We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The analytic rule is the most valuable feature."
"Log aggregation and data connectors are the most valuable features."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The connectivity and analytics are great."
"The machine learning and artificial intelligence on offer are great."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The product is good, it satisfies our customers."
"The additional vendors we've brought on board, particularly the elastic, have been quite beneficial."
"I really like the user interface and how it works."
"Internal tracking is helpful because we do not like to deal with multiple ticketing systems, and I am not a fan of ServiceNow. We are able to keep everything internal and utilize Enterprise Security."
"Splunk Enterprise Security's dashboards are a key asset."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"The logs on the solution are excellent."
"Out-of-the-box, it seems very powerful."
"The most valuable feature is the 3D charting."
"Gradual scalability from simple to complex situations"
"The number one thing was just the ease of getting something up quickly. The other thing that was good about it was that it was fairly fast for decent-sized data sets in terms of performance and run time."
"One of the most valuable features of Tableau is that it's a visual analytics solution, not just a dashboarding solution. Compared to Power BI, which is a dashboarding solution, there are no limitations with Tableau. For example, when you add a chart or a map to Power BI, it has a 3,000-point limitation. When you try to track your whole vehicle on the map, you only see the first 3,000 rows on the map, and Power BI doesn't tell you which part of the data is shown on the map. But Tableau doesn't have any limitations, which means that you can see five million data points on a map. It starts the project by creating the visuals that directly converts to SQLs. In that way, all the components have no limitations. When we compared Tableau to Power BI, we also found Tableau to be more fancy. Fancy means you can create more visual graphics and more visual dashboards. With Power BI, this isn't so—it's just some tables and some simple charts together. Tableau is more for business users who want to analyze data. Tableau can directly connect the analytics systems, like R or Titan, and get the results in screen, so it's a good solution for analytics scientists. It has some predefined capabilities to understand the data."
"The most valuable feature is the drag and drop, then the simplicity to build dashboards which allows us to provide more usable data to our customers."
"Although Tableau isn't the best for us when it comes to processing and working on live data, it is very good at extracting data for analysis."
"The product offers an intuitive user interface, detailed screens and widgets, and the absence of data limitations"
"It has been the best tool to work with from a self-service point of view."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The reporting could be more structured."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The security can be improved."
"I would like to see ability to master management. In terms of clustering, how it manages clustering needs improvement."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"This is a costly solution."
"Splunk is more expensive than other solutions."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"The CIM model is the method Splunk uses to normalize data and categorize its important parts, but it is quite complex."
"While Splunkbase (the app repository) has a lot of great content, some apps are terribly old and could stand to be updated or purged."
"There should be more GIS features, such as location analysis, which is quite limited. There are very few location-based functionalities."
"In the next release, I would like to be able to have the option to see more raw data that I'm converting on the dashboard."
"Tableau's data modeling, mining, and AI library features need improvement."
"The product needs to allow for better ways to drill down more effectively on the information at hand."
"Overall, the only major frustration that I have had so far is with Tableau Public. I first used Tableau Public when I was building capacity, and when there was a later release to download and you wanted to upgrade, all your work would have to be manually re-entered."
"The solution could improve the scalability, it is difficult to make changes."
"Implementation requires a technical background."
"Its documentation can be improved so that a user can get a good hands-on experience. Tableau is well documented, and on their website, there are a lot of tutorials that are available for free. I started my learning process through those tutorials, but there are certain loopholes in those tutorials, which only got filled through a couple of good YouTube channels that talk about Tableau. YouTube helped me a lot. So, the documentation could be better, I understand that it is evolving day by day, and with more usage, there would be more such documentation."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 290 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.