SPLUNK ENT SEC TERM LIC+SUP GB/DAY

Mfg.Part: ES-T-LIC-ESUP-200-499 | CDW Part: 4154018
Availability: In Stock
Warranties
Request Pricing
Better Together
SPLUNK ENT SEC TERM LIC+SUP GB/DAY
Quick View
Total Price:

Product Overview

SPLUNK ENT SEC TERM LIC+SUP GB/DAY is rated 3.6 out of 5 by 11.
Rated 4 out of 5 by from It has helped with troubleshooting, making it easier What is our primary use case?We use it mostly for log monitoring, and also for trying to raise alarms.How has it helped my organization?It has helped with troubleshooting, making it easier. Now, we have one place where we can find logs and errors. There is no need to go to the actual server to search for the log file.What is most valuable?It provides logs in one place, so they are easy to find. It collects the logs from multiple places, then you have just one place where you see the whole flow from the front-end to the back-end. This is the best thing.What needs improvement?The search could be improved. Now, it is a bit difficult to write search queries because they become quite long, then maintaining those long search queries is a quite challenging.For how long have I used the solution?Three to five years.What do I think about the stability of the solution?I have not had any issues with it, and we have the whole banking infrastructure running on it.What do I think about the scalability of the solution?The scalability is okay as far as I have seen and used it. We have dozens of different environment environments using the same Splunk instruments, and it has been able to scale.How is customer service and technical support?I have not used technical support.What other advice do I have?Splunk's website is quite useful. You can find a lot of information on it. I would recommend to use it and try to figure out the product's features and what you can actually do with Splunk. You can do a lot of things with Splunk, but you need to know what to do first.I have used both the AWS and on-premise versions, but in two different environment, so I am unable to compare the versions.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-12-25
Rated 4 out of 5 by from It is a place for all our logs and everything goes in one place. What is our primary use case?We use it for log analysis and alerting, and our stock analysts use it.I have used the product for more than five years. Then, in the cloud, I have used it for probably a year. It scales better in the cloud than on-premise.How has it helped my organization?It is a place for all our logs, and everything goes in one place. The stock analysts and security people use one single dashboard (one single location) to check our logs.What is most valuable?* Easy indexing.* The solution is faster.What needs improvement?Every product needs improvement. If we can get a faster product, we will take it. There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good.We would like more integrations with other cloud products, not just AWS, e.g., Azure.For how long have I used the solution?More than five years.What do I think about the stability of the solution?The stability is good. We stress it at 98 percent.What do I think about the scalability of the solution?The AWS scalability is pretty good. We currently have it running on three servers.How is customer service and technical support?Other teams have told me that the technical support is pretty good.How was the initial setup?For the few integrations that we have already made, these have been easy to do.What was our ROI?We have seen ROI.What's my experience with pricing, setup cost, and licensing?Splunk is not free.What other advice do I have?I would recommend trying different stuff based on your company's needs and log types.We like the product.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-12-23
Rated 4 out of 5 by from It has the flexibility to do multiple analyses What is our primary use case?* Log mining* Log analysisHow has it helped my organization?It has helped us look at modern technology, as well as penetrate our legacy systems, to see where the bottlenecks are.What is most valuable?* The product is adept at log mining.* It has the flexibility to do multiple analyses.* It works across heterogeneous environments in different ways.What needs improvement?I have not tested the hybrid model yet. I don't know whether all its integrations and interfaces will work between the cloud and on-premise model. I also don't know if across multiple clouds all the products will perform properly.If it could be made available as a service, this would be much better than as a product.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It is stable under production environments.What do I think about the scalability of the solution?The scalability is decent. We have implemented it in our production environment, and it scales.What was our ROI?We have seen ROI and improvements as we have continued to use the product, but they are more reactive. We want to be proactive on an enterprise-wide scale.Which other solutions did I evaluate?We considered Oracle Enterprise Manager, but Splunk is way more powerful. Splunk is product-agnostic, as it can move across different platforms and products.What other advice do I have?Explore Splunk. The product has a lot of depth.It works with multiple products which are scheduling systems to ERPs to legacy, and it works perfectly fine.I use the on-premise version. I have not had the opportunity to explore the AWS on Splunk version yet.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2018-12-19
