Splunk Enterprise

Best SIEM in the market

Opmerkingen: My overall experience has been awsome so far. I would rate it 8.5/10.Splunk has been as effective soluntion when it comes to triaging and monitoring of day to alerts.

Pluspunten:

- Easy to triage and monitor alert (Very fast and gives effective results as compared to other produts)Arcsight,Devo etc- Customer Support is excellent- Threat Hunting can be done effectively with the help of Splunk(IOC based,Corellation based etc)- Log parising is very effective & intelligent.

Minpunten:

- The only think i liked least about splunk is the cost involved/pricing model in case of high data volumes.

Big data is no problem for Splunk Enterprise

Opmerkingen: Splunk is a powerful and useful monitoring tool. Splunk's efficiency is enhanced by the ability to integrate third-party apps developed in-house. It's also interesting that we can incorporate a customs alert and dashboard. In most situations, it resolves the need to normalize data, allowing for the use of any and all data in business forecasting. It is analyzed for data that can be utilized to optimize spending plans and asset tracking.

Pluspunten:

Without worrying too much about data type or normalization, Splunk Enterprise can efficiently manage massive amounts of data from numerous sources. Data may be accessed in a flash, and there are a number of options for tailoring and integrating data analysis workflows to create bespoke dashboards or utilizing apps from our other product partners.

Minpunten:

There isn't much I dislike about splunk, however if we have to be picky, it would be that it's more difficult to maintain as an administrator when splunk is installed on outdated architecture.

Best log monitoring tool

Pluspunten:

Powerful search language Advanced visualisation Flexibility to accept logs from any source High availability Ease of administration

Minpunten:

The cost is too high compared to other log monitoring tools.

Spunk Review

Pluspunten:

It allows me to bring a lot of information into one friendly view. It's a great security audit tool.

Minpunten:

It has limited functionality. It is a very memory intensive system. It does not integrate with Lennox.

The only tool you need to manage production data

Opmerkingen: I'm very pleased with the data management capabilities Splunk Enterprise has given us. Before we implemented it, we were really struggling to make sense of some of the big data we get from our machines, but now, we can get very detailed insights into hw the machines are performing at any time. It's helped us monitor performance, issues, and opportunities much easier.

Pluspunten:

I love how detailed you can have the dasboards and charts go. It supports tons of chart types, and custom reporting elements. But above all, with the automaetd monitoring, you can have access to continuous insights from large data you wouldn't have been able to make sense of otherwise.

Minpunten:

It's quite difficult to set up in the beginning. It took us a lot longer than expected to map our production data onto the system. But once you have it up and running, it works like clockwork