No more typing reviews! Try our Samantha, our new voice AI agent.
reviewer1584621 - PeerSpot reviewer
Cyber Security Consultant at a computer software company with 11-50 employees
MSP
May 26, 2021
Customizable and has average installation difficulty
Pros and Cons
  • "I have found the installation can be of medium difficulty to very complex depending on the use case."
  • "When using this solution for Security Information Management (SIM), I highly recommend importing data sources from the whole cycle for the service security chain."
  • "There is improvement needed when importing from some types of data sources. Most of the time you have to do some customization for the data because not everything is working the way it should."

What needs improvement?

There is improvement needed when importing from some types of data sources. Most of the time you have to do some customization for the data because not everything is working the way it should. Additionally, in other solutions, it is easier to build use cases.

For how long have I used the solution?

I have been using this solution for approximately three years.

Which solution did I use previously and why did I switch?

I have previously used Curator and it was much easier to use than this solution.

How was the initial setup?

I have found the installation can be of medium difficulty to very complex depending on the use case. It is not easy for new customers. You need to have the experience to be able to do it.

Buyer's Guide
Splunk Enterprise Security
June 2026
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,933 professionals have used our research since 2012.

What other advice do I have?

When using this solution for Security Information Management(SIM), I highly recommend importing data sources from the whole cycle for the service security chain. Some people only use main inputs and not all of the data sources they have. They might not have some data sources, in this case, you can purchase one or there are free open-source ones available. You will then have this data source that can enrich your life because many correlations are done with this data. 

I rate Splunk an eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Technical Account Manager at Trustaira
Reseller
May 4, 2021
Straightforward to set up with great integration capabilities and a high level of maturity
Pros and Cons
  • "The solution has proven to be quite stable."
  • "This solution is the best security solution."
  • "The product is relatively expensive."
  • "The problem with the product is that the price of Splunk is very high."

What is our primary use case?

We primarily use the solution for monitoring and security.

We can use the solution to try to find some correlational data. For example, in banks, there is usually a protocol whereby users cannot withdraw more than a certain amount of money from an ATM. However, we find that, when people are on holiday, they are trying to withdraw more than the allowed amount. It's a use case we can deploy in our country. You can set certain rules and watch the data in order to gain insights.

How has it helped my organization?

I cannot speak to a specific example of how the solution has assisted our organization.

What is most valuable?

The solution's capability is its most valuable aspect.

The initial setup is very straightforward.

The solution has proven to be quite stable.

We've found the solution to be very mature.

The integration capabilities are excellent. They have apps that integrate quite well with Palo Alto and Cisco, for example.

What needs improvement?

Sometimes it becomes very difficult to find certain results from Splunk. Not all users are developers and they are not able to write code to find specific results or specific details from Splunk. From a user perspective, the solution needs to improve the search functionality.

The dashboard could be improved. If it was easier for non-developers or those working in network security, it would be ideal. It would be nice if they had a built-in dashboard for those who are less knowledgeable in coding.

The product is relatively expensive. 

For how long have I used the solution?

I haven't been using the solution for very long just yet.

What do I think about the stability of the solution?

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

We do not plan to increase usage at this time.

How are customer service and technical support?

We've used technical support in the past. We've found them to be very helpful and responsive. We're satisfied with the level of support that we receive when we reach out for help.

Which solution did I use previously and why did I switch?

I've previously used LogRhythm, among other solutions. We sell a few different solutions.

How was the initial setup?

The initial setup is not too difficult. It's not overly complex. It's straightforward. The code is very easy.

The deployment took two or three months or so.

What about the implementation team?

We used an integrator to assist us in the initial setup.

What's my experience with pricing, setup cost, and licensing?

The problem with the product is that the price of Splunk is very high. It is an industry leader and therefore it's high in terms of price. That is the issue in our country. Sometimes people want to buy Splunk, however, due to the budget, they are not able to.

What other advice do I have?

We are resellers.

We use a variety of deployment models, including private cloud and hybrid.

This solution is the best security solution. If a company is looking for the best, they have to buy Splunk. It is a very good and very mature solution. It is very easy to integrate with some other service or security solutions. If they have specific solutions that need to be integrated for monitoring purposes, it should be a problem. For example, it integrates very well with Cisco.

