We performed a comparison between Splunk Enterprise Security and WhatsUp Gold based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI of Sentinel is very good and easy to use, even for beginners."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The product can integrate with any device."
"The pricing of the product is excellent."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The ability to digest any information and then correlate it in accordance with what you need is valuable. The ability to connect to pretty much everything and bring the information in the same format is also valuable. On top of that, we can use their language in order to create and customize the dashboards, correlations, or analytics that we want to incorporate."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"Splunk has give us the capability to easily track problems and their status."
"It is very stable. We have not had any problems."
"The feature that we use the most is the correlation search engine within ES."
"Splunk setup is easy and straightforward. "
"The most valuable features are the logs, which allow us to identify what happened and who interacted with the web repository."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"This is a good, stable network monitoring solution for devices."
"The interface in the last few years it has been a lot greater, they are much more user-friendly. I like the interface."
"It is easy to access and discover devices, as well as monitor them automatically. The topology discover is also a useful feature."
"The most valuable features are network bandwidth monitoring and monitoring device health."
"The documentation is very good."
"NetFlow monitoring, real-time monitoring, and surveys have been the most valuable features for our business."
"I use it on premises to monitor my network database. We monitor the link up/down and use the SNMP traps as well."
"It is stable."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
"I think the machine learning should be emphasized. Now, it's really important to analyze Big Data, data mining. A SIEM solution, like Splunk, needs an improved data mining solution, artificial intelligence."
"While there aren't any major areas where the solution has to be improved, there are certain integrations that are still not available. I would specifically like to see legacy applications integrated."
"The prices are complicated as we operate in a small third-world country."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
"The complexity could be worked on so that it's even easier and faster."
"If you monitor too much, you can lose performance on your systems."
"WhatsUp Gold should work on real-time monitoring and configuration management. If they succeed in doing this, the solution will cover all the network troubleshooting aspects and will be a benefit."
"The interface needs some work."
"Adding on services increases the cost and on the version we have there is no option for ATM monitoring."
"Regional product team support is not very good."
"Integrations with other devices. I want to have a product that has full integration with my active directory so I can track user activity. I want to track my complete user activity, so I'm looking for a product to implement in the near future, which will have full integration with my network and active directory users. It became very difficult to track user activity."
"The new release cadence needs to be improved. It takes a while for them to add new features and functionality. There should be a quicker turnaround with new versions."
"I think there are a few bugs now. Although they give some resolution for this, we cannot share the network remotely because of our company policy."
"We can never achieve or get a good picture of the network topology."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews while WhatsUp Gold is ranked 36th in Application Performance Monitoring (APM) and Observability with 21 reviews. Splunk Enterprise Security is rated 8.4, while WhatsUp Gold is rated 7.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of WhatsUp Gold writes "Accurate network monitoring, but tech support is lacking". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas WhatsUp Gold is most compared with SolarWinds NPM, Zabbix, Grafana, PRTG Network Monitor and Centreon. See our Splunk Enterprise Security vs. WhatsUp Gold report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.