The Splunk Free license is intended for individual use. The Splunk Enterprise and Splunk Cloud licenses offer added capabilities to support multi-user, distributed deployments and includes alerting, role-based security, single sign-on, scheduled PDF delivery, clustering, premium Splunk apps and support for much higher data volumes.

Feature Description Splunk Free Splunk Enterprise Splunk Cloud
Indexing Volume Maximum indexing volume per day 500MB/day Unlimited
(according to license)
5GB/day to multi-TB/day
(according to license)
Data Onboarding Wizard-based workflow to simplify onboarding of any data source      
Universal Indexing Universal real-time indexing of machine data      
Search Ad hoc search across real-time and historical data      
Distributed Search Search across multiple Splunk deployments; supports load balancing and failover      
Monitoring & Alerting Monitor and alert for individual and correlated real-time events      
Reporting Ad hoc reports across real-time and historical data      
Knowledge Mapping Knowledge mapped to machine data artifacts      
Dashboards Highly customizable and interactive dashboards integrating real-time machine data and charts, reports and tables      
Data Model Used to define consistent relationships in machine data      
Pivot Drag-and-drop UI to explore, manipulate and visualize machine data      
Event pattern detection Automatically discovers patterns in your data with a single click      
High Performance Analytics Store High performance analytics technology      
Report Acceleration Transparent data summarization technology      
Embedded Reports Embed charts and reports in other third-party business applications external to Splunk Enterprise      
PDF Delivery Scheduled and automated PDF generation and delivery of reports and dashboards      
Access Control and Single Sign-On Integrated role-based access control and user authentication with LDAP directory and single sign-on integration      
Single-site Clustering High availability architecture for machine data availability in a single site deployment      
Distributed Management Console Centrally manage the health and performance of distributed Splunk deployments      
Multi-site Clustering High availability architecture for disaster recovery in a multi-site deployment     On request
Universal Forwarder Forwarding of data securely and reliably from remote systems in real time      
Forwarder Management UI for monitoring and deploying Forwarder configurations      
Rich Developer Environment Developer platform for building enterprise apps that leverage Splunk modern web languages      
Apps Access to hundreds of partner, community and Splunk apps from the Splunk apps website      
Premium Apps Access to premium Splunk apps      
Standard Support Access full product documentation, Splunk apps, Splunk Answers and IRC channel      
Enterprise Support Direct access to Splunk Customer Support, ability to manage cases online, tailored support levels      

Contact Sales

Need help with your environment and requirements? Send us your questions and we will get back to you as soon as possible.

 

If you need immediate assistance, check out our community forum, Splunk Answers.

Contact Sales
vi ly expert