We performed a comparison between AlienVault OSSIM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the logging capability."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"The initial setup is straightforward."
"The paid version of the solution has reporting and better scalability options."
"Better than other SIEM solutions because almost everything can be integrated."
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"Visualizations helped the organisation with a better understanding of its KPIs."
"It helps us uncover bottlenecks in the network."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"It is easy to use, and easy to implement."
"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."
"It is very scalable."
"The client site login is pretty extensible and probably cost-effective."
"The incidence reporting could be better."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"We need more dashboards and we need more customization for dashboards."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"Lacking in depth of reporting."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"The price of this solution is very high and it could be cheaper."
"AlienVault OSSIM is costly."
"This solution could be improved by better pricing in general and by easier installation."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"The support and the pricing can be better"
"It does not give us permission to implement on-premise so we implement them on the cloud."
"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"Certain sections of the developer documentation could use some updating and clarification."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. AlienVault OSSIM is rated 7.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Microsoft Sentinel and Fortinet FortiSIEM, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our AlienVault OSSIM vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.