• Home
  • Fortinet FortiAnalyzer vs. Splunk Enterprise Security

Fortinet FortiAnalyzer vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiAnalyzer

Read 81 Fortinet FortiAnalyzer reviews
10,122 views|5,670 comparisons
91% willing to recommend
Splunk Logo

Splunk Enterprise Security

Read 228 Splunk Enterprise Security reviews
27,900 views|22,601 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Fortinet FortiAnalyzer vs. Splunk Enterprise Security
April 2024
Executive Summary
Updated on Sep 22, 2023

We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:

  • Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality. 

  • Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.

  • Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.

  • Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators. 

  • Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.

  • ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.

Conclusion: Users appreciate Splunk's superior log aggregation, data analytics, and dashboard functionalities but some bemoaned the lack of advanced AI capabilities and said Splunk could be more user-friendly. Fortinet excels in log collection and integration capabilities. However, it lags behind in areas such as pricing, technical support, and integration with other vendors and solutions. 
To learn more, read our detailed Fortinet FortiAnalyzer vs. Splunk Enterprise Security Report (Updated: April 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Mohamed Gohary
Enriches visibility for security solutions
FortiAnalyzer has enriched the visibility for all our security solutions.
Vikas Dusa
Quickly identifies threats, secures our environment faster, and reduces alert volumes
The Splunk dashboards are user-friendly. I would rate Splunk's threat topology an eight out of ten. The threat topology provides a complete map so... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the capability to create a customized dashboard.""The solution does what it is supposed to. I want it to do reports for Fortinet and it does it well.""The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects.""One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained.""The program is stable and it gives me great visibility.""The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale.""From my perspective, we need to see the traffic in a good way so we can know what has happened in our network. The analyzing tools and the monitoring tools and the logs are the important part in the network.""The most valuable features of Fortinet FortiAnalyzer are the dashboards and supporting services."

More Fortinet FortiAnalyzer Pros →

"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize.""I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features.""It is very scalable.""I like the search feature and the indexing. It's very fast and comprehensive.""Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases.""UBA, User Behavior Analytics, is a key feature.""What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis.""One key advantage of Splunk over competitors like IBM QRadar is its superior device integration capabilities."

More Splunk Enterprise Security Pros →

Cons
"The solution is expensive.""It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot.""If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud.""We should be able to do the patch upgrades in a centralized manner. This functionality is currently not there. It would be good to be able to do the firmware updates from one place and at the same time. Currently, if we want to update all appliances, we require FortiManager, which is another solution from Fortinet. Its documentation can be improved. It will be helpful for implementing the product and gaining knowledge for management purposes.""I would like to see an improvement in the technical support. Stronger authentication will also be a plus.""FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc.""Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues.""In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."

More Fortinet FortiAnalyzer Cons →

"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times.""​On the technical side, it would be nice to see aspects of the recent acquisition of Phantom make it into the core Splunk Enterprise, not just become a part of the premium Enterprise Security.​""The only improvement I am expecting is the cost of the licensing. Clients are going to other solutions just because of the cost.""It is a hugely complicated product.""It needs more formatting control without having to be an admin.""The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use.""When we do a rollout from the server or host or anything, we'd like to see more automation. It would save us time.""The level of scalability depends on the license you have. You can expand or reduce it based on the environment. It does cost more money to scale, however."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "Its worth spending on FortiAnalyzer if you have multiple firewalls in your network."
  • "The hardware cost and services contract are fair."
  • "​It depends upon the company.​"
  • "The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis."
  • "All Fortinet programs come at a good price."
  • "We have several products including Fortinet Wireless, FortiGate Firewalls, and FortiAnalyzer, which are bundled together and cost approximately $50,000 USD annually."
  • "We have around 12 devices and yearly we spend approximately $14,000."
  • "The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users."

    • More Fortinet FortiAnalyzer Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about Fortinet FortiAnalyzer?
    Top Answer:The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects.
    Read all 49 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiAna...
    Top Answer:The pricing model is subscription-based. It involves payment for both the license and ongoing support. I would rate it seven out of ten.
    Read all 36 answers   →
    What needs improvement with Fortinet FortiAnalyzer?
    Top Answer:It would be beneficial to enhance the streamlining of the generation of automated reports related to compliance, such as PCI DSS or HIPAA, based on the logs collected. Automated reports focusing on… more »
    Read all 48 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    8th
    out of 95 in Log Management
    Views
    10,122
    Comparisons
    5,670
    Reviews
    38
    Average Words per Review
    415
    Rating
    8.0
    1st
    out of 95 in Log Management
    Views
    27,900
    Comparisons
    22,601
    Reviews
    63
    Average Words per Review
    958
    Rating
    8.4
    Comparisons
    Learn More
    Fortinet
    Splunk
    Overview

    Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.

    Fortinet FortiAnalyzer Features

    Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:

    • Advanced threat detection capabilities
    • Centralized security analytics
    • End-to-end security posture awareness
    • Integration with FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, and FortiMail
    • Incident detection and response
    • Playbook automation
    • Event management
    • Security services
    • Analytics and reporting

    Fortinet FortiAnalyzer Benefits

    There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:

    • Flexible deployment options
    • Enterprise-grade high availability
    • Security automation to reduce complexity, leveraging REST API, scripts, connectors, and automation stitches
    • Multi-tenancy solution with quota management, leveraging (ADOMs) to separate customer data and manage domains for operational effectiveness and compliance

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.

    PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”

    Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”

    Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."

    Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    General Directorate of Information Technology
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Comms Service Provider20%
    Computer Software Company16%
    Manufacturing Company14%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government8%
    Comms Service Provider8%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business49%
    Midsize Enterprise24%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise51%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Fortinet FortiAnalyzer vs. Splunk Enterprise Security
    April 2024
    Free Report: Fortinet FortiAnalyzer vs. Splunk Enterprise Security
    Find out what your peers are saying about Fortinet FortiAnalyzer vs. Splunk Enterprise Security and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Fortinet FortiAnalyzer is ranked 8th in Log Management with 81 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and ManageEngine EventLog Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.