We performed a comparison between Sentinel and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"It makes everything easier by automating some tasks and growing with our needs."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"Speeds up root cause analysis and can help identify issues that your organization never realized were occurring."
"Splunk has significantly helped with aggregation and correlation of critical logs. Not having to grep on each individual server has made everyone more efficient."
"Splunk has machine learning which is a valuable feature."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"Our clients use the solution to find any threats or vulnerabilities inside their environment."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"It is easy to use, and easy to implement."
"It is an ancient product."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"I rate Sentinel a six out of ten for scalability."
"I would like to see a better reporting work structure on the dashboard."
"There is no integration in the web-side of the tool."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"The solution does not allow outsourced authorizations."
"The dashboard and customer view should be improved"
"I'd like to see more integration with more antivirus systems."
"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."
"We'd like Splunk to reduce false positives."
"It's difficult to set up initially, and their billing model is also a bit complicated."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"The configuration could be better."
"I would like to see future development in terms of ML (Machine Learning)."
"The user experience could be improved."
Sentinel is ranked 18th in Security Information and Event Management (SIEM) with 15 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. Sentinel is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Sentinel is most compared with IBM Security QRadar, Google Chronicle Suite, Wazuh, Microsoft Sentinel and LogRhythm SIEM, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and New Relic. See our Sentinel vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.