We performed a comparison between Splunk Enterprise Security and vRealize Network Insight based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The security part is useful as it helps secure the entire environment."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"Its integration is most valuable. Its UI is also pretty much easy."
"It definitely does help with both auditing and as well as regular monitoring. SOC does more monitoring, but ES also gives you other features that are auditing-related. The dashboards are also beneficial."
"I have not seen any outages in the product in the past two years that it has been running in our company, so I think it is good when it comes to the stability part."
"The most valuable feature of Splunk is the management and built-in workflows."
"In the past we used the different application to collect logs. We used SurfWatch and VMware to do so. But, we found that the Splunk has more capacity to do more in less time. They provide a aster speed to index all the events , and this is a huge asset."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"It allowed us to set up NSX and to do microsegmentation, without all of the pain points of having to determine each port and each IP address that needed to have access, and which ones needed to be blocked."
"What's valuable to us is the ability to get a view into the virtual space, which is something we haven't had before. Before, it was done by collecting from network endpoints and extrapolating into the virtual environment. Now it's coming directly from the virtual environment."
"It gives the visibility that was either broken or there in pieces only. This solution provides a unified view of the whole system, back and forth. It has helped to reduce time to value, increase performance, more easily manage networks, and provide deep visibility."
"One of the most valuable features is the ability to look at the traffic flows, to look at NetFlow data."
"With this product, we can precisely identify communication patterns between virtual machines within our data center, whether it's east-east or east-west communication."
"The most valuable feature is the visualization. It's really handy to be able to classify network objects as with applications and see the interaction between them."
"compare-to-competition; I would recommend the product. I don't think there is any other product like this on the market right now."
"The most valuable feature for me is the different views that you can get when selecting an application or a VLAN. It shows you the traffic flows. It gives you a visual representation of something that, in text, just may not make as much sense."
"The GUI can be improved to include some of the capabilities that other BI solutions have."
"It does not give us permission to implement on-premise so we implement them on the cloud."
"I'd like to see more integration with more antivirus systems."
"Endpoint access is the only issue I can think to mention, even though the endpoint access we have with Cisco is fine."
"An improved user interface along with multi-tenancy support would be beneficial."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"Free-floating panels in the dashboards are like a glass table."
"If it could be made available as a service, this would be much better than as a product."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
"The solution can be improved by making it more compatible with other brands, allowing for better integration."
"After you use it for a little while you become accustomed to it but the layout doesn't feel very intuitive. You have to dig around and find the exact place where you can find the information, where you can actually see your east-west traffic, etc. I would like them to bring that information more to the forefront, instead of having to find it."
"If it had some kind of plugins with vSphere, more effective plugins with Horizon View or other VMWare products, if it had interconnectivity, I think it would be more effective than it is today."
"There are some random glitches in the Web UI, but they are usually pretty cosmetic in nature. I don't really seem to use any browser other than Chrome with it. I also get some weird errors from time to time on the hardware NetFlow Collectors, where it doesn't sync data."
"It just needs to be more reliable and more accurate. At some point, there are some things where it does not match properly."
"The only issue we have is that the solution does not always capture the host names."
"I would like to see more reporting features, more dashboards."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews while vRealize Network Insight is ranked 23rd in IT Infrastructure Monitoring with 44 reviews. Splunk Enterprise Security is rated 8.4, while vRealize Network Insight is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, AppNeta by Broadcom, Zabbix and ExtraHop Reveal(x) for IT Operations.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.