We performed a comparison between Splunk Enterprise Security and Splunk ITSI (IT Service Intelligence) based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."
"Low barrier to start searching with the ability to normalize data on the fly."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"The SIEM is the most valuable feature of the product."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"The logs on the solution are excellent."
"The product provides visibility and enables us to correlate data and generate alerts."
"It helped us consolidate all our solutions into an easy tool to use for various employees."
"I find the episode review, glass tables, and correlation search features very useful."
"The most valuable aspect lies in its utilization of predictive analytics to anticipate and prevent incidents within a window of twenty to thirty minutes."
"In my opinion, Splunk IT Service Intelligence (ITSI) is better than QRadar. With the help of Splunk, we can get results."
"The solution is easy to scale."
"The root cause analysis is very helpful for us."
"ITSI's most valuable feature is that it's easy to integrate DLP."
"The modeling required to setup ITSI has been very helpful in providing us a better understanding and a logical view of our services. The modeling is flexible and can be as granular or high level as our needs dictate."
"We have a lot of teams using Splunk and they would be blind without it."
"Their technical support sucks."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"I would like to see more SIEM functionality and a better ticket tool."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
"I'd like to see more integration with more antivirus systems."
"It needs integration with a configuration management solution."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"We're using predictive analytics, and there are three or four algorithms. It would be helpful if this process were more standardized and scalable."
"If the product had some prebuilt machine learning features, it would add value to our use cases."
"We have problems doing upgrades and operating alternate new versions."
"The problem becomes the price, as Splunk is an expensive product."
"The end-to-end visibility in Splunk ITSI is limited and has room for improvement."
"It is pretty okay. I am not sure whether the current release has already moved to the new framework where instead of the glass tables, we can directly use the Dashboard Studio. It would be nice to have that integrated into the same framework."
"It would be advantageous to enhance the dashboard by incorporating sections for monitoring, service health, and a filter for the KPIs."
"After upgrading Splunk ITSI from version 4.11 to 4.13, the analyzer stopped finding values for KPS and services."
More Splunk ITSI (IT Service Intelligence) Pricing and Cost Advice →
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 245 reviews while Splunk ITSI (IT Service Intelligence) is ranked 5th in IT Alerting and Incident Management with 30 reviews. Splunk Enterprise Security is rated 8.4, while Splunk ITSI (IT Service Intelligence) is rated 8.2. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Splunk ITSI (IT Service Intelligence) writes "Helps improve our incident response time, and our mean time to resolve, but visibility is limited". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Splunk ITSI (IT Service Intelligence) is most compared with ServiceNow IT Operations Management, Dynatrace, Grafana, Splunk APM and BigPanda. See our Splunk Enterprise Security vs. Splunk ITSI (IT Service Intelligence) report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.