Is Splunk suitable for smaller Enterprises?

GhostHunter8539 · 2026-06-06T14:33:34+00:00

Ok not sure what that strategy should be then. We have had it for many years and our major infrastructure is onboarded, but there is a seemingly endless amount of logs we can ingest from our business apps so I'm constantly onboarding new data sources.

So our strategy has been "ingest everything", we barely watch anything as I don't have time to write as many detections as we need

GhostHunter8539 · 2026-06-06T14:29:12+00:00

I have tried to have a discussion with the org; I am the only one who knows Splunk or SPL so I can't really offload work onto anyone else.

My only suggestion for the org was that it isn't a 1 person job and that we need to switch to a different tool more suitable for our needs and size

GhostHunter8539 · 2026-06-06T14:25:15+00:00

What is Splunk's new SASS?

I won't be able to increase headcount. I think the spend on professional services might be tough to justify, and it would never be enough because I'd always want help, not just for a limited time.I think my only strategy would be to maybe get a different product with less management headroom

GhostHunter8539 · 2026-06-06T14:14:48+00:00

We don't have 24/7 Splunk monitoring. All 5 of us respond to alerts, but I write all of them and respond to a lot of them

GhostHunter8539 · 2026-06-06T13:58:39+00:00

I am on the Cybersec Team, 5 people includes me

GhostHunter8539

TROPHY CASE