I'd rate the solution at a ten out of ten. We are quite happy with its capabilities.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
Buyer's Guide
Splunk Enterprise Security
June 2026
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,933 professionals have used our research since 2012.
reviewer1367535 - PeerSpot reviewer
Security Professional at a tech services company with 51-200 employees
Real User
Apr 26, 2021
Good data analysis and visualizations, absolutely stable, and scalable
Pros and Cons
  • "The data analysis part is good in Splunk, which is something that I like the most, and it is also quite easy to use, with dashboards, visualizations, and analytics that are good."
  • "It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect."

What is our primary use case?

We are using it for security information and event management (SIEM). We have started to use Splunk recently, and we are in the implementation phase as of now.

What is most valuable?

The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good.

What needs improvement?

It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect.

For how long have I used the solution?

I have been using this solution for a couple of months.

What do I think about the stability of the solution?

It is absolutely stable.

What do I think about the scalability of the solution?

It is scalable. We have approximately 25 users.

How was the initial setup?

It was easy to install. Its configuration and development are the critical parts, and there are a limited number of people in the market with such a skill set. It takes some time to find people with the right skill set and get it implemented properly. It took approximately three months.

What about the implementation team?

I have a team of a few Splunk consultants who are currently managing it for me. For a mid-sized organization, at least 15 persons are required to manage the entire Splunk instance.

What other advice do I have?

I would recommend this solution to others. I would rate Splunk an eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1521537 - PeerSpot reviewer
Consultant at a financial services firm with 5,001-10,000 employees
Real User
Apr 20, 2021
Good scalability, dashboards, and alarms, but should have a default dashboard for a firewall and better knowledge base
Pros and Cons
  • "Its dashboard is valuable, and if you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity, and if fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
  • "Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding. To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this."
  • "Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use."

What is our primary use case?

We are using Splunk for cybersecurity operations.

What is most valuable?

Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful.

What needs improvement?

Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding.

To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this.

For how long have I used the solution?

I have been using this solution for eight months.

What do I think about the stability of the solution?

In terms of operations, it is stable, but if you don't have a proper configuration and sizing, there could be many issues. It could be more efficient on the storage part. We are still in the deployment stage to be able to say that for sure.

What do I think about the scalability of the solution?

It is very scalable. Currently, we have around 50 users. We will increase its usage if more people need access.

How are customer service and technical support?

We have raised multiple tickets. Some of them are good, and some of them can be better. Overall, their technical support is okay.

Which solution did I use previously and why did I switch?

We didn't use any other solution.

How was the initial setup?

I didn't do the initial configuration. I take care of the operations part. One of our clients did it, and it is somehow complex, and it takes time. It also depends on your knowledge. If you don't have knowledge of Splunk, it is complex.

Which other solutions did I evaluate?

We are a partner of Splunk. So, we did not evaluate other solutions.

What other advice do I have?

I would rate Splunk a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
reviewer1126641 - PeerSpot reviewer
Product Manager, CyberSecurity at a tech services company with 201-500 employees
Reseller
Apr 15, 2021
Has good security features but needs a better pricing model
Pros and Cons
  • "The initial setup isn't overly complex."
  • "Because I'm security focused, I prefer the security features such as Splunk Phantom and Splunk Enterprise Security."
  • "Splunk can be an expensive solution. Technical support could be improved as well."
  • "The technical support here in South Africa hasn't been great, but I understand why as we make up less than 3% of Splunk's total revenue in the world."

What is most valuable?

Because I'm security focused, I prefer the security features such as Splunk Phantom and Splunk Enterprise Security.

What needs improvement?

We need to get a Splunk Cloud instance inside South Africa's borders. At this stage, we are pushing Splunk Cloud, but it is not yet within South Africa's borders. So we've got data sovereignty issues, especially with government organizations.

Technical support could be improved as well.

Splunk can be an expensive solution. I think that they need to change their pricing model. At present, it is based on the number of gigabytes that you ingest into the Splunk system. Their competitors are now starting with a pricing model where you pay per device talking back. If Splunk could have a similar alternative, it would then allow people to choose the data model they want such as set data or a set number of devices.

