We performed a comparison between Security Onion and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion is the most mature solution in the market."
"There are a lot of third-party applications that can be installed."
"The solution has plenty of features that are good."
"Splunk has give us the capability to easily track problems and their status."
"It definitely does help with both auditing and as well as regular monitoring. SOC does more monitoring, but ES also gives you other features that are auditing-related. The dashboards are also beneficial."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"I am satisfied with the support."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"We can ingest and correlate data from virtually any type of system."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
"The initial setup of the solution is a little bit difficult."
"Although the technical support is adequate, there is still room for improvement."
"An improved user interface along with multi-tenancy support would be beneficial."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"Splunk can improve its third-party device application plugins."
"Splunk can improve regex/asset analysis as we do not want to crawl until it is done."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"Its interface and usability can always be improved."
"Some of the search functions can be better. There has been a lot of talk at the conference about the update of SPL before each iteration. That will be a lot of help."
Security Onion is ranked 30th in Log Management with 3 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Security Onion is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Graylog and Kali Linux, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Security Onion vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.