RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 9th in Security Information and Event Management (SIEM) with 3 reviews vs Splunk which is ranked 1st in Security Information and Event Management (SIEM) with 43 reviews. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "We can investigate incidents based on logs and raw packets". The top reviewer of Splunk writes "Monitors all machine logins and actions taken on those machines under each user". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight. Splunk is most compared with IBM QRadar, LogRhythm and ArcSight. See our RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Rsa netwitness logs and packets %28rsa siem%29 vs. splunk report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk and others in Security Information and Event Management (SIEM).
270,604 professionals have used our research since 2012.

Quotes From Members Comparing RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network

Read more »

Splunk has significantly helped with aggregation and correlation of critical logs. Not having to grep on each individual server has made everyone more efficient.Splunk has facilitated the correlation of information security logs to look for incidents which could cause damage to the company's infrastructure, as well as financial losses from leaks.We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations.The ability to ingest any data and display it in a way that anyone can understand.Visualizations helped the organisation with a better understanding of its KPIs.Splunk setup is easy and straightforward. ​Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform.It is easy to use in any environment.

Read more »

Cons
Health monitoring of the event sources and devices.The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.

Read more »

DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down.Splunk can improve regex/asset analysis as we do not want to crawl until it is done.It can be tough to get a hold of somebody in technical support depending on the complexity of the issue.The Enterprise Security app could be improved. We have had trouble with it working from the first day.It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away.Custom visualizations are real hard. While the default visualizations are good, creating enhanced visualizations are complex.Configuring a few apps is complex, not straightforward.​Not even Splunk's support guy, who came to our firm, could help with defining proper role management.​

Read more »

Pricing and Cost Advice
The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).It’s cheaper to run virtual machines in a VMware environment.

Read more »

It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation.Splunk is a bit pricier, but the benefits and ROI are huge.It is a pretty high cost solution, but if your organization has the funds, it can bring many benefits.Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms.Truly evaluate the data you want to ingest and go slow. Pulling in data that can provide no use to your mission only wastes data against your license.Our ROI is high.The licensing model can be expensive, but the value it provides is significant.Be upfront about your needs and expectations. Splunk is great to work with.

Read more »

Rsa netwitness logs and packets %28rsa siem%29 vs. splunk report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk and others in Security Information and Event Management (SIEM).
270,604 professionals have used our research since 2012.
Ranking
RANKING
Views
6,371
Comparisons
4,416
Reviews
3
Followers
901
Avg. Rating
7.7
Views
85,497
Comparisons
67,084
Reviews
38
Followers
3,609
Avg. Rating
8.7
Top Comparisons
Top ComparisonsSee more RSA NetWitness Logs and Packets (RSA SIEM) competitors »
Ibm
Compared 19% of the time.
Logrhythm
Compared 14% of the time.
Micro focus logo
Compared 8% of the time.
See more Splunk competitors »
Also Known As
Also Known AsRSA Security Analytics
Website/Video
Website/VideoRSA
  • Vendor 7910 screenshot 1526975413
Splunk
  • Vendor 8038 screenshot 1524947790
OverviewQuestionmark icon
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

OFFER
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about Splunk
Sample Customers
Sample CustomersLos Angeles World Airports, ReplySplunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Top IndustriesQuestionmark icon
Top Industries
VISITORS READING REVIEWS
Financial Services Firm
20%
Energy/Utilities Company
16%
Comms Service Provider
15%
Retailer
13%
REVIEWERS
Financial Services Firm
24%
Retailer
15%
Energy/Utilities Company
15%
Insurance Company
9%
VISITORS READING REVIEWS
Financial Services Firm
17%
Comms Service Provider
11%
Energy/Utilities Company
7%
Manufacturing Company
6%
Company SizeQuestionmark icon
Company Size
VISITORS READING REVIEWS
Small Business
18%
Midsize Enterprise
20%
Large Enterprise
63%
REVIEWERS
Small Business
18%
Midsize Enterprise
13%
Large Enterprise
70%
VISITORS READING REVIEWS
Small Business
13%
Midsize Enterprise
19%
Large Enterprise
67%
Rsa netwitness logs and packets %28rsa siem%29 vs. splunk report from it central station 2018 05 04 thumbnail
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs Splunk and others in Security Information and Event Management (SIEM).
Download now
270,604 professionals have used our research since 2012.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email