We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable features are security detections, perimeter detection, dashboards, and alerts."
"The flexibility of the solution is quite good."
"The most valuable features are how stable and easy to use Splunk is."
"The completeness of the solution is what we like the most."
"The level of robustness on offer is very good."
"The correlation capabilities are the first value that our clients say they like with Splunk."
"The reporting aspect is good and it does what I need it to do."
"One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us."
"Its dashboard is valuable. If you have a good knowledge of how to create a dashboard, you can create any dashboard related to cybersecurity. If fine-tuned, the alarms that are triggered for instant review are also very valuable and useful."
"Network visibility is something that needs to be improved."
"Endpoint access is the only issue I can think to mention, even though the endpoint access we have with Cisco is fine."
"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
"The price of the solution could be cheaper."
"It needs integration with a configuration management solution."
"If you monitor too much, you can lose performance on your systems."
"Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"The price of this solution for our environment is about £650,000 ($855,000 USD) for three years."
"Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive."
"I think that most of the monitoring solutions are expensive."
"The pricing modules could be improved."
"It's a yearly subscription."
"The pricing model is expensive and a nightmare based on the amount of data."
"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
"This product could use better pricing in general."
"It is economical than other solutions."
Earn 20 points
The ExtraHop Application Performance Management Solution Delivers Unified Visibility Across the IT Environment w/ Proactive Alerts & Accelerated Troubleshooting
Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.
Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.
ExtraHop Reveal(x) for IT Operations is ranked 9th in IT Operations Analytics with 1 review while Splunk is ranked 1st in IT Operations Analytics with 48 reviews. ExtraHop Reveal(x) for IT Operations is rated 7.0, while Splunk is rated 8.0. The top reviewer of ExtraHop Reveal(x) for IT Operations writes "Good security detection and alerts, but we've had challenges with network visibility". On the other hand, the top reviewer of Splunk writes "Good support with an intuitive dashboard but the cost is too high". ExtraHop Reveal(x) for IT Operations is most compared with Cisco Stealthwatch, ThousandEyes, vRealize Network Insight, SolarWinds NPM and gen-E, whereas Splunk is most compared with Dynatrace, Datadog, IBM QRadar, ELK Logstash and Microsoft Sentinel.
See our list of best IT Operations Analytics vendors.
We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.