Splunk Enterprise Security is praised for its threat intelligence, analytics, and monitoring capabilities, as well as its customizable features. Users acknowledge the need for improvements in user interface, query language, alerting, and performance. The pricing is considered high but worth the investment, with positive feedback on operational efficiency and customer support. On the other hand, Honeycomb.io is appreciated for its advanced visualization, query support, and collaborative tools. Users cite challenges with integrations, interface complexity, pricing, and support resources. The ROI is positive, with users highlighting improved performance and productivity. Customer service is highly praised for its helpfulness and responsiveness.
Features: Splunk Enterprise Security excels in threat intelligence, analytics, and scalability. It offers real-time monitoring, user-friendly interface, and detailed reporting. Honeycomb.io stands out with advanced visualization, high cardinality query support, flexible querying, and collaborative features for real-time sharing and discussion.
Pricing and ROI: Splunk Enterprise Security typically has higher setup costs compared to Honeycomb.io, but users find the value justifies the investment. Honeycomb.io offers competitive pricing and straightforward setup, with flexible licensing options to suit different needs and budgets. Splunk Enterprise Security boasts enhanced operational efficiency, threat detection, incident response, and security event visibility. In comparison, Honeycomb.io focuses on valuable insights, troubleshooting efficiency, and cost savings.
Room for Improvement: Splunk Enterprise Security users desire a more user-friendly interface and simplified search queries. They also seek enhanced alerting/reporting features and improved performance. Conversely, Honeycomb.io users want better integrations, simpler UI, more affordable pricing, and improved support/documentation.
Deployment and customer support: Some users reported varying timelines for deployment and setup with Splunk, while users had mixed feedback on the timeframe for implementing Honeycomb.io, emphasizing the importance of considering the context in which these terms are used. Splunk Enterprise Security's customer service is commended for prompt responses, knowledgeable staff, and helpful solutions. In contrast, Honeycomb.io excels in clear communication, expert assistance, and responsiveness, enhancing the overall user experience.
The summary above is based on 140 interviews we conducted recently with Splunk Enterprise Security and Honeycomb.io users. To access the review's full transcripts, download our report.
"The solution's initial setup process was straightforward since we were getting enough support from Honeycomb.io's team."
"Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"Out-of-the-box, it seems very powerful."
"It's basically one of the best SIEM products on the market."
"The Splunk queries are valuable."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"It has quite extensive support in terms of integration. If you want to do anything, there are tools for that."
"The solution's most valuable feature is that it helps with our use cases to detect anomalies in our data and it is important to my company since we have a lot of data on different logs on the systems."
"The security part is useful as it helps secure the entire environment."
"The process of log scraping gets delayed on Honeycomb.io. At times, it gives false alerts to the application team."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
"Some of the search functions can be better. There has been a lot of talk at the conference about the update of SPL before each iteration. That will be a lot of help."
"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
Honeycomb.io is ranked 37th in Application Performance Monitoring (APM) and Observability with 1 review while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. Honeycomb.io is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Honeycomb.io writes "A valuable solution for application teams to identify downtime and SLO-related issues". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Honeycomb.io is most compared with Grafana, Sentry, Chronosphere, Azure Monitor and Prometheus, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.