# Splunk Enterprise Security Reviews **Vendor:** Cisco **Category:** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem) **Average Rating:** 4.3/5.0 **Total Reviews:** 246 ## About Splunk Enterprise Security Splunk Enterprise Security (ES) is a data-centric, modern security information and event management (SIEM) solution that delivers data-driven insights for full breadth visibility into your security posture so you can protect your business and mitigate risk at scale. With unparalleled search and reporting, advanced analytics, integrated intelligence, and prepackaged security content, Splunk ES accelerates threat detection and investigation, letting you determine the scope of high-priority threats to your environment so you can quickly take action. Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Our extensive ecosystem of Splunk, partner, and community-built integrations as well as flexible deployment options ensure your technology investments are working in tandem with Splunk ES whilst meeting you wherever you are on your cloud, multi-cloud, or hybrid journey. ## Splunk Enterprise Security Pros & Cons **What users like:** - Users find Splunk Enterprise Security **easy to use and configure** , simplifying management even for beginners in SIEMs. (15 reviews) - Users value the **strong integration with multiple systems** provided by Splunk Enterprise Security for enhanced visibility. (13 reviews) - Threat Detection (13 reviews) - Features (12 reviews) - User Interface (11 reviews) - Users appreciate the **clear and comprehensive visibility** provided by Splunk Enterprise Security through its customizable dashboards. (10 reviews) - Log Management (10 reviews) - Users commend the **responsive customer support** of Splunk Enterprise Security, enhancing their overall experience and satisfaction. (9 reviews) - Cybersecurity (8 reviews) - Integrations (8 reviews) **What users dislike:** - Users find **Splunk Enterprise Security expensive** , especially as data volume increases, impacting overall budget management. (17 reviews) - Users find the **complex setup** of Splunk Enterprise Security challenging, needing extensive expertise and resources for implementation. (8 reviews) - Complex Implementation (6 reviews) - Complexity (6 reviews) - Difficult Learning (6 reviews) - Users face **integration issues** with Splunk Enterprise Security, requiring expertise and resources for effective onboarding. (6 reviews) - Users face a challenging **learning curve** with query writing, impacting new analysts' ability to adopt Splunk effectively. (5 reviews) - Users note that **resource-intensive features** of Splunk Enterprise Security require careful planning and substantial infrastructure investment. (5 reviews) - Training Required (5 reviews) - Poor Customer Support (3 reviews) ## Splunk Enterprise Security Reviews ### 1. Splunk **Rating:** 4.0/5.0 stars **Reviewed by:** Janani R. | Mid-Market (51-1000 emp.) **Reviewed Date:** November 01, 2023 **What do you like best about Splunk Enterprise Security?** It helps security team to analyze notable event and help to priortize the threat and to take required action. **What do you dislike about Splunk Enterprise Security?** Nothing to dislike in splunk intelligence management. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk is used to get vulnerability in servers which help us to undersatnd where is the vulnerability and we take action accordingly. ### 2. Best Content Development and Analytics tool for Cyber Security **Rating:** 5.0/5.0 stars **Reviewed by:** Aman P. | Cloud Security (Threat and Observability), Enterprise (> 1000 emp.) **Reviewed Date:** November 09, 2023 **What do you like best about Splunk Enterprise Security?** The Interface and the parsing methodolgy is good also its very user friendly **What do you dislike about Splunk Enterprise Security?** The cost of the license is too high and some custom addons cannot be added **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are using it to Analyze the malicious traffic from external to internal IT environments ### 3. Used Splunk for project **Rating:** 4.5/5.0 stars **Reviewed by:** Vinayak T. | Software trainee, Mid-Market (51-1000 emp.) **Reviewed Date:** November 23, 2023 **What do you like best about Splunk Enterprise Security?** It is highly secured I used it in project **What do you dislike about Splunk Enterprise Security?** Everything is good as it helped a lot in my project **What problems is Splunk Enterprise Security solving and how is that benefiting you?** I used it for realtime monitoring and it gave me accurate info ### 4. Best ever Log integration tool **Rating:** 5.0/5.0 stars **Reviewed by:** ABDUL H. | Enterprise TSE - SaaS-Ops, Mid-Market (51-1000 emp.) **Reviewed Date:** November 09, 2023 **What do you like best about Splunk Enterprise Security?** Integration with every log generation platforms. Provides you a gateway to all of your reports. **What do you dislike about Splunk Enterprise Security?** That it doesn't have its IOS platform enough featured. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Provides an ease to analyse the logs received from different platforms. ### 5. Very advanced SIEM tool and important features **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Mid-Market (51-1000 emp.) **Reviewed Date:** November 21, 2023 **What do you like best about Splunk Enterprise Security?** According to me, Splunk Enterprise security has the best correlation and analysis model compared to other competitors. Also, along with the compliance-related options, the UEBA feature particularly I liked a lot. **What do you dislike about Splunk Enterprise Security?** SES is a bit difficult to learn for beginners, and also somewhat expensive. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** For analysing incidents, and reducing the false positives. Customised incident correlation with user behaviour analysis. ### 6. Amazing tool to analyze notable events and leverage intelligence **Rating:** 4.5/5.0 stars **Reviewed by:** Ketan M. | Associate Director - Cyber Security, Enterprise (> 1000 emp.) **Reviewed Date:** March 31, 2023 **What do you like best about Splunk Enterprise Security?** Helps to nalyze notable events and leverage intelligence **What do you dislike about Splunk Enterprise Security?** Nothing as such to dislike about Splunk Intelligence Management **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Helps security professionals analyze notable events and leverage intelligence to quickly understand threat context and prioritize and accelerate triage. ### 7. Splunk an effective SIEM tool **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Consulting | Enterprise (> 1000 emp.) **Reviewed Date:** January 13, 2024 **What do you like best about Splunk Enterprise Security?** Very robust SIEM tool. Effective in Security information and event management **What do you dislike about Splunk Enterprise Security?