We performed a comparison between Splunk Enterprise Security and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The log aggregation is great."
"It is a one stop shop as a full monitoring and alerting solution for operations and application analysis for most of our back-end systems."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"The initial setup is really straightforward. It's one of the easiest installations."
"Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful gets into the system."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"The support and the pricing can be better"
"It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away."
"There can be a bit of complexity around some fields during the initial setup."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"The setup time is quite long."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"The product's price may be an area of concern where improvements are required."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"There are some API gaps that are missing."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"Sumo Logic needs to make sure integrating solutions are seamless."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"The solution should improve its UI."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 244 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. Splunk Enterprise Security is rated 8.4, while Sumo Logic Security is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Sumo Logic Security is most compared with Wazuh, Microsoft Sentinel, Rapid7 InsightIDR, VMware Aria Operations for Logs and Grafana Loki. See our Splunk Enterprise Security vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.