We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"It is easy to integrate Fortinet FortiAnalyzer with other products. You have a better overview of what's going on."
"Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine."
"The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time."
"We like the fact that we can run minute-by-minute reporting form this solution."
"The interface is simple and easy to navigate."
"The initial setup is straightforward."
"One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained."
"There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections."
"The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"Splunk Enterprise Security is a standard solution providing good customer service and partnership."
"The solution is the market leader."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"The integration is seamless with many devices and operating systems."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"Good for log collection and log management."
"Feature-wise, it is working very well for us. We don't need any additional features. However, its pricing can be improved. For small business customers, price is an important factor."
"The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better."
"I think some improvement is required in real-time log monitoring, as sometimes it gets stuck or displays results after a delay."
"When using this solution, you need a high-level expert to make it work as it should."
"Fortinet FortiAnalyzer cannot receive any queries. They should add this feature in the future to help manage solutions."
"The product should be integrated with other third-party solutions for context exchange."
"Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation."
"From my point of view, at this time, the solution isn't lacking any features or functionalities."
"Missing capability for audio/video and image processing."
"I would like to get visibility into the data pipelines on heavy forwarders and indexers to see exactly their source and the cause of saturation when it occurs. This would help us learn even more about our high use applications."
"The implementation and the scanning of the logs can be difficult."
"It's costly."
"It can be tough to get a hold of somebody in technical support depending on the complexity of the issue."
"An improved user interface along with multi-tenancy support would be beneficial."
"We find that the maintenance process could be a lot better."
"It is a hugely complicated product."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and Datadog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.