** Could be cumbersome without adequate training **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk was integrated with the cloud enterprise landing zone for log monitorings ### 8. Splunk **Rating:** 4.5/5.0 stars **Reviewed by:** Sushil B. | administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** September 14, 2023 **What do you like best about Splunk Enterprise Security?** its use cases, and accrucy wich help to easy analysis **What do you dislike about Splunk Enterprise Security?** it little bit costly and require some more attaention for implementation **What problems is Splunk Enterprise Security solving and how is that benefiting you?** it was good as expected for sending and logging anf creating dashboard ### 9. Best solution for SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Esat Yasar C. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 09, 2023 **What do you like best about Splunk Enterprise Security?** Splunk collects logs from all of the company's systems and applications. Splunk Enterprise Security products provide us with predefined rules and integrate all of products **What do you dislike about Splunk Enterprise Security?** Price is also big problem for Splunk Enterprise Security. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security provide us more visibility and more security via pre-defined rules and product capabilities ### 10. User Friendly Security Monitoring and Response Tool **Rating:** 5.0/5.0 stars **Reviewed by:** Mohammed K. | Senior Engineer -Cyber Security, Enterprise (> 1000 emp.) **Reviewed Date:** October 01, 2022 **What do you like best about Splunk Enterprise Security?** Searching, Apps for each type of devices, Incident Review and Response, Asset Center are few of the excellent features in Enterprise Security. All these features are very user friendly and provide the easy incident investigation interface. **What do you dislike about Splunk Enterprise Security?** Correlation of Packet data and End Point Detection and Response data with event logs are not the feature in Enterprise security. Hence lag the complete security analytics of organization data of each layer. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Security Incident Monitoring and Response, security investigation, Technical and Managerial Reports and Dashboards. Integration with Threat Intelligence and Vulnerability Data enriched the events for better and quick investigation of incidents. ### 11. Prevents threats and minimizes system failure cases **Rating:** 4.5/5.0 stars **Reviewed by:** Sherry K. | Network Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** August 13, 2022 **What do you like best about Splunk Enterprise Security?** I like splunk ES because it continuously monitors our system for potential threats and alerts us in real time so that we are able to prevent the threats before they ness up our system. I like its access anomalies dashboard which allows us to identify any breach and suspicious activity from users, this makes it easy for us to prevent any unauthorized and suspicious access and helps us protect our IT infrastructure and keep our sensitive data safe. **What do you dislike about Splunk Enterprise Security?** I don't like that i can only monitor the privileged accounts for suspicious activity or access breach it would be very helpful if i can monitor all accounts thisbwould hwlp see which account have anomalies and may pose a threat to our system. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We jave deployed Splunk Enterprise Security to monitor our IT infrastructure which consists of servers, networks and web applications. It help us to see monitor the system 24/7 and identify all threats and anomalies sobthat ee are able to fix them before they affect our system. Splunk ES allows us also to monitor access logs and suspicious access and breaches that would compromise our sensitive Company information and data ### 12. Urged to filter Security data to manage the costs can be dangerous or fatal **Rating:** 1.5/5.0 stars **Reviewed by:** Verified User in Banking | Enterprise (> 1000 emp.) **Reviewed Date:** June 30, 2022 **What do you like best about Splunk Enterprise Security?** very nice visualization and Analytics Engine with easy to create Dashboards, many 3rd party integrations and a vast and active community to support in case spluk support did not answer. **What do you dislike about Splunk Enterprise Security?** Lack of out-of-the-box features, another Toolbox additional to all other Splunk "tools" rather than an integrated Product. Integration, maintenance and customization effort needed are very high. The subscription fee is exploding, and we need to filter now the ingested logs dramatically ... which adds a new vulnerability. Splunk products have too many product vulnerabilities themself for a Security Product. **Recommendations to others considering Splunk Enterprise Security:** Check needs carefully does it come with SES (supported) or download community (no support) **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Detect security treads and hacker attacks, movements in the system, mainly based on MITRE ATT&CK and vulnerabilities found i.e. log4j by ingested and filtered logs. ### 13. One of the Best SIEM in industry **Rating:** 5.0/5.0 stars **Reviewed by:** Kartik S. | Information Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** September 02, 2022 **What do you like best about Splunk Enterprise Security?** It's easy to deploy, the agent /forwarder is very lightweight, and it can parse almost all log sources, which makes it the best in the industry. **What do you dislike about Splunk Enterprise Security?** Customer service needs improvement and the tool is a bit expensive, apart from that there are no issues with this product. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It's our main siem and helps us to perform log aggregation, generation of alerts, and help us in threat hunting. ### 14. Splunk Enterprise Security Review **Rating:** 5.0/5.0 stars **Reviewed by:** Mubeen A. | SOC - Security Engineering Lead, Mid-Market (51-1000 emp.) **Reviewed Date:** April 30, 2022 **What do you like best about Splunk Enterprise Security?** Great product for security monitoring and reporting. Blazing fast searches, superb user interface and excellent visualization options. Also, reporting and other features are great as well. **What do you dislike about Splunk Enterprise Security?** Scalability is an issue and licensing costs are very high which makes this great tool hard to procure for SMEs. Also, support can improve to enhance the overall experience. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We use Splunk Enterprise Security to provide security monitoring solutions to our esteemed customers. Splunk helps my team do their threat hunting and log analysis in real-time to assist operations. ### 15. Enterprise Security a Security Team Must Have **Rating:** 5.0/5.0 stars **Reviewed by:** Seereeram D. | Information Technology Security Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** December 07, 2021 **What do you like best about Splunk Enterprise Security?