Rated 4 out of 5 by from It allows the centralization of data and brings birth to new sorts of correlations that were previously impossible using traditional SIEMs such as Arcsight or Qradar. Valuable Features:Splunk can be seen as a huge box that allows the storage of all sorts of logs. This allows the centralization of data and brings birth to new sorts of correlations that were previously impossible using traditional SIEMs such as Arcsight or Qradar. Splunk allow schema on the fly and therefore simplifies all the data onboarding process. All that leads to flexibility when it comes to defining the metadata since it is not necessary to have all the fields defined and extracted to be able to use Splunk. Another great feature is the field extractor that allows persons with little or no experience with Regex to define fields and extract valuable information from the data. Finally the ability to connect with various sorts of databases, NoSQL solutions makes it a very powerful tool, not only as a SIEM but also as a datalake for machine learning and data analysis.Improvements to My Organization:Splunk helped reduce development cost since it provides free applications on Splunkbase that can save a huge amount of time and effort. It also gave us the ability to dig into logs to find not just one needle but many needles in the haystack of data and that helped solve multiple production issues and reduced system downtime.A great improvement brought by Splunk is the ability to remove sensitive data before displaying it in reports allowing Splunk administrators to filter data according to the user’s clearance level.Room for Improvement:Adding custom visualization in Splunk has been improved over the years but can still be made better by integrating more and more javascript visualization sources.Stability Issues:Released versions are quite stable, we encountered some visual bugs following major upgrades but that was due to custom CSS that we had edited into Splunk.Scalability Issues:Splunk is a data analytics platform and is designed to scale easily, adding or removing machines from a splunk index can be done without affecting any of the existing members of the infrastructure.Technical Support:In my opinion Splunk has three levels of support, first level is their forum (Splunk Answers). The Forum is very rich and solves 90% of the issues that can be encountered. Then comes the real technical support team that replies quite fast—It all depends on the SLA. Finally comes the professional services team, those guys provide a very advanced level of expertise and can solve any issue.Previous Solutions:Yes, Arcsight. We switched because of how slow the support can be with HP sometimes and also because Splunk is simpler to use, is more data oriented and is more adapted for business security use cases.Initial Setup:We started Splunk on a stand-alone server. Installing that was very easy, a basic rpm install for Linux and an installer for windows. When we moved to a distributed environment it was a bit more complicated but the documentation on Splunk Docs was clear and easy to use so we had no problem there.Cost and Licensing Advice:Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price. Also when you have small volumes of data to index daily (Which might account for high EPS) you will be gaining the full advantage of using Splunk for a very low price.Other Solutions Considered:Yes, Graylog and Qradar.Other Advice:You're in for a good surprise, Splunk is fun, easy to use and will give you the results you are looking and more. It's a great tool for security and business analysis, you're looking at a big data platform that will allow a lot more than what the good old SIEM's could do.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-07-24
Rated 4 out of 5 by from My clients have visibility into systems and activities that they never had before. Valuable Features:Splunk Enterprise Security is most valuable, my clients use it as a SIEM solution. Splunk gives them the ability to bring multiple, disparate types of data together, then correlate and report on them.Improvements to My Organization:Some of my clients had rudimentary home-grown security solutions that Splunk ES has completely replaced.In these cases, the improvement was dramatic; they had visibility into systems and activities that they never had before.In the case of clients who already had a SIEM solution, the change was more incremental. However, in my opinion, the Splunk ES solution is superior because it is so flexible. It can consolidate data from almost anything.Room for Improvement:The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating.Use of Solution:I have used this solution for more than five years.Stability Issues:There were no stability issues. It is one of the most stable systems that I have worked with.Scalability Issues:As of now, no scalability issues were experienced. Splunk is highly scalable, so don’t anticipate that. However, scaling can get very expensive with their pricing model.Technical Support:Technical support is excellent! It is of top notch level. The customer support folks really know their stuff, the turnaround is fast.Previous Solutions:Previously, we were using HPE ArcSight.Initial Setup:That’s a hard one. The initial setup is easy but making it actually work is complex. However, the complexity is something that just comes with any good SIEM solution. Very few companies have exactly the same data and issues, so a great deal of data onboarding and normalization are always required.Other Solutions Considered:We evaluated HPE ArcSight.Other Advice:Plan your implementation carefully. Be sure you have someone to implement it, someone who knows what he is doing. Splunk’s inherent flexibility is a great thing, but it also provides an opportunity to really mess things up.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are an alliance partner.
