We performed a comparison between Splunk Enterprise Security and syslog-ng based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is the market leader."
"The solution has plenty of features that are good."
"The consolidated overview of all the events that come in through our environment and an easy-to-access interface for all our end users are valuable."
"I have not seen any outages in the product in the past two years that it has been running in our company, so I think it is good when it comes to the stability part."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"The most valuable features for us include its robust log management capabilities, which allow us to efficiently handle and retain logs for extended periods as needed."
"I like the ease with which dashboards can be created."
"It has the ability to correlate data, analyze and review it."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is better sharding, when it comes to Splunk, so that data retrieval can be faster."
"Splunk could have more built-in use case presets that customers can build on and customize."
"I find the graphical options really limited and you don't have enough control over how to display the data that you want to see."
"The user experience could be improved."
"Some of the queries are difficult to run and have room for improvement."
"The upgrading process could be smoother."
"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."
"It is a hugely complicated product."
"The filtering has room for improvement."
"There is always the potential for additional integration and protocol extensions."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"There is room for improvement in terms of observability."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews while syslog-ng is ranked 16th in Log Management with 5 reviews. Splunk Enterprise Security is rated 8.4, while syslog-ng is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel, whereas syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Graylog, Grafana Loki, Logstash and ArcSight Logger. See our Splunk Enterprise Security vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.