For how long have I used the solution?

I have been using Splunk for three years.

How are customer service and technical support?

The technical support here in South Africa hasn't been great, but I understand why as we make up less than 3% of Splunk's total revenue in the world.

How was the initial setup?

The initial setup isn't overly complex, but it's not easy either.

What's my experience with pricing, setup cost, and licensing?

The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution.

What other advice do I have?

Plan your requirements properly from the beginning so that you can get the most value in a shorter space of time.

On a scale from one to ten, I would rate Splunk at six.

Disclosure: My company has a business relationship with this vendor other than being a customer. reseller
PeerSpot user
Senior Information Technology System Analyst at YASH Technologies
Real User
Mar 28, 2021
Impressive UI, many useful features, and very scalable, but needs alerting feature and better pricing and integration
Pros and Cons
  • "There are quite a lot of things that we find useful; Splunk agents are useful and good, and its UI is quite impressive."
  • "Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
  • "A few years ago, I would have definitely recommended Splunk, but nowadays, better alternatives are available."

What is most valuable?

There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive.

What needs improvement?

Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. 

The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature.

A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable.

I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure.

For how long have I used the solution?

I have been using this solution for almost two years. I am using its latest version.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

Splunk is definitely scalable.

How are customer service and technical support?

I have not interacted with them. Another team is taking care of raising tickets with their technical support.

How was the initial setup?

It is quite simple.

What's my experience with pricing, setup cost, and licensing?

Its pricing model can be improved.

What other advice do I have?

A few years ago, I would have definitely recommended Splunk, but nowadays, better alternatives are available. We are currently exploring a few other alternatives, so I won't recommend Splunk as of now.

I would rate Splunk a seven out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Ravi-Upadhyay - PeerSpot reviewer
Founder at Inspira Enterprise
Real User
Top 20
Mar 11, 2021
Seamless integration with devices and operating systems, centralized management and control, and proactive support
Pros and Cons
  • "The integration is seamless with many devices and operating systems."
  • "This is a product that I recommend for anybody who wants and advanced SIEM solutions."
  • "Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."

What is our primary use case?

We are a solution provider and Splunk is something that we provide as a service to our customers.

What is most valuable?

The most valuable feature is the reporting and the information that is provided by the tool.

It is very easy to implement a PoC using Splunk, which will show the value of the reporting and data that it provides.

The integration is seamless with many devices and operating systems.

It is flexible enough that you can choose what kind of deployment model you want.

They have a large solution toolkit that supports IoT, wherein businesses can get a lot of help with the centralized management functionality. There are also tools to assist from the security and SIEM perspective, and there is a centralized dashboard.

What needs improvement?

Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it. It should be easy to customize dashboards.

When we are monitoring something, we would like to have a more granular outlook. Splunk has a good dashboard that is easier to use than some competing products, but better customizability would be a great help for the users.

For how long have I used the solution?

We have been working with Splunk for approximately three years.

What do I think about the stability of the solution?

This product is very stable.

What do I think about the scalability of the solution?

Splunk is a very scalable solution. Being a Japanese product, they will ensure that all of the features work in any environment. It is very heterogeneous. It can integrate with Windows, Linux, AIX, HP-UX, and Solaris. It also supports IoT devices, mobile phones, and more.

We have more than 150,000 people using our services.

How are customer service and technical support?

The Splunk team has good, proactive support. Also in terms of assisting with the installation, they are quite good.

Which solution did I use previously and why did I switch?

Splunk is similar to IBM QRadar, which we also have experience with. However, Splunk has advanced SIEM features included with it, so we often use it to satisfy this requirement. Whenever an organization is looking to implement SIEM, they have the flexibility to choose Splunk, QRadar, or the ArcSight Logger solution.

One of the major differences that I see between Splunk and QRadar is that Splunk gives the users fewer devices, so they can do things quicker. 

How was the initial setup?

The installation for Splunk is easier than competing products QRadar and ArcSight.

We have Splunk deployed on the cloud so that we can provide the service, but some of our customers have it installed on-premises.