Date published: 2017-07-03
Rated 4 out of 5 by from Security relies on this for event correlation and alerts. Valuable Features:* The speed of the search engine* All the types of data sources that you configure can be forwarded to Splunk.* The ease-of-useImprovements to My Organization:The network department, for example, has improved its efficiency by 30%. Security relies on this for event correlation and alerts.Room for Improvement:Cluster management can only be done via a command line. I would like them to add some GUI options for that. Permissions are not very flexible, so it would be nice to have more granular options, such as double factor authentication.Use of Solution:I have used Splunk for two years.Stability Issues:It is very stable.Scalability Issues:It scales out horizontally.Technical Support:The quality of support depends on the support and license. On the average, I would give them a rating of 6/10.Previous Solutions:We previously used ArcSight. Splunk is at another level. It is easier, more stable, and faster.Initial Setup:It is very easy to set up on a standalone server. Of course, if you want a cluster, it is more complicated. In order to manage it, you need skilled people.Cost and Licensing Advice:It is not cheap :-)Other Solutions Considered:We were using ArcSight before.Other Advice:My advice is to go ahead with it.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-06-23
Rated 4 out of 5 by from Collects data from many sources. Has search, analysis, and visualization capabilities. Valuable Features:* Collects data from any source* Powerful search, analysis, and visualization* Easy to build system on any platform* API and easily integrated search* Action scriptImprovements to My Organization:We have over 7000 devices in our network infrastructure for monitoring, maintenance, and performance assessment.We achieve this by collecting data and applying the analysis.Use of Solution:I have used this solution for one year.Scalability Issues:We did not encounter any issues with scalability. Everything is normal with no bugs.Technical Support:It’s easy to obtain support from Splunk for technical issues. We also have enough knowledge ourselves to apply fixes.Previous Solutions:We used to deploy Elastic Stack. The search language of Splunk is easier and friendlier than Elastic Stack. It has helped me to search quickly and easily. Based on the results, it’s easy to visualize and add results to a previously built, personal dashboard.Cost and Licensing Advice:Licensing is free. Pricing is based on usage.Other Solutions Considered:We evaluated Elastic Stack and Sumo Logic.Other Advice:If you are an enterprise and you need the best service for critical business analysis, Splunk would be one of the best choices.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2017-06-13
Rated 2 out of 5 by from Valuable features include rapid search, data mining, and information propagation. The GUI should be improved. Valuable Features:Rapid search is a valuable feature. Performance and incident response were the top priorities for most MSSPs. Breaches of SLAs will have a negative impact on customer trust, which eventually leads to losing customer confidence on services to which they’re subscribing. Hence, the proactive approaches will be the main differentiator from one MSSP to the others.Improvements to My Organization:It has been helping a lot of my clients with fast data mining and information propagation.Room for Improvement:The GUI should be improved, in other words, the overall appearance.Use of Solution:I am not the end-user. However, my job was more relevant as a consultant.Stability Issues:Performance upgrades are needed when more processing power is required.Scalability Issues:We have not had scalability issues.Technical Support:Technical support is good.Previous Solutions:The client was using an open source solution. They decided to switch to an enterprise product.Initial Setup:The setup can be straightforward, if use cases are well defined.Cost and Licensing Advice:Overall, it the cost is reasonable and it is easy to upgrade.Other Solutions Considered:Our client was considering the other solutions as well. However, due to their overall assessment, they still considered going with it.Other Advice:Start off with something at a comfortable level, expand gradually, and then move upwards, expanding steadily.Disclaimer: My company has a business relationship with this vendor other than being a customer:We are a distributor.
Date published: 2017-05-19
  • y_2019, m_1, d_19, h_14
  • bvseo_bulk, prod_bvrr, vn_bulk_2.0.9
  • cp_1, bvpage1
  • co_hasreviews, tv_0, tr_11
  • loc_en_US, sid_4154018, prod, sort_[SortEntry(order=SUBMISSION_TIME, direction=DESCENDING), SortEntry(order=FEATURED, direction=DESCENDING)]
  • clientName_cdwg