We performed a comparison between AlienVault OSSIM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The paid version of the solution has reporting and better scalability options."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"Asset discovery is good."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"The most valuable feature is the logging capability."
"It helps us uncover bottlenecks in the network."
"The visibility is amazing with easy dashboard creation."
"It gives us good visibility into multiple environments, including cloud, on-premises, and hybrid; irrespective of platform."
"The data representation options in the dashboards are excellent."
"From my experience, the visual aid that it provides is most valuable. There are charts and other means to provide information."
"It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"The most valuable aspect of the solution is the dashboard. It's very intuitive."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"We need more dashboards and we need more customization for dashboards."
"The documentation could be improved."
"It's so hard to configure and explore something new on it."
"I don't like to work on OSSIM because it is unpredictable."
"The price of this solution is very high and it could be cheaper."
"Sometimes technical issues take very long to get resolved."
"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."
"There is improvement needed when importing from some types of data sources."
"The CIM model is the method Splunk uses to normalize data and categorize its important parts, but it is quite complex."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"The UI can be improved. Dashboards and reports can be better in terms of graphics."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"When files are absent, troubleshooting becomes difficult, and performance issues inevitably arise."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. AlienVault OSSIM is rated 7.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Microsoft Sentinel and Fortinet FortiSIEM, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our AlienVault OSSIM vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.