We performed a comparison between Splunk Enterprise Security and Splunk ITSI (IT Service Intelligence) based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"The Splunk queries are valuable."
"The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing."
"I like the Splunk dashboard and search engine."
"The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."
"The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."
"The most valuable features are the mapping of the entities, which provides a comprehensive analysis, and the service analyzer for thresholding."
"The most valuable features are the service analyzer and Glass Tables."
"The modeling required to setup ITSI has been very helpful in providing us a better understanding and a logical view of our services. The modeling is flexible and can be as granular or high level as our needs dictate."
"Alerts and episodes are valuable to me."
"The observability is great and valuable."
"The KPS used to automate the integration policy is the most valuable feature of Splunk ITSI."
"We have a lot of teams using Splunk and they would be blind without it."
"The flexibility to develop and consolidate many solutions into one platform is great."
"If it could be made available as a service, this would be much better than as a product."
"This is a costly solution."
"The configuration had a bit of a learning curve."
"The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"It takes time to train people."
"Splunk needs to be able to hold more days of data. At the moment it only holds three months of data."
"The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."
"The license cost is expensive."
"Splunk ITSI consumes a lot of CPU resources."
"Integration is the most critical area to improve in Splunk IT Service Intelligence (ITSI). It wasn't a great experience because you had to do a little back and forth to integrate the solution."
"The data recovery has room for improvement."
"It would be advantageous to enhance the dashboard by incorporating sections for monitoring, service health, and a filter for the KPIs."
"We're using predictive analytics, and there are three or four algorithms. It would be helpful if this process were more standardized and scalable."
"It was an intimidating tool for us to jump into at the beginning."
"The solution should integrate more features in NEAP."
More Splunk ITSI (IT Service Intelligence) Pricing and Cost Advice →
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Splunk ITSI (IT Service Intelligence) is ranked 5th in IT Alerting and Incident Management with 30 reviews. Splunk Enterprise Security is rated 8.4, while Splunk ITSI (IT Service Intelligence) is rated 8.2. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Splunk ITSI (IT Service Intelligence) writes "Helps improve our incident response time, and our mean time to resolve, but visibility is limited". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Splunk ITSI (IT Service Intelligence) is most compared with ServiceNow IT Operations Management, Grafana, Dynatrace, Splunk APM and Elastic Observability. See our Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.