We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Log aggregation and data connectors are the most valuable features."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"We have no complaints about the features or functionality."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"It gives me notifications of notable events."
"The logs on the solution are excellent."
"It allows us to digest the information, the data, the different data streams, so we can make decisions based upon information that we receive, and it is pretty robust."
"The product is good, it satisfies our customers."
"The ability to ingest different log types from many different products in our environment is most valuable."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"The most valuable features are the logs, which allow us to identify what happened and who interacted with the web repository."
"Visualization attributes: Marks – Color, Size, Label, etc.. Easily Accessible and Intuitive."
"The best thing I like about Tableau is that you don't have to go for creating; it is calculated free."
"The feature that is currently most valuable is the import feature where I can link to an Excel data source. I'm not using it with any other data source, such as SQL Server. I directly link it to an Excel sheet, and if I change anything in that Excel sheet, the changed data immediately gets reflected in the virtualization. This is something that is very convenient for me as of now."
"Tableau is an advanced specialized tool. One of the best features I've seen is the lack of an intermediate semantic layer. I think that's an advantage compared to any other tool like BusinessObjects or Power BI, which are Tableau's biggest competitors."
"It's very easy to use and users don't need any IT support to access it as the information is right there."
"The most valuable feature is the richness of its visualization and from a self-service standpoint, the ease of use."
"It's a very good, flexible product, and it's easy to learn."
"Tableau has data relationships that can be applied to a data source which helps build out a directory which is helpful. Data blending has also been valuable to us."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"We are invoiced according to the amount of data generated within each log."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We'd like to see more connectors."
"Splunk could have more built-in use case presets that customers can build on and customize."
"It needs integration with a configuration management solution."
"Technical support needs to be more responsive."
"Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."
"The presence of multiple layers creates a significant challenge for monitoring across cloud environments."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
"If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"Many things have to be improved in Tableau. Right now, we make the calculation, and then we get that information. It would be better if business users could do that. I would ask the people at Tableau to provide that option to business users to get that information in one click. It would be better if they automated some calculations. There should be more automation in Tableau. However, there are many things in automation mode, but it is very limited at the moment. We need automation for people who do not know much about Tableau. It would also be better if there were good community support like in Alteryx."
"The customization requires a lot of effort and should be simplified. The performance could be better."
"I would like the solution to have certain features allowing the delivery of reports to the email."
"They need to improve the bar chart position and width."
"When there are millions of records, scaling up is quite difficult."
"I would like Tableau Prep to be integrated with Tableau Desktop. I would also like more customizations for tables."
"Improvements can be made in template support. The workbook file structure is really hard to version control. If there was some sort of version control support offered particularly for workbooks, that would help big time."
"It is not so great when it comes to data exchange/integration, data mining, etc."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 228 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 292 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.