All the user has to do is download the Splunk server agent, install it on the laptop or endpoint, integrate 50 or 100 devices, then see what kind of reporting is available.

What about the implementation team?

We have an in-house team for deployment in maintenance. Splunk is a tool that does not require much staff to maintain. The users can start with a PoC, simply learn it, and deploy it for themselves. They don't require subject experts to be hired for the installation and configuration.

What's my experience with pricing, setup cost, and licensing?

Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive.

What other advice do I have?

This is a product that I recommend for anybody who wants and advanced SIEM solutions. Of the three that I have used including QRadar and ArcSight, Splunk is the one that I prefer.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Information Security Analyst at a tech services company with 1,001-5,000 employees
Consultant
Mar 10, 2021
Good integration, easy UI, and very stable and scalable
Pros and Cons
  • "Its integration is most valuable, and its UI is also pretty much easy."
  • "Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
  • "Its setup is a little bit complex for a distributed environment."

What is most valuable?

Its integration is most valuable. Its UI is also pretty much easy.

What needs improvement?

Its setup is a little bit complex for a distributed environment. 

Their support can also be better. If we raise a case with Splunk support and by any chance we missed to respond for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply. In that case What they can do is they can send a followup mail before closing.

For how long have I used the solution?

I have been using this solution for a year now.

What do I think about the stability of the solution?

It is very stable haven't encounter any glitches or bugs till now.

What do I think about the scalability of the solution?

It is very much scalable. I am acting as an admin, and we have more than a hundred users of this solution in our company. We use it on a regular basis. We currently don't have any plan to increase its usage.

How are customer service and technical support?

I would rate them an eight out of ten. Their response speed is okay, but if, by any chance, we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply.

Which solution did I use previously and why did I switch?

This is the only solution that we have been using.

How was the initial setup?

Its setup is pretty much easy for standalone, but for a distributed environment, it is a little bit complex.

What other advice do I have?

I would recommend this solution to others, but it should meet their needs and architecture.

I would rate Splunk a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Solutions Consultant at a tech services company with 1,001-5,000 employees
Real User
Feb 21, 2021
Easy to use, provides a lot of analytics, and allows you to do pretty much whatever you want
Pros and Cons
  • "It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want."
  • "It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions."
  • "If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide."

What is most valuable?

It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool.

It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want.

What needs improvement?

If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide.

For how long have I used the solution?

I have been using this solution for about three to four months.

What do I think about the scalability of the solution?

I'm not sure. I do not really throw a lot of data in it, but it has been authenticated very nicely. It manages indexes and all of these things very nicely. I have not been privy to any production systems where you have millions of lines of log coming in every second. It works very well for the data that I have. It should be able to handle a lot of data. That's the whole purpose of it, and that's why Splunk has become so popular. It is an enterprise monitoring tool, and a lot of customers have Splunk in their ecosystem.

How are customer service and technical support?

They have pretty much good documentation and good training. Their documentation is a lot better than Qlik Sense.

Which solution did I use previously and why did I switch?

Splunk is an enterprise monitoring tool. Qlik Sense can do a little bit of log monitoring, but it is mostly used for dashboard reporting, whereas Splunk is more around monitoring and figuring out threats and all such things. They are different, but both deal with the data and allow you to create operation reports. 

Power BI is another tool that a lot of our customers use, but Splunk is quite often requested. It is also a lot more popular than Qlik Sense. We have a fair number of Qlik Sense customers.  

We usually sell Blue Prism to business users who are more concerned with the reporting aspect, which is why they would like to have easy tools like Qlik Sense in their ecosystem, but on the infrastructure side, it would be Splunk for enterprise monitoring.

How was the initial setup?

Simple environments are easier to install. Because there is a lot of data log monitoring, once you have a production system, there is some amount of work in setting it up, especially making it SSL Secure and exposing it on the internet. There are multiple components behind it, so you need to ensure that all these things are set up correctly. These kinds of things are not required on a cloud platform because you are just uploading data. You really don't have much access to the backend.

