We performed a comparison between Splunk APM and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The pricing of the product is excellent."
"It's pretty powerful and its performance is pretty good."
"The connectivity and analytics are great."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The main benefit is the ease of integration."
"Splunk APM has helped us to standardize logging and monitoring procedures."
"The features are pretty much ready out of the box."
"This solution is very quick to deploy as it is a SaaS solution and integrates with tools like ServiceNow."
"Splunk's dashboards are great."
"Detectors are a powerful feature."
"The most valuable features are troubleshooting and optimizing application performance."
"I like the fact that Splunk APM makes it easy to connect to the application database and run queries against the data."
"It is a good tool. It allows you to set alerts for application and infrastructure monitoring, and it allows you to create dashboards."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The solution is quite stable."
"It helps a lot because we can troubleshoot issues pretty easily."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"The solution could be more user-friendly; some query languages are required to operate it."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"We currently lack log analysis capabilities in Splunk APM."
"There are some predefined metrics.......we may want to create customized metrics."
"The cardinality is pretty low."
"I've been using the Splunk query language, and it can be a bit time-consuming to set up the queries I need."
"The UI enhancements could be a way to improve the solution in the future."
"The monitoring of workloads when using SignalFx could be improved."
"Splunk APM should include a better correlation between resources and infrastructure monitoring."
"The UI enhancements could be a way to improve the solution in the future."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"The initial setup is the most stressful, like learning how to use it."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"Sumo Logic needs to make sure integrating solutions are seamless."
Splunk APM is ranked 14th in Application Performance Monitoring (APM) and Observability with 12 reviews while Sumo Logic Security is ranked 20th in Security Information and Event Management (SIEM) with 18 reviews. Splunk APM is rated 8.2, while Sumo Logic Security is rated 8.6. The top reviewer of Splunk APM writes "Provides great visibility, analysis, and data telemetry". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Splunk APM is most compared with Splunk ITSI (IT Service Intelligence), Sentry, Elastic Observability, Monte Carlo and Grafana, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
