We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"We like the fact that we can run minute-by-minute reporting form this solution."
"The solution is easy to use and easy to integrate."
"The most valuable features of Fortinet FortiAnalyzer are the GUI and there is automation that can be done with playbooks and mini-books."
"The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time."
"It's easy to set up the product."
"Logging is the best feature."
"Special notifications about compromised phones are valuable because we have some guest networks, and sometimes, people are connecting phones that are connected to compromised websites. We want to be informed about it. We sometimes have some cases where we want to analyze the connection from inside to outside ports. So, it helps with a lot of things. It depends on our needs."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"We can do things in minutes instead of days."
"Splunk works based on parsing log files."
"Splunk has machine learning which is a valuable feature."
"The search lookups are useful."
"The most valuable feature of Splunk Enterprise Security is website activity monitoring."
"The ability to quickly search logs, performance data, and other inputs has helped tremendously with troubleshooting."
"Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases."
"The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls."
"Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"We'd like to see more embedded features."
"One of the main disadvantages is not having a direct link to the security policy when you see something in the log."
"I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
"Pricing-wise, it not affordable for the normal customer. Most of the people want to see different types of reporting, but FortiAnalyzer's fee is a little bit difficult."
"The solution could improve by allowing the ability to search logs in integrated solutions."
"We had an instance when Splunk failed and it took us a couple of days to recover."
"You do need a lot of training and certification with this product."
"Writing queries is a bit complicated sometimes."
"Given the ever-increasing number of threats, I would like Splunk to update its threat signatures more frequently."
"While Splunk offers SOAR as a separate product, integrating it into the next version of Splunk Enterprise Security as a unified solution would be beneficial."
"I would like to see future development in terms of ML (Machine Learning)."
"While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."
"If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well."
Fortinet FortiAnalyzer is ranked 7th in Log Management with 87 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Grafana Loki, Graylog, Datadog and ManageEngine EventLog Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.