Mathew V., EVP & Global Head - Services at a tech company Although we're able to customize it, it requires some level of subject-matter expertise for all the special adapters for collection. I need a logger at each site, which also gets quite expensive. SrMgrFraud840, Senior Manager Fraud Services at a financial services firm Room for improvement It's complicated to deploy. In turn, it provides solutions for the needs of the IT department.
Kerem O., IT Security Assistant Manager at a financial services firm It's a reliable service and provides our team members with a lot of knowledge. Joseph L., Security Response Engineer at a communications service provider “Very stable system components (connectors, logger and correlation engine), combined with satisfactory vendor support and the ability to create parsers for all kinds of applications and systems is an important differentiator. From what I've seen for our network, it's the best at ingestion of events. HPE ArcSight Valuable features “It reduces the amount of time required to perform an investigation because of the correlation and aggregation of all the events. You can find more Splunk reviews on IT Central Station. Vinod S., Manager, Enterprise Risk Consulting It needs “operational workflow … and ticketing systems to make it suitable for security operation center environments. Enrico M., Integration Architect at a manufacturing company Room for improvement “It be easier to set up and add new sources, which Splunk improving with every new version. Hristo D., Systems/Applications Specialist at a energy/utilities company “What Splunk calls operational intelligence: fast availability of operational data spread across several servers to prevent or react faster to outages or performance decreases. requests per day, completed tasks per user, exceptions, etc.
Splunk Valuable features “Great for making sense of the application log’s events for business needs, e.g. IT and security managers in the IT Central Station online community say that the most important characteristics of security information and event management (SIEM) products is the ability to combine information from several sources and the ability to do intelligent queries on that information.įour of the top SIEM solutions are Splunk, HPE ArcSight, LogRhythm, and IBM Security QRadar SIEM, according to online reviews by enterprise users in the IT Central Station community.īut what do enterprise users really think about these tools? Here, users give a shout out for some of their favorite features, but also give the vendors a little tough love.
0 kommentar(er)
