It is very convenient for business users because they get more or less a lot of data readily available. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. Additionally, we can use the graph to see how often that particular event is happening." "It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. The session reports are important because I can use them to see what is going on in our environment weekly. Its UI is also pretty much easy." "We can easily configure things as required in relation to our use cases." "The reporting aspect is good and it does what I need it to do." "The most valuable features in Splunk are the search function and the ability to run selected session reports. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics." That's one reason that having 400 days of live data is pretty huge. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. In the past, our operational norm was to keep live data for only 30 days. And they can not only do so from a security point of view, but even for operational use cases. Devo is pulling back information in a fast fashion, based on real-time events." "Those 400 days of hot data mean that people can look for trends and at what happened in the past. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure.
Splunk enterprise security price full#
This allows for global views and/or isolated views restricted by access controls by company or business unit." "Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data." "The real-time analytics of security-related data are super. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. With this kind of platform, you have that information in real-time." "Devo provides a multi-tenant, cloud-native architecture. You'd have a backlog of processing the logs as it was ingesting them." "It's very, very versatile." "In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. The dashboards are intuitive and highly customizable." "The most valuable feature is definitely the ability that Devo has to ingest data. "The user experience well thought out and the workflows are logical.