We performed a comparison between Splunk Enterprise Security and Splunk ITSI (IT Service Intelligence) based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features."
"It gives us the liberty to do more in terms of use cases."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"The reporting aspect is good and it does what I need it to do."
"The most valuable feature is the custom dashboard feature."
"Splunk's visualizations make it easy for users to understand the data."
"I like Splunk's data aggregation and search capabilities."
"If I need to integrate devices for logs, it is easier with Splunk. We can integrate different applications, network devices, and databases. It is also very rich in documents. It is the best."
"ITSI provides a visual representation of complex tools and context, using color coding and other features to make it easy for anyone at the monitoring or service desk to use."
"The KPS used to automate the integration policy is the most valuable feature of Splunk ITSI."
"The most valuable features are the mapping of the entities, which provides a comprehensive analysis, and the service analyzer for thresholding."
"The solution is easy to scale."
"The most valuable feature is the Glass Tables. It gives you a nice, good overview of your KPIs. It's really slick and clean."
"Splunk Episodes are valuable because it correlates and aggregates all the information, and you do not have one million events to look at and triage, so it is quite convenient."
"Alerts and episodes are valuable to me."
"The glass tables are very helpful."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"Most of my interaction is with the user community, which is how Splunk wants it. When I need help, that community is very hit or miss."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"Cybersecurity and infrastructure monitoring have room for improvement."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
"It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect."
"I would like additional features in different programming models with the support for writing queries in SQL or other languages, such as C#, Java, or some other type of query definitions."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"The end-to-end visibility in Splunk ITSI is limited and has room for improvement."
"We'd like them to show more inputs on the dashboard."
"Splunk ITSI generates numerous false positives and has the potential for enhancement."
"The license cost is expensive."
"We have problems doing upgrades and operating alternate new versions."
"The cost of the license could be lower."
"We're getting alerts with delays of maybe five minutes, however, we'd like to see real-time alerting in the future."
"It could be a little easier to use with the thresholding. We've struggled a little bit with thresholding."
More Splunk ITSI (IT Service Intelligence) Pricing and Cost Advice →
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews while Splunk ITSI (IT Service Intelligence) is ranked 4th in IT Alerting and Incident Management with 30 reviews. Splunk Enterprise Security is rated 8.4, while Splunk ITSI (IT Service Intelligence) is rated 8.2. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Splunk ITSI (IT Service Intelligence) writes "Helps improve our incident response time, and our mean time to resolve, but visibility is limited". Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel, whereas Splunk ITSI (IT Service Intelligence) is most compared with ServiceNow IT Operations Management, Dynatrace, Grafana, Splunk APM and BigPanda. See our Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
