We performed a comparison between Elastic Search and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Indexing and Search solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."X-Pack provides good features, like authorization and alerts."
"You have dashboards, it is visual, there are maps, you can create canvases. It's more visual than anything that I've ever used."
"The products comes with REST APIs."
"The most valuable features are the ease and speed of the setup."
"The tool's stability and performance are good."
"Helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana."
"The solution has great scalability."
"The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"The most valuable features are the indexing and powerful search features."
"The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"Splunk is more user-friendly than some competing solutions we tried."
"The most valuable feature is the ability to search through a large amount of data."
"The product is at the forefront of auto-remediation networking. It's great."
"Elastic Search could benefit from a more user-friendly onboarding process for beginners."
"The solution has quite a steep learning curve. The usability and general user-friendliness could be improved. However, that is kind of typical with products that have a lot of flexibility, or a lot of capabilities. Sometimes having more choices makes things more complex. It makes it difficult to configure it, though. It's kind of a bitter pill that you have to swallow in the beginning and you really have to get through it."
"They should improve its documentation. Their official documentation is not very informative. They can also improve their technical support. They don't help you much with the customized stuff. They also need to add more visuals. Currently, they have line charts, bar charts, and things like that, and they can add more types of visuals. They should also improve the alerts. They are not very simple to use and are a bit complex. They could add more options to the alerting system."
"I would rate the stability a seven out of ten. We faced a few issues."
"It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there."
"Machine learning on search needs improvement."
"Its licensing needs to be improved. They don't offer a perpetual license. They want to know how many nodes you will be using, and they ask for an annual subscription. Otherwise, they don't give you permission to use it. Our customers are generally military or police departments or customers without connection to the internet. Therefore, this model is not suitable for us. This subscription-based model is not the best for OEM vendors. Another annoying thing about Elasticsearch is its roadmap. We are developing something, and then they say, "Okay. We have removed that feature in this release," and when we are adapting to that release, they say, "Okay. We have removed that one as well." We don't know what they will remove in the next version. They are not looking for backward compatibility from the customers' perspective. They just remove a feature and say, "Okay. We've removed this one." In terms of new features, it should have an ODBC driver so that you can search and integrate this product with existing BI tools and reporting tools. Currently, you need to go for third parties, such as CData, in order to achieve this. ODBC driver is the most important feature required. Its Community Edition does not have security features. For example, you cannot authenticate with a username and password. It should have security features. They might have put it in the latest release."
"There is an index issue in which the data starts to crash as it increases."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"There are occasional bugs."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"The price of Splunk UBA is too high."
"In the future I would like to see simplified statistics and analytical threats."
"We'd like the ability to do custom searches."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Elastic Search is ranked 1st in Indexing and Search with 59 reviews while Splunk User Behavior Analytics is ranked 2nd in User Entity Behavior Analytics (UEBA) with 17 reviews. Elastic Search is rated 8.2, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Elastic Search writes "Played a crucial role in enhancing our cybersecurity efforts ". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Elastic Search is most compared with Faiss, Milvus, Pinecone, Azure Search and Exalead, whereas Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Cynet and Vectra AI. See our Elastic Search vs. Splunk User Behavior Analytics report.
We monitor all Indexing and Search reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.