We performed a comparison between Splunk Enterprise Security and vRealize Network Insight based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"To get visibility from your network devices, servers, and security devices is a great feature."
"The initial setup is really straightforward. It's one of the easiest installations."
"Search language is easy to understand and teach to new users."
"I am satisfied with the support."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"Compared to IBM QRadar, Splunk Enterprise Security offers faster alert resolution."
"By doing dependency mapping, it makes migrations more efficient. There are less outages that require engineers to spend additional hours troubleshooting the migration failures."
"The gradual way the Network Insight shows you all the relevant information about your networks. It's pretty good. You can really dig deep deep inside and see where the problem is, where it comes from, what you have inside, how did you configure it. Also, it has alerts so you can have pretty much quite a big overview about your network. This is really something good."
"Also, the ability to troubleshoot all the way across the NSX part of it to the physical and actually watch the packets go through and then see where the bottleneck is or where the interruption is. We run queries on the network flows within the application to find where they are in it and it graphically tells us how the packets are actually going through the system."
"The solution has helped improve our organization by directing the network traffic using SDN."
"The ability to use the natural language query and see the visualization is quickly intuitive, and it works very well."
"I find it user-friendly and intuitive. With the GUI interface that we do use on a regular basis, it's easy to navigate, it's easy to see, easy to query. We get reports. It's easy to use."
"It is user-friendly. It's pretty simple to deploy and to run. It gives you pretty easy-to-understand reports, very graphically intense, so you can visualize what's going on in your network."
"It's user-friendly. It's similar to the GUI that most VMware products are moving to, and the consistency across those makes it easy to switch from one product to another. Also, the search bar at the top is plain text and it helps you, it guides you along with your search query, so that helps. The first day you're in there you can start building actual queries."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"More control with Splunk Cloud as it seems a bit limited. I used to manage an on-premise instance of Splunk Enterprise and really liked having more control over it."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."
"On the technical side, it would be nice to see aspects of the recent acquisition of Phantom make it into the core Splunk Enterprise, not just become a part of the premium Enterprise Security."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"The upgrading process could be smoother."
"It does not give us permission to implement on-premise so we implement them on the cloud."
"There are some random glitches in the Web UI, but they are usually pretty cosmetic in nature. I don't really seem to use any browser other than Chrome with it. I also get some weird errors from time to time on the hardware NetFlow Collectors, where it doesn't sync data."
"The IT infrastructure industry is expected to evolve towards a hybrid cloud model in the next five to ten years. In this model, most of the customer's resources reside on-premise within a private cloud setup, such as VMware. Another segment operates within public cloud environments like Azure and AWS, and a portion remains in traditional data centers. There should be seamless interoperability between public and private clouds. AWS and VMware need to work together to make it possible. Whether users interact with on-premise infrastructure or configure resources in the public cloud, the user experience must be seamless."
"Support could be much better."
"I would like to see them expand the capabilities to infrastructure types other than just VMware."
"I want to be able to monitor a network flow that is approximately two weeks back, but I haven't found an easy way to do this."
"I'd like to see better support for being able to search the hardware NetFlow data. It ingests fairly well, but you can't tell, in a lot of cases, what source the data came from. I'd like to see more support for picking specific sources. That way you could really make a compelling use case. There are also some difficulties where it can't exactly trace the path between source and destination but if you hit the reverse flow on the same search it shows the entire path."
"The UI, even though once you get to know it, it's easier, still it's hard to figure out by yourself. You have to go read, watch videos. It has a lot of data on it. So that is an issue."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 245 reviews while vRealize Network Insight is ranked 24th in IT Infrastructure Monitoring with 44 reviews. Splunk Enterprise Security is rated 8.4, while vRealize Network Insight is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, AppNeta by Broadcom, Zabbix and Cisco Secure Network Analytics.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
