Splunk
The Unified Security and Observability Platform for Digital Resilience.
Gartner SIEM Leader
11-time Leader
Gartner Observability Leader
3-time Leader
Parent Organization
Cisco
About Splunk
Splunk's platform enables organizations to gain end-to-end visibility across their entire technology stack. For security, it offers a market-leading SIEM, SOAR, and UEBA to detect and respond to advanced threats. For observability, it provides full-stack insight into applications and infrastructure with AIOps, APM, and infrastructure monitoring. Splunk can be deployed as a cloud service or on-premises, serving a wide range of use cases from IT modernization and service health monitoring to advanced threat detection and compliance reporting. It is widely used by large enterprises to handle massive volumes of machine-generated data.
Security Platform
Siem
Market-leading Security Information and Event Management for threat detection and compliance.
Soar
Security Orchestration, Automation, and Response to accelerate incident response workflows.
Ueba
User and Entity Behavior Analytics to detect anomalies and insider threats.
Threat Intelligence
Integration with threat intelligence feeds to enrich security data.
Observability Platform
Apm
Application Performance Monitoring for full-stack insight and optimized user experiences.
Infrastructure Monitoring
Real-time monitoring of cloud and on-premises infrastructure.
Aiops
IT Service Intelligence (ITSI) to predict and prevent issues with AI.
Log Management
Powerful log investigation and analytics for troubleshooting.
Platform Capabilities
Deployment
Available as a cloud-native service (Splunk Cloud Platform) or for self-hosting (Splunk Enterprise).
Data Ingestion
Collects and indexes any machine data from virtually any source.
Search & Reporting
Features the Search Processing Language (SPL) for deep analysis and visualization.
Extensibility
Supports a wide range of apps and integrations via the Splunkbase marketplace.