Splunk Primary Use Case
Since we have an IT services company, we have been using Splunk for the deployment to the customer locations as well. Sometimes the customer will come back to us and say that we need to have a SIEM tool, and when we do the benchmarking, we'll do a couple of deployments on the Splunk side and at the customer's locations as well.
As an example use case, we deployed Splunk to a banking institution a few years ago. There the use case was basically this: the customer wanted to set up a security operation center, and they wanted to have a pretty large deployment in terms of the number of endpoints and number of switches and routers. There were many regional branch offices and they have data centers and therefore, many assets in terms of endpoints. They had 30% of their assets are running on the cloud and they needed a complete solution from an incident monitoring and management perspective. That's why we deployed Splunk.
They wanted to reduce the MTTR, and meantime resolution, and maintain detection. They didn't want to add more SOC analysts into their SOC as the organization scaled up. They have a plan to scale from 5,000 endpoints into 15-20,000 endpoints. They're very particular about deploying the SOC operation center.
Splunk has since acquired Phantom as a SOAR platform. Therefore, we have tried to manage the security automation using Phantom with the help of Splunk deployments. It helps us meet the customer's requirements.
In our organization, Splunk is used in our data centers.
We have integration services and other types of systems in our new IoT architecture. We're using it to capture information.
We use Splunk as an aggregator for monitoring information from different sources, however, for our protection suite, we're using Comodo.
It's designed to collect data from different points. It has a lot of integrations built into it and that's why we're using it.
We use it for our enterprise more - such as for messaging. There's a lot of stuff we do on our integration services layer that we use Splunk for. For security purposes, we're using Comodo. Therefore we're not using Splunk for security purposes. We're using it for monitoring what's happening at our integration services layer.View full review »
Data Center Architect at a outsourcing company with 201-500 employees
We typically use it for centralized log management and SIEM functionality.
I am using the most recent version of it.View full review »
I have some experience with the solution, since I am working with customers who are interested in part time help monitoring their network and have been helping them fine-tune the rules in the solution's platform. The way the primary task works is to watch for and then respond to the threat. Should there be a need, I usually work with a team in fine-tuning the rules on this platform. We are providing the products.
I recently started working primarily on the Playbooks of the Splunk Phantom, so I've been creating some of these to help the customer automate the process of responding to the threats.View full review »
Senior Consultant at sectecs
My reason for implementing it was just to learn more about the product. I wanted to learn about the Splunk programming language, how to pipe searches, add logs, verify the logs, create fields, extract data into fields, build dashboards, and to get hands-on experience with the product.View full review »
Audit Remideation/Financial Manager at a tech services company with 1,001-5,000 employees
The solution is primarily used to monitor the operating system for threats, specifically related to login threats. If someone trying to log-in, or somebody trying to break into the system, the idea is it will check that and catch things. It's mainly for external threats to the operating system.View full review »
CSSP Manager at a tech services company with 51-200 employees
I'm the CSSP manager and we are customers of Splunk.View full review »
Automation Specialist, Analytics at a computer software company with 10,001+ employees
I use Splunk on-and-off — I started with in-house projects, then moved up to commercial projects.View full review »
We primarily use the solution for monitoring and security.
We can use the solution to try to find some correlational data. For example, in banks, there is usually a protocol whereby users cannot withdraw more than a certain amount of money from an ATM. However, we find that, when people are on holiday, they are trying to withdraw more than the allowed amount. It's a use case we can deploy in our country. You can set certain rules and watch the data in order to gain insights.
Senior Solutions Architect at a manufacturing company with 51-200 employees
We are a solution provider and Splunk is something that we provide as a service to our customers.View full review »
Senior Informatica Administrator at a computer software company with 10,001+ employees
We use Splunk on-premise. We mostly use it for log analysis and fraud detection. We are also testing using it in machine learning and other solutions. We have 10 people managing Splunk and we have approximately 150 people using the product in total.View full review »
We are a software development company and Splunk is one of the products that we have implemented for our clients. It is used for log analytics as well as the mobile SDK for checking the stability of mobile applications.View full review »
We primarily use the solution for security and operations monitoring.View full review »
Assistant Vice President at a financial services firm with 10,001+ employees
We primarily use the solution for monitoring our infrastructure.View full review »
CEO at a tech services company with 11-50 employees
We are resellers. We provide solutions to our clients.
