We performed a comparison between Logz.io and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The pricing of the product is excellent."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"We have no complaints about the features or functionality."
"The main benefit is the ease of integration."
"Sentinel pricing is good"
"It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want."
"The query mechanism for response codes and application health is valuable."
"The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks."
"The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive."
"We use the tool to track the dev and production environment."
"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general."
"We use the product for log collection and monitoring."
"The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues."
"It scales better in the cloud than on-premise."
"I have found the installation can be of medium difficulty to very complex depending on the use case."
"Splunk is a user-friendly solution."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"It is very easy to use and integrate. There are connectors for every technology."
"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."
"It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want."
"The product has a good security posture."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Sentinel's reporting is complex and can be more user-friendly."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"I think the number one area of improvement for Sentinel would be the cost."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"The solution could improve the playbooks."
"Capacity planning could be a little bit of a struggle."
"The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well."
"I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back."
"The price can be cheaper and they should have better monitoring."
"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more."
"I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."
"The product needs improvement from a filtering perspective."
"The solution needs to expand its access control and make it accessible through API."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"AngularJS/ReactJS inclusion could be made easier in GUI."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform."
"If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide."
". Having a trial version or more training on Splunk would be helpful."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
Logz.io is ranked 23rd in Log Management with 8 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Logz.io is rated 8.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of Logz.io writes "The solution is a consistent logging platform that provides excellent query mechanisms". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Logz.io is most compared with Datadog, Wazuh, Coralogix, Fortinet FortiAnalyzer and Graylog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Logz.io vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.