We performed a comparison between Splunk Enterprise Security and syslog-ng based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Splunk setup is easy and straightforward. "
"I am satisfied with the support."
"It helps us uncover bottlenecks in the network."
"The best part of Splunk Enterprise Security is its customizable settings."
"The solution is very fast and succinct."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"Without Splunk Enterprise Security, it would be difficult for us to manage and prioritize alerts. There's a potential to lose track of important notifications, and it's essential to our security that we do not miss anything. Splunk has improved our investigations because the reporting and dashboarding make things so much easier. We can provide weekly or monthly reports. I also like Splunk's ability to integrate."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has a separate config file in addition to the core configuration."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"In terms of the interface, it could include some improvements for the look and feel."
"Splunk can improve its third-party device application plugins."
"The support that is included with the standard licensing fee is very bad."
"Configuring a few apps is complex, not straightforward."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."
"The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"There is room for improvement in terms of observability."
"The filtering has room for improvement."
"There is always the potential for additional integration and protocol extensions."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
Splunk Enterprise Security is ranked 1st in Log Management with 230 reviews while syslog-ng is ranked 18th in Log Management with 5 reviews. Splunk Enterprise Security is rated 8.4, while syslog-ng is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Graylog, Grafana Loki, Logstash and Datadog. See our Splunk Enterprise Security vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.