We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"The initial setup is straightforward."
"Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues."
"The most valuable features of Fortinet FortiAnalyzer are the dashboards and supporting services."
"The solution provides good standardized reports and is easy to troubleshoot."
"One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming."
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"Storage in SSD helps in generating customized reports."
"I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it."
"You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do."
"The most valuable features for us include its robust log management capabilities, which allow us to efficiently handle and retain logs for extended periods as needed."
"Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
"Speeds up root cause analysis and can help identify issues that your organization never realized were occurring."
"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."
"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."
"It helps streamline troubleshooting and log analysis."
"The fact that Splunk is a platform and not just a SIEM solution is a key benefit."
"The solution can improve the incident response function to provide more detailed information on where the incident is originating."
"The user interface could be a bit more user-friendly."
"The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place."
"There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology."
"Fortinet FortiAnalyzer could improve the user interface, and the experience of users receiving the reports and tracking could be better."
"We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution."
"The only issue that I can see is with the cost. For example, if you buy support for one year, you are messed up next year. It's better to buy another gateway."
"It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs."
"Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."
"Their technical support sucks."
"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."
"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"The monitoring aspect of Splunk could be improved. We have to do some queries to get as much information as CrowdStrike or other solutions provide. If you run a big query, you will see a delay. That is the only concern we have because it will take some time if you query large data sets."
"The implementation and the scanning of the logs can be difficult."
"I have concerns about the architecture as well since I can see it is not very well defined."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 81 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and ManageEngine EventLog Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.