We performed a comparison between Palantir Foundry and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two IT Operations Analytics solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Live video sessions enhance the available documentation and allow you to ask questions directly."
"Palantir Foundry is a robust platform that has really strong plugin connectors and provides features for real-time integration."
"The virtualization tool is useful."
"The solution offers very good end-to-end capabilities."
"The ease of use is my favorite feature. We're able to build different models and projects or combine different projects to build one use case."
"It's scalable."
"The security is also excellent. It's highly granular, so the admins have a high degree of control, and there are many levels of security. That worked well. You won't have an EDC unless you put everything onto the platform because it is its own isolated thing."
"Encapsulates all the components without the requirement to integrate or check compatibility."
"We are much faster finding and addressing issues with Splunk."
"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."
"I have found the installation can be of medium difficulty to very complex depending on the use case."
"It gives us the liberty to do more in terms of use cases."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"Deployment server for deploying changes in one go."
"The fact that Splunk is a platform and not just a SIEM solution is a key benefit."
"UBA, User Behavior Analytics, is a key feature."
"Difficult to receive data from external sources."
"Cost of this solution is quite high."
"It requires a lot of manual work and is very time-consuming to get to a functional point."
"The workflow could be improved."
"The solution could use more online documentation for new users."
"Compared to other hyperscalers, Palantir Foundry is complex and not so user-intuitive."
"They do not have a data center in Europe, and we have lots of personally identifiable information in our dataset that needs to be hosted by a third-party data center like Amazon or Microsoft Azure."
"The data lineage was challenging. It's hard to track data from the sources as it moves through stages. Informatica EDC can easily capture and report it because it talks to the metadata. This is generated across those various staging points."
"The implementation and the scanning of the logs can be difficult."
"Sometimes the communication with support happens with multiple staff. They should reduce the time to resolution."
"Spam has different plugins but by default, the logs are not organized, it shows that there are roll-ups that are out of the box. I saw many plugins that can help improve or extend Splunk's functionality but I haven't tried any of them."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away."
"Free-floating panels in the dashboards are like a glass table."
Palantir Foundry is ranked 5th in IT Operations Analytics with 13 reviews while Splunk Enterprise Security is ranked 1st in IT Operations Analytics with 228 reviews. Palantir Foundry is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Palantir Foundry writes "The data visualization is fantastic and the security is excellent". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Palantir Foundry is most compared with Azure Data Factory, Palantir Gotham, SAP Data Services, AWS Glue and Denodo, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Palantir Foundry vs. Splunk Enterprise Security report.
See our list of best IT Operations Analytics vendors.
We monitor all IT Operations Analytics reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.