• Home
  • Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence)

Splunk Enterprise Security vs Splunk ITSI (IT Service Intelligence) comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence)
May 2023
Executive Summary

We performed a comparison between Splunk Enterprise Security and Splunk ITSI (IT Service Intelligence) based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) Report (Updated: May 2023).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Anith John
Offers great visibility and good connectors to users
Splunk Enterprise Security has aided our organization in the way it provides great visibility and helps with what our company's users do with it.
Chaitanya Moturi
Reduces alerts, offers good performance metrics and has helpful support
We have set up alerts so we can effectively monitor our infrastructure. Even small alerts the users face we can monitor. We started small with a... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions.""Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value.""It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective.""The Splunk queries are valuable.""The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing.""I like the Splunk dashboard and search engine.""The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers.""The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."

More Splunk Enterprise Security Pros →

"The most valuable features are the mapping of the entities, which provides a comprehensive analysis, and the service analyzer for thresholding.""The most valuable features are the service analyzer and Glass Tables.""The modeling required to setup ITSI has been very helpful in providing us a better understanding and a logical view of our services. The modeling is flexible and can be as granular or high level as our needs dictate.""Alerts and episodes are valuable to me.""The observability is great and valuable.""The KPS used to automate the integration policy is the most valuable feature of Splunk ITSI.""We have a lot of teams using Splunk and they would be blind without it.""The flexibility to develop and consolidate many solutions into one platform is great."

More Splunk ITSI (IT Service Intelligence) Pros →

Cons
"If it could be made available as a service, this would be much better than as a product.""This is a costly solution.""The configuration had a bit of a learning curve.""The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files.""I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk.""It takes time to train people.""Splunk needs to be able to hold more days of data. At the moment it only holds three months of data.""The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."

More Splunk Enterprise Security Cons →

"The license cost is expensive.""Splunk ITSI consumes a lot of CPU resources.""Integration is the most critical area to improve in Splunk IT Service Intelligence (ITSI). It wasn't a great experience because you had to do a little back and forth to integrate the solution.""The data recovery has room for improvement.""It would be advantageous to enhance the dashboard by incorporating sections for monitoring, service health, and a filter for the KPIs.""We're using predictive analytics, and there are three or four algorithms. It would be helpful if this process were more standardized and scalable.""It was an intimidating tool for us to jump into at the beginning.""The solution should integrate more features in NEAP."

More Splunk ITSI (IT Service Intelligence) Cons →

Pricing and Cost Advice
  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

  • "I would prefer that the price be reduced, as it would be easier to implement it and to sell it."
  • "Splunk pricing is high."
  • "The pricing of Splunk is a bit high."
  • "Splunk ITSI is a pay-per-use service that is priced fairly based on the amount of data we use."
  • "Its pricing has been changed as per the market. You get a good support service with it as well. They have 24/7 customer support. There is a portal, and if you are having issues, they are available in order to resolve them. So, its pricing isn't too much."
  • "Splunk ITSI is expensive; however, with the appropriate use case, it justifies the cost."
  • "Splunk ITSI is an expensive tool, and we need to purchase the utility license."
  • "Pricing has some room for improvement."

    • More Splunk ITSI (IT Service Intelligence) Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    What do you like most about Splunk ITSI (IT Service Intelligence)?
    Top Answer:The KPS used to automate the integration policy is the most valuable feature of Splunk ITSI.
    Read all 19 answers   →
    What is your experience regarding pricing and costs for Splunk ITSI (IT S...
    Top Answer:The licensing is based on data usage.
    Read all 13 answers   →
    What needs improvement with Splunk ITSI (IT Service Intelligence)?
    Top Answer:After upgrading Splunk ITSI from version 4.11 to 4.13, the analyzer stopped finding values for KPS and services. We had to manually deploy a script to resolve this issue.
    Read all 19 answers   →
    Ranking
    1st
    out of 80 in Security Information and Event Management (SIEM)
    Views
    24,689
    Comparisons
    20,244
    Reviews
    69
    Average Words per Review
    930
    Rating
    8.4
    5th
    out of 55 in IT Alerting and Incident Management
    Views
    142
    Comparisons
    91
    Reviews
    24
    Average Words per Review
    811
    Rating
    8.1
    Comparisons
    Learn More
    Splunk
    Splunk
    Overview

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Splunk IT Service Intelligence (ITSI) is a powerful analytics-driven monitoring and analytics solution that provides real-time insights into the health and performance of IT services. 

    It enables organizations to proactively identify and resolve issues, optimize service delivery, and improve overall IT operations. With its advanced machine learning capabilities, ITSI automatically detects anomalies, predicts future events, and prioritizes alerts based on business impact. 

    The solution offers a centralized view of IT services, allowing users to visualize and analyze data from multiple sources in a single dashboard. ITSI also provides customizable KPIs, service-level agreements (SLAs), and key performance indicators (KPIs) to measure and track service performance. 

    With its intuitive interface and powerful analytics capabilities, Splunk ITSI empowers IT teams to deliver reliable and efficient services, ensuring maximum uptime and customer satisfaction.

    Sample Customers
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    TransUnion, Cox Automotive, Carnival Cruises, Leidos, Econocom, National Ignition Factory, Entrust Datacard, Molina Healthcare, United States Census Bureau
    Top Industries
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm15%
    Government9%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm35%
    Computer Software Company18%
    Insurance Company12%
    Logistics Company12%
    VISITORS READING REVIEWS
    Financial Services Firm20%
    Computer Software Company13%
    Government13%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business31%
    Midsize Enterprise11%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    REVIEWERS
    Small Business10%
    Midsize Enterprise19%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise7%
    Large Enterprise79%
    Buyer's Guide
    Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence)
    May 2023
    Free Report: Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence)
    Find out what your peers are saying about Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) and other solutions. Updated: May 2023.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Splunk ITSI (IT Service Intelligence) is ranked 5th in IT Alerting and Incident Management with 30 reviews. Splunk Enterprise Security is rated 8.4, while Splunk ITSI (IT Service Intelligence) is rated 8.2. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Splunk ITSI (IT Service Intelligence) writes "Helps improve our incident response time, and our mean time to resolve, but visibility is limited". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Splunk ITSI (IT Service Intelligence) is most compared with ServiceNow IT Operations Management, Grafana, Dynatrace, Splunk APM and Elastic Observability. See our Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) report.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.