Splunk

Splunk is the de-facto standard for security information and event management (SIEM) and machine data analytics in enterprise organisations. Their core platform ingests and indexes machine-generated data at massive scale — logs, metrics, traces, network flows, SNMP traps — making it queryable via the Splunk Search Processing Language (SPL). Splunk Enterprise Security (ES) is deployed by the majority of Fortune 500 SOCs for threat detection, investigation, and response. Splunk Observability Cloud (formerly SignalFx + Riverbend) provides full-stack APM, infrastructure monitoring, and distributed tracing. Having been acquired by Cisco in 2024, Splunk's integration into Cisco's security portfolio is a major market development, with full-stack visibility from network device telemetry through application performance positioned as a core differentiator.

Splunk Enterprise, SIEM, Observability Cloud, and machine data analytics platforms.