Data retrieval and visualisation is nice and easy if you know the right querying process.
Machine Learning supports enhances performance for the cloud, especially. It collect wide variety of data and still it amaze you the way it retrievs it.

Nachteile

There are many tools available in market which are potential competitors of this tool and that too at reasonable pricing. Splunk offers more functionalities but costs you too much if you look at the work it does.
Complex queries may require large CPU usage and may even freeze or atleast slow down the system for a while. Need to be specific while querying the data.

Vorteile

We use this as our SIEM. The ability to have the data ingest, visualization, alerting and correlation all in one product is very important to me from a security standpoint. We're cloud-first so having that ability with large cloud providers is important to me (AWS, Okta, GCP, etc)

Nachteile

The cost can be a little concerning and htere is a bit of a learning curve when you first get into Splunk. User groups, their forum and pro serv all help with that.

In Betracht gezogene Alternativen

Gründe für den Wechsel zu Splunk Enterprise

Vorteile

Splunk Enterprise is best tool to analyze the data based on different visualization. It help us to lookup distributed logs for micro-services . It enables field based lookup. For complex logging, we can use search query using expression. We can create multiple reports/charts for visualization such as a pie or bar chart for our data. Best feature what i like , We can visualize our search results and share them with others using dashboard panels. If Already have a dashboard, we can add a new panel from a report, clone from another dashboard, or add a prebuilt panel. Fully customization available. Interfaces is very flexible. We export it in different formats, or refresh it to visualize the newest data. Online Support is available through different community.

Nachteile

Search query builder is fully based on technical. for Non technical users, its really difficult to lookup logs. Sometimes, error thrown by query builder is more difficult to understand. Deep Learning is required to use splunk for production data. For Large application installation, it need to manage more.

Vorteile

Easy to install agents on servers, it can parse any form of data easily, Splunk can detect anomalies quite easily and the UBEA feature is amazing.

Nachteile

The cost of this solution is high, and customer service is bad. Apart from that Splunk SPL language is difficult to learn.

Vorteile

I think Splunk is first and best software in the field, easy to use, does what it had promised,

Nachteile

pricing could be better, they could be more flexible, support is a bit slow