** Enterprise Security has a built-in Risk Analysis Dashboard. This allows an executive-level overview of what is going on in an understandable format which can be viewed by non-technical personnel. It incorporates MITRE, NIST as well as CIS identifiers for threat activity, allowing high-level classification of assets, identity, and communication behavior. **What do you dislike about Splunk Enterprise Security?** If you are deploying this product for yourself, it is quite a challenge. Enterprise Security offers the single pane of glass for your investigation and monitoring needs, but to get everything onboarded can be daunting. The identity and assets enrichment was not straightforward and required a lot of manual work. For it to be optimized for full benefit, there is a layer of complexity along the journey **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security allows us the ability to classify activity in our networks, mapping it to NIST, CIS and Mitre attack categories. This visibility provides easy identification of possible threat activity and the ability to drill down into this to perform investigation and analytics. Once collecting the necessary information this provides excellent coverage into activity. ### 16. Wow!! Wonderful experience!! Everything you need at the tip of your fingers. **Rating:** 5.0/5.0 stars **Reviewed by:** B M. | Senior IT Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** August 04, 2022 **What do you like best about Splunk Enterprise Security?** All the features were great. From the correlation rules to all the details in the reporting were actually great. Indeed a useful product when it comes to granular security. **What do you dislike about Splunk Enterprise Security?** Nothing to be disliked of. However it could have been great if they had a handy dashboard template for different enterprises. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Security Monitoring, Enterprise monitoring, network reporting, ### 17. World Class Threat Intelligience, Analytics and Risk Monitoring **Rating:** 5.0/5.0 stars **Reviewed by:** Seereeram D. | IT Security Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** November 23, 2021 **What do you like best about Splunk Enterprise Security?** Splunk Enterprise Security allows us to actively perform threat intelligence and analysis while providing results in an easy-to-understand manner. **What do you dislike about Splunk Enterprise Security?** As with Splunk in general proper configuration and deployment requires a steep learning curve. In general, this is my only issue with Splunk, the complexity of configuration and deployment. **Recommendations to others considering Splunk Enterprise Security:** Ensure teams are appropriately trained before implementation **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security has provided us with deeper insight into our network. It has addressed a gap in security intelligence by offering links to multiple intelligence feeds while performing active threat analytics and risk-based reporting. Splunk Enterprise Security has allowed us to identify possible incidents on our networks while allowing a deep level of investigation into occurrences. ### 18. Splunk - Looking for troubles :) **Rating:** 5.0/5.0 stars **Reviewed by:** Rohit S. | Senior Technical Account Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** January 17, 2018 **What do you like best about Splunk Enterprise Security?** Splunk is a great SIEM solution and its integration with almost any network and security device makes it a unique player in market. Its apps and super fast search options are best in class **What do you dislike about Splunk Enterprise Security?** No problems with splunk so far. Its been working very good **Recommendations to others considering Splunk Enterprise Security:** great tool for SIEM **What problems is Splunk Enterprise Security solving and how is that benefiting you?** we are integrating our network security devices to corelate logs and making case studies for any security violations. its one of the best part of our SOC ### 19. Smart, efficient and powerful tool to gather and organize raw logs from multiple sources. **Rating:** 4.5/5.0 stars **Reviewed by:** Nikhil P. | Engineer trainee, Enterprise (> 1000 emp.) **Reviewed Date:** November 05, 2021 **What do you like best about Splunk Enterprise Security?** The best feature would be the user interface which is easy to navigate and understand. A little training on how to use the Splunk query language, and you are good to go! Easy to download or share the logs across various platforms and has a very insightful pictorial representation of data in graphs, tables, and various other forms. **What do you dislike about Splunk Enterprise Security?** It has an overwhelming amount of features that may go unused in some cases. It would be better if Splunk could be altered according to a user's needs. Splunk doesn't use MFA as far as I know, so it would be better if it is included. If queries aren't precise, your job (output) will be running for a long time. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk collects raw data and organizes them according to different fields. This allows an analyst to dig into the data and find potential indicators of compromise to remediate security incidents. ### 20. Profesional SIEM based on Splunk Enterprise **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Pharmaceuticals | Enterprise (> 1000 emp.) **Reviewed Date:** January 18, 2022 **What do you like best about Splunk Enterprise Security?** The best thing I like about Splunk Enterprise Security is that it comes as an add-on on top of Splunk Enterprise. This thing makes it easy to deploy and use if you are familiar with Splunk. **What do you dislike about Splunk Enterprise Security?** I don't like that it doesn't come with many security use-cases and alerts out of the box and it's a bit difficult to configure it from scratch. This product can't be highly customized, but it can be confusing for untrained personnel. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk Enterprise Security can be used to create security incidents based on the security use-cases alerts you enable or create. The SOC team can observe and track the incidents as in any other smart ticketing platform. ### 21. Very useful for user activity monitoring **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Enterprise (> 1000 emp.) **Reviewed Date:** March 07, 2022 **What do you like best about Splunk Enterprise Security?** The detection power and customisation possibilities. Very helpful to identify any suspicious activities in the environment within no time. **What do you dislike about Splunk Enterprise Security?** Nothing so far. I'm really happy with its performance **Recommendations to others considering Splunk Enterprise Security:** I have tried other user behaviour tools as well but really happy with splunk as it is one solution for multiple problems **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Majorly User behaviour thigns are been taken care by splunk user behaviour analytics tool.. ### 22. The best SIEM out there, if you're willing to learn **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** March 05, 2021 **What do you like best about Splunk Enterprise Security?