Splunk also has a cloud version, which I haven't looked at, but I have used Qlik Sense's cloud platforms. With on-premises, you are in control of pretty much how you set up all the data that you are sending out. A lot of our customers have the issue that if it is a cloud platform, they cannot really send out the data to any of these cloud platforms. So, there are data residence and other issues.

What's my experience with pricing, setup cost, and licensing?

It is economical than other solutions.

What other advice do I have?

I would definitely recommend Splunk. It is quite a decent tool, and it is there in a lot of enterprises.

I would rate Splunk an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
PeerSpot user
PeerSpot user
Consultant at Splunxter, Inc.
Real User
Top 20
Feb 9, 2021
Our clients are easily able to modify and evolve their implementations
Pros and Cons
  • "With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM"
  • "Our clients are easily able to modify and evolve their implementations."
  • "Out clients went from unhappy using inflexible, poorly-supported products (in some cases barely functionally) to confident and excited when using Splunk."
  • "It needs a better way to export dynamic views without requiring a ton of code and user/pw."
  • "It needs integration with a configuration management solution."
  • "The first tier support is as bad as it is most places and getting worse all the time."

What is our primary use case?

Security. We have built SIEM solutions three times from the ground up (not ES) using Splunk for some of the largest companies in the world.

How has it helped my organization?

Out clients went from unhappy using inflexible, poorly-supported products (in some cases barely functionally) to confident and excited when using Splunk. Not only are they able to do their security jobs and investigations, but they are also easily able to modify and evolve their implementations themselves to keep up with the shifting sands, which is the SecOps landscape.

What is most valuable?

  • Core Splunk
  • Saved searches
  • Dashboards (SimpleXML) 

With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEM.

What needs improvement?

  • It needs integration with a configuration management solution. 
  • It could use better password management for forwarders. 
  • It needs a better way to export dynamic views without requiring a ton of code and user/pw.

For how long have I used the solution?

Almost 10 years.

What do I think about the stability of the solution?

Unfortunately, lately every release has a new memory leak.  Be SURE to upgrade late and READ THE RELEASE NOTES, especially the "Known Issues" section.

What do I think about the scalability of the solution?

We only ever have issues when deployed on VMs and the VM admins do not do what we tell them to do which is EXCLUSIVELY RESERVE OUR RESOURCES.

How are customer service and technical support?

It used to be great (but perhaps that was because my employer at the time was a key prospect in a vertical where Splunk had no customers) but Splunk support is definitely a victim of Splunk's explosive growth.  The first tier support is as bad as it is most places and getting worse all the time.  If you KNOW your problem is not run of the mill, ask for escalation immediately.  Also the clock on the case does not start until somebody adds a note to the case so always call in and ask if they got your diag file (always attach a diag) and the person who answers will have to add a note to the case which will start the clock.

Which solution did I use previously and why did I switch?

I have dabbled with LogRythm and ArcSight and they are both OK, but Time-To-Value is WAY shorter with Splunk, IMHO.

How was the initial setup?

Use bare metal severs on Linux and you will be fine.  Use Windows and you will have much trouble.  Use VMs and your admins will cheat you and you will have much trouble.  Do not use NAS!!!!

What about the implementation team?

In-house.  We at Splunxter are Splunk experts.  We can do anything with Splunk.  We always hit homeruns.

What was our ROI?

We usually get multi X-factor within a quarter.

What's my experience with pricing, setup cost, and licensing?

Get free PS if you can (ask) or USE THE DOCS.  The documentation will get you to success.  If you are not getting more value out of Splunk than the license you are paying, then you are doing something wrong and should spend a tiny bit more to get a consultant like Splunxter.com to help you.

Which other solutions did I evaluate?

No,we went with the free trial and got so much value so quickly we bought in.

What other advice do I have?

You can also get GREAT help at answers.splunk.com.

Disclosure: My company has a business relationship with this vendor other than being a customer. We are a Splunk-focused consulting company, but not a Splunk Partner. I am also a member of the "Splunk Trust", Splunk's "MVP" program.
PeerSpot user
Buyer's Guide
Download our free Splunk Enterprise Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free Splunk Enterprise Security Report and get advice and tips from experienced pros sharing their opinions.