We performed a comparison between Sentinel and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The tool is simple to use."
"It makes everything easier by automating some tasks and growing with our needs."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The speed of the search engine"
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
"The search function for spam is like a google search. You just enter and it will quickly show you the results."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports."
"We are using Microsoft 365 and we're using the Exchange Mail Service. It's good for monitoring that in particular."
"Splunk is stable, and this is why many customers want it."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"The dashboard and customer view should be improved"
"I would like to see a better reporting work structure on the dashboard."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"It is an ancient product."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"The solution does not allow outsourced authorizations."
"I rate Sentinel a six out of ten for scalability."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"The security can be improved."
"I find that the learning curve for Splunk is relatively lengthy."
"This is not really a monitoring solution."
"Enterprise security: Splunk must work on clarifying the solution to customers and explain how to gain more from it."
"Although the technical support is adequate, there is still room for improvement."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices."
Sentinel is ranked 18th in Security Information and Event Management (SIEM) with 15 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Sentinel is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Sentinel is most compared with IBM Security QRadar, Google Chronicle Suite, Wazuh, Microsoft Sentinel and LogRhythm SIEM, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and New Relic. See our Sentinel vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.