** You can customize all aspects of the platform, automate workflow actions, design rules with detailed drill down searches, enrich the notables with valuable context, and if you're willing to get creative and hack it a little bit, you can do unexpected things. If you choose to follow this route, there is a great and active community ready to help you achieve even the weirdest of goals. **What do you dislike about Splunk Enterprise Security?** Hard to ensure the logs are processed into CIM compliance, if this is not done right, the product becomes mediocre. This process can require professional services and lots of maintenance. **Recommendations to others considering Splunk Enterprise Security:** Invest in training your personnel properly, since it's very easy to misuse this tool and get low performance or inconsistent results. Also adhere to logging standards, Splunk ES works amazingly as long as you keep your logs CIM compliant and in good shape, if that's not the case you'll get an expensive, unreliable, and even slow tool. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Using it as a SIEM, allowing to generate alerts for the SOC to triage and then kick off more in-depth investigations, providing different views of your overall security stance under the concept of domains, you can analyze dashboards related to hosts, malware, network activity and so on. It also integrates with threat intelligence frameworks so your detection rules have a higher relevance. ### 23. splunk experience **Rating:** 4.5/5.0 stars **Reviewed by:** Munigala R. | Cyber Security Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** June 17, 2021 **What do you like best about Splunk Enterprise Security?** able tomonitor logsof end devices more deeply with every event been triggered in the console which helps for monitoring **What do you dislike about Splunk Enterprise Security?** no major dislikes but sometimes experiences timestamp issues with logs **Recommendations to others considering Splunk Enterprise Security:** Good siem tool to monitor the client environmen and abe to create dashboards reports for real time monitoring of the logs **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Easy abe to identify te treats in the network with the help of rules and defend the promptly ### 24. Best tool for troubleshooting server issue **Rating:** 4.5/5.0 stars **Reviewed by:** vivek sagar s. | Sr DevOps Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** July 27, 2021 **What do you like best about Splunk Enterprise Security?** Easy to search and analize the issue based on keywords. **What do you dislike about Splunk Enterprise Security?** Queries can be lengthy sometimes. Otherwise output gets bigger and bigger. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Any kind of server failure or deployment failue issue can be easily identified using splunk. ### 25. Very satisfied with the splunk enterprise security used in our project **Rating:** 5.0/5.0 stars **Reviewed by:** Vinay S. | Application Development Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2020 **What do you like best about Splunk Enterprise Security?** The dashboard facility provided to view the different types of logs generated from our application and also the data gets stored. Which will help us to analyze. It also provides enhanced graphical user interface so that the end user will be able to easily navigate through the tool. Need to mention the charting capabilities of splunk which represents the data graphically which inturn makes the users to identify the variation in the logs generated by the application.this also feels very rich while using the same.It also helps I real time monitoring which provides us with the accurate and latest data which we will be able to figure it out. Also the BI dashboards adds the most value for splunk.we can use this for the SQL injection vulnerability fixes and the logs to store the same as well **What do you dislike about Splunk Enterprise Security?** It seems to be expensive and also felt the search operations on the dashboards can be made a bit faster than the usual speed. In simple words it will be easy if we optimize this dashboard search functionality. A problem that was we licensed it base don how much data we upload to them everyday.something changed I. One of our applications and it started changing the behaviour. Since the competition is very hight in the other business fileds it will be beneficial for Splunk to resolve these issues to keep up the top position and remain as a roller in this industry. **Recommendations to others considering Splunk Enterprise Security:** I surely recommend this software to others since it is really helpful in maintaining large number of security logs which are generated by the application and can be easily monitored. It is very helpful in generating reports for the logs and security issues reported.which will be easy to extract and monitor offline for comfortable use **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It has helped us to monitor the logs which are generated from our application and we could view them in an organized manner so that we are keeping track of all the logs and resolving one by one. This has helped us in maintaining large number of security logs. ### 26. Best SIEM tool in the world **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Oil & Energy | Mid-Market (51-1000 emp.) **Reviewed Date:** May 06, 2021 **What do you like best about Splunk Enterprise Security?** The analysis and indexing of any data format. Integration support for almost all of the security devices available in the market. SOAR feature addition makes it one of a kind in the industry. **What do you dislike about Splunk Enterprise Security?** Best product comes with a heavy price tag on it. Many SMB companies could not afford the price of the products and the add-ons. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Ransomeware, PCI-DSS compliance, Data leak, User productivity, Windmill data analysis. Stopped many attacks, identify insider threats and prevented. ### 27. Industry leading log aggregation and management tool **Rating:** 4.5/5.0 stars **Reviewed by:** Scott R. | VP of Technology and Infrastructure, Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2020 **What do you like best about Splunk Enterprise Security?** An enterprise level tool for log aggregation and management that enables an all inclusive approach to data mining for service management and compliance. **What do you dislike about Splunk Enterprise Security?** Expensive licensing model compared to some other tools available. **Recommendations to others considering Splunk Enterprise Security:** Do not underestimate how much capacity you will need. As once people start using it they integrate it into their daily workloads. If possible get the business to but into it as a BI tool this enabling the cost to be spread outside of IT. