It needs “operational workflow … and ticketing systems to make it suitable for security operation center environments. Enrico M., Integration Architect at a manufacturing company Room for improvement “It be easier to set up and add new sources, which Splunk improving with every new version. Hristo D., Systems/Applications Specialist at a energy/utilities company “What Splunk calls operational intelligence: fast availability of operational data spread across several servers to prevent or react faster to outages or performance decreases. requests per day, completed tasks per user, exceptions, etc. Splunk Valuable features “Great for making sense of the application log’s events for business needs, e.g. IT and security managers in the IT Central Station online community say that the most important characteristics of security information and event management (SIEM) products is the ability to combine information from several sources and the ability to do intelligent queries on that information.įour of the top SIEM solutions are Splunk, HPE ArcSight, LogRhythm, and IBM Security QRadar SIEM, according to online reviews by enterprise users in the IT Central Station community.īut what do enterprise users really think about these tools? Here, users give a shout out for some of their favorite features, but also give the vendors a little tough love.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |