Compare RSA NetWitness Logs and Packets (RSA SIEM) vs. Splunk

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 14th in Security Information and Event Management (SIEM) with 6 reviews while Splunk is ranked 1st in Security Information and Event Management (SIEM) with 58 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.6, while Splunk is rated 8.8. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Provides accurate information, quick analysis from the endpoint perspective, and quick identification of any potential malware". On the other hand, the top reviewer of Splunk writes "Its AMIs make it easy to spin up a Splunk cluster or add a new node to it". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight, whereas Splunk is most compared with IBM QRadar, Dynatrace and Graylog. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. Splunk report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Splunk and other solutions. Updated: September 2019.
371,917 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.

Read more »

With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEMOur clients are easily able to modify and evolve their implementations.The initial setup is really straightforward. It's one of the easiest installations.It helps us uncover bottlenecks in the network.it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware.The most valuable feature of Splunk is the log monitoring.It can log more logs than other solutions. It's a good way to troubleshoot problems.We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company.

Read more »

Cons
They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.

Read more »

It needs a better way to export dynamic views without requiring a ton of code and user/pw.It needs integration with a configuration management solution.It needs integration with a configuration management solution.They should make data onboarding easier.The product was difficult to back up the first time.Splunk needs local technical support.If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well.Cybersecurity and infrastructure monitoring have room for improvement.

Read more »

Pricing and Cost Advice
We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

Splunk is really expensive.Splunk should be able to integrate with other product using the free version.The pricing and licensing of the product are quite high.Splunk's cost is very high. They need to review the pricing. They have to go back and totally readdress the market.It's a little bit expensive for a small to medium enterprise.I think the price could be improved.I am not personally involved with the pricing of the solution.Some of the insights that we have obtained as a part of using Splunk have greatly helped us in increasing our revenue in terms of selling our products.

Read more »

report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
371,917 professionals have used our research since 2012.
Ranking
Views
6,554
Comparisons
4,363
Reviews
6
Average Words per Review
392
Avg. Rating
6.5
Views
95,486
Comparisons
77,036
Reviews
56
Average Words per Review
332
Avg. Rating
8.8
Top Comparisons
Compared 11% of the time.
Compared 9% of the time.
Compared 8% of the time.
Also Known As
RSA Security Analytics
Learn
RSA
Splunk
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about Splunk
Sample Customers
Los Angeles World Airports, ReplySplunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Top Industries
VISITORS READING REVIEWS
Software R&D Company27%
Comms Service Provider15%
Financial Services Firm15%
Energy/Utilities Company8%
REVIEWERS
Financial Services Firm20%
Energy/Utilities Company14%
Retailer12%
Insurance Company8%
VISITORS READING REVIEWS
Software R&D Company25%
Financial Services Firm13%
Comms Service Provider11%
Media Company6%
Company Size
REVIEWERS
Small Business25%
Midsize Enterprise25%
Large Enterprise50%
REVIEWERS
Small Business29%
Midsize Enterprise13%
Large Enterprise58%
VISITORS READING REVIEWS
Small Business17%
Midsize Enterprise17%
Large Enterprise66%
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Splunk and other solutions. Updated: September 2019.
371,917 professionals have used our research since 2012.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email