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Enabled us to meet PCI compliance responsibilities and to create dashboards enabling not only IT problem solving but also to provide real value to business processes. ### 28. Easy and efficient to use **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Program Development | Mid-Market (51-1000 emp.) **Reviewed Date:** September 18, 2020 **What do you like best about Splunk Enterprise Security?** Enables users to access all log sources form a single box **What do you dislike about Splunk Enterprise Security?** Too much features,took me sometime to understand the functionality **Recommendations to others considering Splunk Enterprise Security:** Efficient ,easy to deploy and ease of learn to use **What problems is Splunk Enterprise Security solving and how is that benefiting you?** I'm able to easily write custom SPLs and Dashboard in minimum time.And data populates is more accurate and easy to understand,with enhanced widgets etc ### 29. It was an awesome expirience **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Small-Business (50 or fewer emp.) **Reviewed Date:** January 04, 2021 **What do you like best about Splunk Enterprise Security?** Easy to manage dashboards and get the data you need right there **What do you dislike about Splunk Enterprise Security?** Navigation can be improved a bit to make it easier to use. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** I use it to get alerts for unwanted activity that is seem inmy environment ### 30. Splunk - What is it good for? **Rating:** 1.5/5.0 stars **Reviewed by:** Danny S. | Director of Planning, Engineering, and Innovation @ USSOCOM, Enterprise (> 1000 emp.) **Reviewed Date:** August 31, 2020 **What do you like best about Splunk Enterprise Security?** Nothing to add here. I hate the name as much as I hate the product. **What do you dislike about Splunk Enterprise Security?** Everything but mostly the cost and licensing model for anything Splunk has to offer. **Recommendations to others considering Splunk Enterprise Security:** Look at other products. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It was supposed to help us with insider threats as well as our cyber security incident response team but its just really expensive. ### 31. Improve security with splunk **Rating:** 5.0/5.0 stars **Reviewed by:** Sunny K. | Senior Technology Consultant, Enterprise (> 1000 emp.) **Reviewed Date:** July 25, 2020 **What do you like best about Splunk Enterprise Security?** The user interface(GUI), which is self-explanatory on every page or view. Also its security related investigation capabilities. It is real time. **What do you dislike about Splunk Enterprise Security?** Splunk can be expensive for large data volumes **Recommendations to others considering Splunk Enterprise Security:** you can rely on its effectiveness. The product really solves the purpose it is built for. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Monitoring, Analyzing and visualizing machine generated data. The main benefit is that we are building real time data application with help of it. ### 32. Splunk ES **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Automotive | Enterprise (> 1000 emp.) **Reviewed Date:** July 27, 2020 **What do you like best about Splunk Enterprise Security?** I have been using splunk ES for about 1 year to support the SOC. I find the product produces a lot of information that increases the company's level of security **What do you dislike about Splunk Enterprise Security?** dont't find dislike for now. All is right **What problems is Splunk Enterprise Security solving and how is that benefiting you?** we have visibility for the It security part of everything that happens. ### 33. It's good SIEM tools to reduce false positive alerts. **Rating:** 5.0/5.0 stars **Reviewed by:** Gopichand R. | Enterprise (> 1000 emp.) **Reviewed Date:** January 28, 2020 **What do you like best about Splunk Enterprise Security?** It will providing all the future details in Splunk ES. Where we can get details summary reports in alerts. Depend on alerts. Like source, destination, users, workstations, Event code, login types etc.. **What do you dislike about Splunk Enterprise Security?** There is nothing anything to dislike with this product. It's all in one. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Using Splunk ES products lots of unwanted suspicious activities monitor. Created Malicious activities which is belonging to Network, users behavior. Daily basis reduce so many false positive alerts in Splunk ES. So many created alerts, Reports & Dashboard in ES. ### 34. Splunk the Swiss Army knife do all in security **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Networking | Enterprise (> 1000 emp.) **Reviewed Date:** August 31, 2020 **What do you like best about Splunk Enterprise Security?** Flexibility the splunk SIEM is very versatile **What do you dislike about Splunk Enterprise Security?** Dashboards can be tricky to set up. However, once set up a great security tool. **Recommendations to others considering Splunk Enterprise Security:** Yes **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Threats As in traffic flow to see it it was blocked or allowed ### 35. The watchman never sleep : Splunk Enterprise Security **Rating:** 4.0/5.0 stars **Reviewed by:** Pathman P. | Snr. Systems Engineer / Security Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** October 25, 2019 **What do you like best about Splunk Enterprise Security?** Splunk ES product that monitors real-time data generated from network endpoints, access, malware and vulnerabilities and generate alerts by analyzing and correlating them with defined and built-in rules. Administration is so easy and reduces security personnel risk of tacking security incidents. This is very useful and well recognized product every organization should setup. **What do you dislike about Splunk Enterprise Security?** Have not found any dislikes so far. great product. **Recommendations to others considering Splunk Enterprise Security:** before splunk we collected lots log but we never had time to analyze them and later we found that we have missed important security alerts. Now with splunk , we never miss any security alerts and we can stop before any damage happens. So we recommend all enterprises to setup Splunk and know your network activities and control before they make you devastated. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Having lots of devices and servers introduced to the network, generate lots of logs and not enough man power and time anlyze them. This became unmanageable and security events went unnoticed. Then we learned about Splunk SIEM and tested before buying. This can collects all events logs into one engine and analyze and alert us. ### 36. Best in SIEM Solution **Rating:** 4.5/5.0 stars **Reviewed by:** Mohammed Aquib A. | SIEM Specialist , Enterprise (> 1000 emp.) **Reviewed Date:** June 22, 2019 **What do you like best about Splunk Enterprise Security?** Splunk is the best SIEM solution that a company can have for security of an enterprise. **What do you dislike about Splunk Enterprise Security?** There is nothing I feel personally any disadvantage in Splunk SIEM solution. