We performed a comparison between AlienVault OSSIM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"The initial setup is straightforward."
"Inbuilt IDS, inbuilt integration with threat intelligence platform and with vulnerability assessment modules."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"The initial setup was straightforward. I didn't have any problems."
"The solution is very stable. Compared to Qradar and Splunk, it's very stable."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"We can do things in minutes instead of days."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features."
"The feature that we use the most is the correlation search engine within ES."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"One key advantage of Splunk over competitors like IBM QRadar is its superior device integration capabilities."
"The documentation could be improved."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"Sometimes technical issues take very long to get resolved."
"I don't like to work on OSSIM because it is unpredictable."
"The solution needs more integration with cyber intelligence systems."
"It's under heavy traffic. If you have heavy traffic, the system is slow."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"Free-floating panels in the dashboards are like a glass table."
"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down."
"Certain sections of the developer documentation could use some updating and clarification."
"On the technical side, it would be nice to see aspects of the recent acquisition of Phantom make it into the core Splunk Enterprise, not just become a part of the premium Enterprise Security."
"The prices are complicated as we operate in a small third-world country."
"Sometimes the communication with support happens with multiple staff. They should reduce the time to resolution."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. AlienVault OSSIM is rated 7.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Microsoft Sentinel and Fortinet FortiSIEM, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our AlienVault OSSIM vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.