We performed a comparison between Elastic Observability and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Machine learning is the most valuable feature of this solution."
"We can view and connect different sources to the dashboard using it."
"Its diverse set of features available on the cloud is of significant importance."
"Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning over a month from multiple data sources can be completed within seconds."
"We use AppDynamics and Elastic. The reason why we're using Elastic APM is because of the license count. It's very favorable compared to AppDynamics. It's inexpensive; it's economical."
"It has always been a stable solution."
"The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes."
"For full stack observability, Elastic is the best tool compared with any other tool ."
"The most useful feature for me is the ability to create different kinds of alerts and set a different kind of denominator that will capture the real event. That is helpful for a power user like me."
"It gives us good visibility into multiple environments, including cloud, on-premises, and hybrid; irrespective of platform."
"The correlation searches are most valuable just because we are able to do things like RBA."
"We can easily configure things as required in relation to our use cases."
"The graph visualization is the most valuable feature."
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
"We used it to create a custom anomaly detection data model to monitor the activity of our back-end services on an hourly basis relative to the past three months of activity."
"You can use it to gather syslog messages from anything."
"If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"Elastic Observability is an excellent product for monitoring and visibility, but it lacks predictive analytics. Most solutions are aligned with the AIOps requirements, but this piece is missing in Elastic and should be included."
"Elastic Observability needs to have better standardization, logging, and schema."
"The auto-discovery isn't nearly as good. That's a big portion of it. When you drop the agent onto the JVM and you're trying to figure things out, having to go through and manually do all that is cumbersome."
"Improving code insight related to infrastructure and network, particularly focusing on aspects such as firewalls, switches, routers, and testing would be beneficial."
"The solution would be better if it was capable of more automation, especially in a monitoring capacity or for the response to abnormalities."
"There's a steep learning curve if you've never used this solution before."
"Splunk needs local technical support."
"Splunk can be an expensive solution. Technical support could be improved as well."
"The integration could be a bit better. They charge for certain integrations."
"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"The CIM model is the method Splunk uses to normalize data and categorize its important parts, but it is quite complex."
"The glass table feature does not perform as expected."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
Elastic Observability is ranked 13th in Log Management with 22 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Elastic Observability is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Elastic Observability vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.