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Performing Search queries on integrated log sources for checking any attacks. ### 37. Amazing Software for Security and Dashboards **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Health, Wellness and Fitness | Enterprise (> 1000 emp.) **Reviewed Date:** October 24, 2019 **What do you like best about Splunk Enterprise Security?** I love how diverse this software is. It's easy to create simple dashboards and searches or you can create very complicated searches and filter through specific data. Dashboards can be created so that other members of the team that aren't so technical can easily look at the visuals and see what is going on. We use it in security for a bunch of different areas of the company. **What do you dislike about Splunk Enterprise Security?** Somewhat of a learning curve to get set up and going. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Quick dashboards for common problems. We use it for security so we can see different server errors, time and what pages. Employee logins, account changes and invalid login attempts. Most importantly we use it against different malware and hackers trying to gain access. ### 38. Great log Analysis tool **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2018 **What do you like best about Splunk Enterprise Security?** a crisp view of different logs and analytics **What do you dislike about Splunk Enterprise Security?** ease of use and installation process can be improved **What problems is Splunk Enterprise Security solving and how is that benefiting you?** i work for a huge telecomminications client and they have huge infrastructure where different api's get triggeded from different layers and to analyze those logs splunk helps us a lot ### 39. Great logging and event monitoring tool that makes our debugging life easy **Rating:** 4.0/5.0 stars **Reviewed by:** Ashok V. | Senior Manager, Business Applications, Enterprise (> 1000 emp.) **Reviewed Date:** July 31, 2019 **What do you like best about Splunk Enterprise Security?** Splunk is a very great tool for logging our SFDC events and it's 6 months and one year option for having logs of our log headers and log details is a killer feature **What do you dislike about Splunk Enterprise Security?** The UI can be more interactive and they can also be little competitive with pricing as the one year option will cost you a fortune as an organization and small startup also need to afford this tool **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are debugging our SFDC application by integrating with Splunk and the Splunk logs help us in event monitoring and any transactions that are missed help us identify the root causes of our Incidents ### 40. Splunk security **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Aviation & Aerospace | Small-Business (50 or fewer emp.) **Reviewed Date:** March 18, 2020 **What do you like best about Splunk Enterprise Security?** I like the possibility do performan specific research about cybersecurity **What do you dislike about Splunk Enterprise Security?** Nothing of particular, Maybe splunk not Identity the threat in Real time **Recommendations to others considering Splunk Enterprise Security:** Its an Amazing product to perform activities related to Threat Hunting **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Thanks to Splunk we have managed to Identify compromised account and advanced malware. ### 41. Best for security and network teams **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** October 23, 2019 **What do you like best about Splunk Enterprise Security?** Splunk gives you huge access to each end-point and everything on your environment. Especially, it allows you to make your own apps insdie the Splunk which makes it more fruitful. Because it can be customized according to your needs. As a cyber security team member, I was happy to use Splunk which made my event management like shelling peas. **What do you dislike about Splunk Enterprise Security?** I can say nothing. May be price is a bit much for developing countries. However, Splunk still deserves it. **Recommendations to others considering Splunk Enterprise Security:** Buy it, do not think too much. It is the best. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We integrated our whole environment from softwares to devices. Log analysis for the company become easier via Splunk. Especially, user-defined alarms and reports are so useful. ### 42. Nice platform to see the error reports and logs **Rating:** 5.0/5.0 stars **Reviewed by:** Riya S. | Full Stack Engineer Intern, Enterprise (> 1000 emp.) **Reviewed Date:** July 26, 2019 **What do you like best about Splunk Enterprise Security?** The best thing is you can setup it as your company wants. Moreover its a great software as a service for security. TO sell all the error logs in our development server we use Splunk in our company. **What do you dislike about Splunk Enterprise Security?** The search is very slow, sometimes to search a particular log message it takes about 5 minutes. Moreover the error message doesn't come completely. **Recommendations to others considering Splunk Enterprise Security:** Good platform for security and system bugs. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Most error logs, datasets, failure reports of the server are on Splunk. ### 43. Adaptive Response Feature **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Mid-Market (51-1000 emp.) **Reviewed Date:** July 23, 2019 **What do you like best about Splunk Enterprise Security?** Enterprise Security Adaptive Response feature is very good where you can directly take action from the one console. Previously, Splunk is used for monitoring only and now it is used as a post mechanism also. For example, If some malicious event comes from the endpoint and you want to isolate that endpoint. You can create a new action and use that to isolate endpoint. **What do you dislike about Splunk Enterprise Security?** Splunk Enterprise is an add-on on Splunk so it is not isolated from other addon. We might face some security issue if other addons are conflicting with ES. It should come as a product incorporated on top of Splunk. I disliked the slowness of the App when it is installed on the lower configuration VM and it is very heavily built addon with so many javascript and python scripts. **Recommendations to others considering Splunk Enterprise Security:** If you are looking for a security tool I would recommend to go with Splunk Enterprise Security. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are monitoring endpoint details of our customer and using adaptive response, will block the endpoint if any malicious activity happens on endpoint. This will help us to boost endpoint security. We are also using the correlation search feature to populate incident review page with the malicious events. ### 44. Amazing tool to analyze huge logs accurately **Rating:** 4.5/5.0 stars **Reviewed by:** Rmn C. | Ram chhura , Enterprise (> 1000 emp.) **Reviewed Date:** April 16, 2019 **What do you like best about Splunk Enterprise Security?