We performed a comparison between AlienVault OSSIM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the logging capability."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"Better than other SIEM solutions because almost everything can be integrated."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"The paid version of the solution has reporting and better scalability options."
"Asset discovery is good."
"You can customize the dashboards as well as the reporting."
"Splunk Enterprise Security helped us with faster detection of threats."
"We are much faster finding and addressing issues with Splunk."
"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"Low barrier to start searching with the ability to normalize data on the fly."
"The speed of the search engine"
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"The solution helped reduce our alert volume."
"The user interface needs to be friendlier across the board."
"The solution is not scalable."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"The price of this solution is very high and it could be cheaper."
"They can add more compliance templates."
"The incidence reporting could be better."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"It would be good if the solution had some kind of copilot to automate or help write correlation searches."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"Its user interface for everything other than the charts can be improved. Some parts of it can be simplified a bit, such as when importing documents that have the network traffic. When you're going through the information about the network traffic, you have to have the expertise, but even if a program is supposed to be for IT support, it is good to make it user-friendly because it gets easier to train people. When something goes wrong, the more difficult a program is in terms of UI, the harder it is to fix the issue."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices."
"It needs more formatting control without having to be an admin."
"For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is better sharding, when it comes to Splunk, so that data retrieval can be faster."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 28 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. AlienVault OSSIM is rated 7.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Microsoft Sentinel and Fortinet FortiSIEM, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our AlienVault OSSIM vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.