We performed a comparison between Elastic Observability and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The architecture and system's stability are simple."
"The product has connectors to many services."
"Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning over a month from multiple data sources can be completed within seconds."
"The price is very less expensive compared to the other solutions."
"Its diverse set of features available on the cloud is of significant importance."
"The solution is open-source and helps with back-end logging. It is also easy to handle."
"Good design and easy to use once implemented."
"Elastic APM has plenty of features, such as the Elastic server for Kibana and many additional plugins. It's a comprehensive tool when used as a logging platform."
"The product is good, it satisfies our customers."
"The most valuable feature is that it's very good for log aggregation."
"Great platform with user-friendly interface and GUI."
"The integration is seamless with many devices and operating systems."
"Splunk Enterprise Security offers valuable features like seamless integration and a SQL-standard Structured Query Language for easy searching."
"It has quite extensive support in terms of integration. If you want to do anything, there are tools for that."
"The graph visualization is the most valuable feature."
"It allows the centralization of data and makes possible new sorts of correlations that were previously impossible using traditional SIEMs such as ArcSight or QRadar."
"If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful."
"Elastic Observability is an excellent product for monitoring and visibility, but it lacks predictive analytics. Most solutions are aligned with the AIOps requirements, but this piece is missing in Elastic and should be included."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"Elastic Observability is difficult to use. There are only three options for customization but this can be difficult for our use case. We do not have other options to choose the metrics shown, such as CPU or memory usage."
"They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base."
"Elastic Observability needs to have better standardization, logging, and schema."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration of hot, warm, and cold zones for data storage. Additionally, managing log retention policies adds further complexity. The solution's pricing also needs to be cheaper."
"The product must improve insider threat detection."
"I would like to see more SIEM functionality and a better ticket tool."
"Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."
"Splunk can improve its third-party device application plugins."
"The training was mostly sales-focused, like how to monitor your sales. It was hard to then come back from doing the training and try to switch it to a cybersecurity focus because all the training we did was sales oriented. The basic training didn't really touch on any kind of cybersecurity use cases or anything like that. That would have been great to see in the training."
"It needs more formatting control without having to be an admin."
"I would like to get visibility into the data pipelines on heavy forwarders and indexers to see exactly their source and the cause of saturation when it occurs. This would help us learn even more about our high use applications."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
Elastic Observability is ranked 14th in Log Management with 22 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Elastic Observability is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our Elastic Observability vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.