Splunk is primarily used for developing CM solutions that are based on the Splunk platform for future security operation center development.
We are concentrating on assisting in the development of a security monitor as well as analysis.
If I am not mistaken, it's a standard CM system for identification, security verification, and event monitoring.View full review »
Senior Network Engineer at a tech services company with 51-200 employees
We typically use Splunk to collect and check all the logs and events around the diverse network environment which includes, firewall, switches, and routers. For example, we have traffic that needs to go from one part of the network to another and if we think there is a firewall blocking it along the path, rather than log in to all the firewalls to see what is happening, we simply go into Splunk and the check traffic going across the parts of the network to see where it is being dropped and what is the likely reason it has been dropped.View full review »
Engineer at a financial services firm with 201-500 employees
It's the primary place where I'd go to do an investigation if I want to see what's going on within an endpoint, or on a network, or with a user.View full review »
Assistant Manager System at a financial services firm with 10,001+ employees
Our primary use case of Splunk is for log monitoring and infrastructure monitoring. If we want to diagnose any issue in our application, we just push our application logs. This is on any client server using the universal forwarder logs on the Splunk server. After indexing, we can create a base log, and create attractive dashboards that are simple to understand and use. I'm a system administrator and we are customers of Splunk.View full review »
Consultant at a financial services firm with 5,001-10,000 employees
We are using Splunk for cybersecurity operations.View full review »
Sr. Cyber Security and Solutions Architect at a government with 10,001+ employees
It's the mainstay of our monitoring solutions that we have for auto-logging, et cetera, for our enterprise solution.View full review »
We are using the mobile SDK to check the stability of mobile applications.View full review »
Typically, we use the solution for critical infrastructure companies.View full review »
We use Splunk for security and also PCI compliance.
We have installed and implemented this solution for several clients in Bolivia with our team. We have received training from Splunk directly, and we have also provided training to our clients.
We deploy two versions: one for on-premise and one for the cloud.
Most of our customers purchase Splunk because they required a tool for gathering and collecting all of the logs from the infrastructure in order to make a correlation between data and to spot patterns surrounding security incidents.View full review »
Founder at a marketing services firm with 11-50 employees
We're using the solution to try to build a virtual network and put Splunk inside it and do some kind of transcentralization with a log server. Our aim is to track connections, network traffic and some personal databases. I'm the founder of the company and we are customers of Splunk.View full review »
IT System Developer/Admin at a manufacturing company with 10,001+ employees
The primary use case of this solution is to monitor Cyber Mission databases.
I create the diagrams to create an architecture that is then implemented. However, creating these diagrams are for my own learnings since these implementations are usually already available in the cloud office logs.View full review »
Network Operations Center Engineer at a tech company with 51-200 employees
We use the solution for monitoring systems. We also use it with servers and CG routers from the data center, as well as for collecting the ADL from all networks which are located in our regions of the country.View full review »
Security Professional at a tech services company with 501-1,000 employees
Sr. IT Manager at a government with 10,001+ employees
We use Splunk for log analysis and security monitoring.View full review »
We use a lot of sales metrics. We use machine learning models to provide sales forecasting. We create database connections and run a query on the database. The next step is to place the data into Splunk. We create indexes to get the data into the Splunk dashboard.View full review »
Product Manager, FX Solutions at a tech services company with 10,001+ employees
I use this solution for data visualization.View full review »
Technical manager at a tech services company with 11-50 employees
My primary use case is for log management. It's mostly deployed on-premises, but it can be cloud-based as well.View full review »
President at a non-profit with self employed
We use Splunk for analyzing data.View full review »
Sr. IT Manager at a government with 10,001+ employees
We are using Splunk to look at the logs, and see what is happening.View full review »
SOC Analyst at a wholesaler/distributor with 10,001+ employees
We have multiple use cases, almost 200 plus use cases. An example, travel activities where you log in.View full review »