** The UI is so simple and interactive that you provide a simple search string and this powerful tool looks at your terabytes sized logs and show you result in an index form and that too in seconds. It also helps our OPS team to perform a log forensics. **What do you dislike about Splunk Enterprise Security?** This tool becomes very expensive if you have huge logs and if the logs keep on increasing so will the price to use this tool. The support from SPLUNK team is not that great. **Recommendations to others considering Splunk Enterprise Security:** Better response from the SPLUNK support team. May be change the price model a bit so that you can have more customers. I believe most the companies don't use this tool because it is so expensive. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** It helps us identify problems in our production environment. The alerts help us identify malicious activity since we have alerts set for certain events. ### 45. A powerful log aggregation solution with immensely useful tools built-in for popular applications. **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Telecommunications | Small-Business (50 or fewer emp.) **Reviewed Date:** March 28, 2019 **What do you like best about Splunk Enterprise Security?** Configuration design: Thoughtful and mature documentation and design of the application regarding enterprise-class scaling on network storage. -POWERFUL tools: The user interface lends itself to learning more about your organization from the logs you collect, through metrics of trends of the logs being gathered. There are also specific modules/add-ons for popular applications to provide more value and event-based monitoring, all without having to develop in-house dashboards and intelligence of those logs. - Customization: You can create your own queries of logs, and event-based alerts. **What do you dislike about Splunk Enterprise Security?** Price: This product is not free for more than the minimal use. Pricing can be very expensive, relative to open source offerings. That is the trade-off you pay for not having in-house development of open source offerings. As this product is priced based on gigabytes of indexed logs, it is important to understand the scope of licensing necessary for your environment to determine if it is a good fit for your organization. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** XRAY vision on your production instances. Every day we code our applications so that we will be splunk friendly with our app log statements. For example "featureX=value" allows you to query for every customer that engaged with featureX. ### 46. "Powerful and overhwelming SIEM" **Rating:** 5.0/5.0 stars **Reviewed by:** Andrew Y. | Software Engineer, Computer Software, Mid-Market (51-1000 emp.) **Reviewed Date:** February 26, 2019 **What do you like best about Splunk Enterprise Security?** Its abilities to list tremendous measure of information into occasions inside seconds, the different applications and extra, and its representations. It encourages continuous examination and can list any sort of information, likewise the equipment necessities of splunk are less. Splunk does not require any database to store its recorded occasions. A great deal of help and help is accessible in the network. Its extremely exceptionally simple to set up and can take information contribution from different sources like remote hosts, logs, contents, records, organize and so forth. In addition there is a free form also which permits to list 500 MB of information for each day. In conclusion, its UI is very client friendly.The truth that we can total and relate any occasions that we need is an integral asset in distinguishing and ceasing malignant movement on or against our system **What do you dislike about Splunk Enterprise Security?** I truly hated the way that we need to restart splunk at whatever point arrangement documents are changed, however I comprehend the explanation for, regardless it, restart takes a considerable amount of time. Likewise look handling language sets aside some opportunity to learn, it has a great deal of directions. The splunk expectation to absorb information is enormous and can take over a month to learn splunk thouroughly. Normalizing information is trying in splunk. What's more, numerous addons are Common Information display (CIM) good in splunk. **Recommendations to others considering Splunk Enterprise Security:** Get Splunk Enterprise for nothing to experiment with your utilization case, as a rule your confirmation of idea could undoubtedly be utilized as last examination application that you need at your Enterprise. The documentation is exhaustive for each theme from establishment, organization, look, advancement, and so on. In this way, you can give it a try.But still, recall this is a generally new administration and they are chipping away at including highlights while keeping the security of the Cloud. In the event that you are a genuine Splunk administrator, maybe complete a Self-Service Cloud alternative so you can complete things quicker. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** We are utilizing splunk to log all our web and application logs. Utilizing this log we are having an extraordinary straightforwardness at the season of posthumous an issue to investigate the example and investigate as needs be. Our splunk condition is utilized to help investigate issues, screen for security occurrences, and has even helped our police division situate in trouble individual's speedy enough to give mediation. ### 47. An incredible device which fills some needs." **Rating:** 5.0/5.0 stars **Reviewed by:** paul R. | Software Engineer, Computer Software, Mid-Market (51-1000 emp.) **Reviewed Date:** February 26, 2019 **What do you like best about Splunk Enterprise Security?** It has exceptionally educational dashboard which enables us to see information about servers in our condition. It gives visuals to the client when we select graphical portrayal, enabling us to change signs into visual outlines for example pie outlines, diagrams, tables, and so on. It is anything but difficult to scale with extensive informational collections. It underpins different sorts of information with ongoing analyzing.Splunk is extremely simple to introduce and they give bundle to both linux and windows based opertaing framework. establishment is simple simply unfasten the bundle and set the way and you are prepared to utilize **What do you dislike about Splunk Enterprise Security?