We performed a comparison between Splunk Enterprise Security and WhatsUp Gold based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The features that stand out are the detection engine and its integration with multiple data sources."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"We have no complaints about the features or functionality."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"This solution helps us increase our productivity."
"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"The most valuable feature is that it's very good for log aggregation."
"There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive."
"We can quickly search for almost anything across many log sources in seconds."
"I am satisfied with the support."
"The alerts are very effective."
"We no longer have to manually search for problems because we are alerted when something in the network goes down."
"The most valuable feature is the monitoring of resources."
"It is stable."
"The interactive mapping interface for scrolling, zooming, and drilling down on an element to learn about a network issue is good. When we see a network there will sometimes be a spot that has one link. You can go into a particular part of the topology map, scroll in, and see exactly which module it is."
"Auto scanning is most valuable. It looks for rogue devices on your network."
"It handles the basics of monitoring."
"The installation and configuration process are easy."
"The user interface is good enough."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The troubleshooting has room for improvement."
"The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options."
"Sometimes, there is latency in the logs."
"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."
"The analytics of Splunk could be improved."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"If you monitor too much, you can lose performance on your systems."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
"The support that is included with the standard licensing fee is very bad."
"The licensing model could be improved. Right now, the levels are too far apart. This causes the solution to be more expensive than it needs to be."
"Regional product team support is not very good."
"Integrations with other devices. I want to have a product that has full integration with my active directory so I can track user activity. I want to track my complete user activity, so I'm looking for a product to implement in the near future, which will have full integration with my network and active directory users. It became very difficult to track user activity."
"The initial setup of WhatsUp Gold is a medium range of difficulty levels. However, if it is your first time it could be difficult."
"The new release cadence needs to be improved. It takes a while for them to add new features and functionality. There should be a quicker turnaround with new versions."
"The interface needs some work."
"One of the biggest things that made us start to look at another product is we're not able to have an end to end monitoring from a user perspective throughout the system and back to the user. All the monitoring is from inside out, we need something that also can give us from outside in."
"The pricing for this solution has gone up quite recently, which has led some of our customers to buy an alternative product."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews while WhatsUp Gold is ranked 36th in Application Performance Monitoring (APM) and Observability with 22 reviews. Splunk Enterprise Security is rated 8.4, while WhatsUp Gold is rated 7.8. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of WhatsUp Gold writes "If CPU, memory, or disk space is over-utilized, it alerts us immediately via text or email if there is an issue". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas WhatsUp Gold is most compared with SolarWinds NPM, Zabbix, Grafana, PRTG Network Monitor and Centreon. See our Splunk Enterprise Security vs. WhatsUp Gold report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.