We performed a comparison between IBM SevOne Network Performance Management (NPM) and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The modules and the performance management reports that come with data insights are two of the most valuable features. I also find the reports for Wi-Fi, Netflow, LAN, and WAN for monitoring to be very good."
"The most valuable feature is the NMS because that's the core of the system. Without the NMS, the other tools aren't that usable."
"The monitoring of the network is very customizable. That is its unique feature."
"The SMP and the xStats, which is for flat file integration, are both useful for integrating the various metrics that the device provides to monitor the performance of those systems."
"In 90% of the cases, new devices are plug-and-play, so when a new version comes out then SevOne has support for it out of the box."
"We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"SevOne has rich API capabilities, giving us the flexibility to control what we collect and customize the collection, creation, and manipulation of now metrics as necessary."
"One of the solution's biggest strengths is its capacity management performance, with out-of-the-box reports through NMS, as well as its ability to collect NetFlow-related data from devices. The collection of network performance and flow data is important because we have many critical business applications."
"Easy to deploy and simple to use."
"We can quickly search for almost anything across many log sources in seconds."
"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."
"You can check up on security from the dashboards."
"It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull on the reports very easily, take action, and notify stakeholders."
"The product is good, it satisfies our customers."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"We can easily configure things as required in relation to our use cases."
"I'm not really sure if this was the software's fault or a server issue, but a couple of years back the disks were failing on our SevOne physical server every month and the server would go down. The secondary server took over from the primary until the disk issue was resolved. That was annoying."
"The user management features need to be improved. It would be nice if we had more granular control, or layers of control, out of the box."
"The customizations are very hard. The person doing it has to be very good at analytics and has to be very good in all languages"
"We previously have had discussions on some reporting enhancements. So, we raised a feature request, which was delivered from SevOne."
"The method of searching for SIP and the way to create the groups."
"Some similar solutions offer end-to-end visibility."
"SevOne should work with the graphs legend functionality."
"With the administrative management of the appliance, if some object appears from SevOne because something changed in the network or whatever, then as an administrator you will not be aware. If you are using this object in a report, this object will disappear from the report and you will not be aware of it. So, if you have 1,000 reports, you cannot always check these reports everyday to see if objects are missing or information has disappeared. We don't have any information on alerts, saying that something is happening there and maybe we need to take action. If an object was replaced by another one, or if a link was replaced by another one, then the graph needs to be changed because it doesn't exist in the graph anymore. However, we don't have this information."
"More control with Splunk Cloud as it seems a bit limited. I used to manage an on-premise instance of Splunk Enterprise and really liked having more control over it."
"Splunk's implementation process for managing multiple indexes can be complex, especially when dealing with a large number of components."
"Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding. To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this."
". Having a trial version or more training on Splunk would be helpful."
"Could be more user friendly."
"I would like additional features in different programming models with the support for writing queries in SQL or other languages, such as C#, Java, or some other type of query definitions."
"Splunk can be an expensive solution. Technical support could be improved as well."
"The Web Application Firewall will send you too much information because it's more dedicated to security than a normal firewall."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 31st in Log Management with 53 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". IBM SevOne Network Performance Management (NPM) is most compared with Instana Infrastructure Monitoring, LogicMonitor, SolarWinds Network Device Monitor, SolarWinds NPM and Dynatrace, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our IBM SevOne Network Performance Management (NPM) vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.