** It tends to be CPU serious if not cautious. Early discharges were a great deal carriage, yet remediation's were brisk and brief. The heap on our quests, a few inquiries take for eternity. In some cases we have incredible trouble with motivating different items to parse logs accurately into splunk.pretty costly **Recommendations to others considering Splunk Enterprise Security:** Get Splunk Enterprise for nothing to experiment with your utilization case, much of the time your evidence of idea could undoubtedly be utilized as last investigation application that you need at your Enterprise. The documentation is careful for each theme from establishment, organization, look, improvement, and so forth. Along these lines, you can give it a try.It merits the exertion and speculation to ensure your frameworks and information impression. There are different instruments that are accessible in the market that won't break your bank, anyway you get what you pay for. This apparatus gets you a total 360 degree perspective on the information impression. Anyway there will be an expectation to absorb information to get and you will probably find that you are immediately overpowered by the measure of things you can do. Particularly when you begin getting data from different sources and wish to associate that data into dashboards and applications **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Totaling, and completing an example coordinating of occasions that can fill us in as to whether any vindictive action is occurring. It gives us a total view into our general security pose with fitting drill downs into explicit information to perceive what's going on in the association. Gathering and breaking down information with Splunk is simple. Be that as it may, there are different items out there - Graylog, the ELK stack - which are free and do a similar thing - just with more work. Be that as it may, when you manufacture your dashboard, you are a great idea to go - toss as much information at it as you need. ### 48. A powerful log aggregation solution **Rating:** 3.0/5.0 stars **Reviewed by:** Usman S. | Senior Analyst, Technical, Enterprise (> 1000 emp.) **Reviewed Date:** March 22, 2019 **What do you like best about Splunk Enterprise Security?** - Free to use for small 500MB or less daily ingress, quite nice for small use cases and learning - No development work required to deploy and provide value. - Deployment flexibility: client agents are available to use, or clientless configurations for multiple OS platforms. It's also very easy to deploy, not just flexible. its a very simple affair. **What do you dislike about Splunk Enterprise Security?** PRICE. The software is so powerful, and they seem to leverage this in the pricing of the licenses. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Splunk allows us to see exactly what is going on in production! we use Splunk to monitor our apps in real time. Splunk gives you the ability to perform queries like you would with SQL against your log statements in real time. ### 49. It's like google for your data **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Consumer Electronics | Enterprise (> 1000 emp.) **Reviewed Date:** December 03, 2019 **What do you like best about Splunk Enterprise Security?** SPL makes exploring your data a breeze and dashboards are super helpful **What do you dislike about Splunk Enterprise Security?** Error messages need to reflect the actual problems **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Visualizing the security posture of our infrastructure ### 50. Splunk review **Rating:** 4.0/5.0 stars **Reviewed by:** Nimisha V. | Web Services Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** June 19, 2019 **What do you like best about Splunk Enterprise Security?** I work at Fintech company and we use Splunk for checking error logs and tracking anything that goes wrong within the system. I like Splunk as it gives exact line number which is breaking the code which makes easier to debug. **What do you dislike about Splunk Enterprise Security?** The index should be accurate otherwise viewing logs is not easy. **What problems is Splunk Enterprise Security solving and how is that benefiting you?** Mainly checking code for Fatal errors and application error which does not break in development environment. ## Splunk Enterprise Security Discussions - [What is the difference between Splunk Enterprise and Splunk Enterprise Security?](https://www.g2.com/discussions/what-is-the-difference-between-splunk-enterprise-and-splunk-enterprise-security) - 1 comment - [View Splunk Enterprise Security pricing details and edition comparison](https://www.g2.com/products/splunk-enterprise-security/reviews?page=2§ion=pricing&secure%5Bexpires_at%5D=2026-05-30+03%3A09%3A06+-0500&secure%5Bsession_id%5D=42424f53-773a-48ed-9282-8401cafd44c1&secure%5Btoken%5D=348062a34bd8bfc01abc73751f56b2f995d0e03d728a9628e6597b3b02aabee7&format=llm_user) ## Splunk Enterprise Security Integrations - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [Bob](https://www.g2.com/products/buildonme-llc-bob/reviews) - [Cisco Duo](https://www.g2.com/products/cisco-duo/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [CyberArk Privileged Access Manager](https://www.g2.com/products/cyberark-privileged-access-manager/reviews) - [Dataminr](https://www.g2.com/products/dataminr/reviews) - [GitHub](https://www.g2.com/products/github/reviews) - [Google Workspace](https://www.g2.com/products/google-workspace/reviews) - [incident.io](https://www.g2.com/products/incident-io/reviews) - [Iru](https://www.g2.com/products/iru/reviews) - [Okta](https://www.g2.com/products/okta/reviews) - [Palo Alto Networks Next-Generation Firewalls](https://www.g2.com/products/palo-alto-networks-next-generation-firewalls/reviews) - [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) - [Teqtivity](https://www.g2.com/products/teqtivity/reviews) - [Vectra AI Platform](https://www.g2.com/products/vectra-ai-platform/reviews) - [VirusTotal](https://www.g2.com/products/virustotal/reviews) - [Zoom Workplace](https://www.g2.com/products/zoom-workplace/reviews) ## Splunk Enterprise Security Features **Threat Detection & Triage - AI SOC Agents** - Anomaly Detection & Correlation - False‑Positive Suppression - AI‑Driven Alert Triage **Response** - Resolution Automation - Resolution Guidance - System Isolation - Threat Intelligence - Incident Investigation **Network Management** - Activity Monitoring - Asset Management - Log Management **Investigation & Enrichment - AI SOC Agents** - Autonomous Case Investigation - Contextual Enrichment from Multiple Sources - Attack Path Mapping **Records** - Incident Logs - Incident Reports **Incident Management** - Event Management - Automated Response - Incident Reporting **Response & Remediation - AI SOC Agents** - Mean Time Reduction Metrics - Playbook‑Free Dynamic Workflows - Automated Response Execution **Management** - Incident Alerts - Incident Case Management - Workflow Management **Security Intelligence** - Threat Intelligence - Vulnerability Assessment - Advanced Analytics - Data Examination **Agentic AI - Security Information and Event Management (SIEM)** - Autonomous Task Execution - Multi-step Planning - Proactive Assistance - Decision Making **InfoSec Experience & Governance - AI SOC Agents** - Conversational Analyst Interface - Manual Feedback Learning Loop - Explainability & Audit Trail **Generative AI** - AI Text Generation - AI Text Summarization ## Top Splunk Enterprise Security Alternatives - [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) - 4.4/5.0 (280 reviews) - [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) - 4.4/5.0 (272 reviews) - [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews) - 4.2/5.0 (137 reviews)