We performed a comparison between Security Onion and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Aggregation searches have reduced time and difficulty of identifying trends and conditions which need to reviewed."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"The search function for spam is like a google search. You just enter and it will quickly show you the results."
"The SIEM is the most valuable feature of the product."
"I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features."
"From my experience, the visual aid that it provides is most valuable. There are charts and other means to provide information."
"The consolidated overview of all the events that come in through our environment and an easy-to-access interface for all our end users are valuable."
"It's better than IBM, in my opinion, because it's an independent entity."
"The initial setup of the solution is a little bit difficult."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
"This is a costly solution."
"The integration could be a bit better. They charge for certain integrations."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"The Web Application Firewall will send you too much information because it's more dedicated to security than a normal firewall."
"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."
"A lot of people are averse to using new tools so if they make it even more user-friendly than it already is, I think that could go a long way."
"When you get into large amounts of data, Splunk can get pretty slow. This is the same on-premise or AWS, it doesn't matter. The way that they handle large data sets could be improved."
"Writing queries is a bit complicated sometimes."
Security Onion is ranked 33rd in Log Management with 3 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 235 reviews. Security Onion is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Graylog and Kali Linux, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our Security Onion vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.