We performed a comparison between Coralogix and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"A non-tech person can easily get used to it."
"The initial setup is straightforward."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution offers very good convenience filtering."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The solution is easy to use and to start with."
"The correlation capabilities are the first value that our clients say they like with Splunk."
"The solution has made us more secure."
"Splunk has facilitated the correlation of information security logs to look for incidents which could cause damage to the company's infrastructure, as well as financial losses from leaks."
"The SIEM is the most valuable feature of the product."
"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
"It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues."
"It helps us uncover bottlenecks in the network."
"The product is good, it satisfies our customers."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The reporting could be more structured."
"I would like to see more AI used in processes."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Maybe they could make it more user-friendly."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"From my experience, Coralogix has horrible Terraform providers."
"The documentation of the tool could be improved"
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"The user interface could be more intuitive and explanatory."
"Delays in responses from the technical team can pose challenges for both vendors and clients, especially considering that Splunk applications and machine solutions are critical assets."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"Splunk Enterprise Security has not helped reduce our alert volume."
"From the commercial point of view, they have to bring down their costs."
"Most of my interaction is with the user community, which is how Splunk wants it. When I need help, that community is very hit or miss."
"Some of the queries are difficult to run and have room for improvement."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"Custom visualizations are real hard. While the default visualizations are good, creating enhanced visualizations are complex."
Coralogix is ranked 26th in Log Management with 7 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 227 reviews. Coralogix is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Elastic Search, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Coralogix vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.