We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The initial setup is very simple and straightforward."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company."
"It is the best tool if you have a complex environment or if data ingestion is too huge."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions. There are some products that do automated AI-based detection and drawing up charts, but for network monitoring and all of the monitoring aspects, it is quite a nice tool. It is very convenient for business users because they get more or less a lot of data readily available. If you're familiar with the Splunk query language, you can pretty much do whatever you want."
"We used it to create a custom anomaly detection data model to monitor the activity of our back-end services on an hourly basis relative to the past three months of activity."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"It helps us uncover bottlenecks in the network."
"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."
"The product’s performance is better than other tools."
"You are able to see and follow trends."
"The product offers an intuitive user interface, detailed screens and widgets, and the absence of data limitations"
"It gives us a new dimension to the way that we analyse our data."
"One of the most valuable features of Tableau is that it's a visual analytics solution, not just a dashboarding solution. Compared to Power BI, which is a dashboarding solution, there are no limitations with Tableau. For example, when you add a chart or a map to Power BI, it has a 3,000-point limitation. When you try to track your whole vehicle on the map, you only see the first 3,000 rows on the map, and Power BI doesn't tell you which part of the data is shown on the map. But Tableau doesn't have any limitations, which means that you can see five million data points on a map. It starts the project by creating the visuals that directly converts to SQLs. In that way, all the components have no limitations. When we compared Tableau to Power BI, we also found Tableau to be more fancy. Fancy means you can create more visual graphics and more visual dashboards. With Power BI, this isn't so—it's just some tables and some simple charts together. Tableau is more for business users who want to analyze data. Tableau can directly connect the analytics systems, like R or Titan, and get the results in screen, so it's a good solution for analytics scientists. It has some predefined capabilities to understand the data."
"Data Interpreter: Which can identify issues or potential errors with your imported data."
"The solution makes for very productive and really informative decision making. It can lead the whole business and build a strategy across whole working departments."
"The solution helps users create dashboards and analyze data without relying on IT or product teams."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"The on-prem log sources still require a lot of development."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"We are invoiced according to the amount of data generated within each log."
"I would like to see more AI used in processes."
"It will be helpful for customers if they can create some real-world cases, and we can find a case study to align with. I know that Splunk has tremendous potential. We only include a tiny piece of it. There is a lot of stuff that we need to learn. If Splunk can provide more real-time examples, that will be helpful for customers."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"Certain sections of the developer documentation could use some updating and clarification."
"The integration could be a bit better. They charge for certain integrations."
"The support that is included with the standard licensing fee is very bad."
"Tableau is an end-to-end analytics platform, and it is doing a pretty good job in terms of connecting to the data and analyzing it. It can, however, do better in terms of data management and the ETL features, which are not on the advanced analytics or machine learning side. Tableau Prep is where users would want to see more advancements. They can improve Tableau Prep, which is an analytic platform tool for data cleansing. People who work with data spend most of their time curating the data. Cleaning up the data and getting it ready for analysis is what takes the most time. If Tableau can invest more time in improving the Tableau Prep platform, it would be great. Previously, Tableau didn't have the functionality for writing to a database. So, you couldn't really alter the database tables and write to your database, but they fixed that in one of the very recent releases. However, it isn't really advanced and should be improved."
"The Hyper Extract functionality is not as strong as that provided by Microsoft SQL."
"Creating empty extracts is not easy."
"It will be good if the server, could be more stable, and I would like to have the technical service to be more reliable."
"The setup was easy but we are having some problems with the configuration that is taking a long time. We have done some initial tests and some of the delays could be from bandwidth issues. However, the whole installation process should be simplified."
"Firstly, the high cost of Tableau licenses makes it inaccessible for many mid-scale clients. Secondly, the server requires at least 128GB of RAM, which can be impractical for some systems. We need a dedicated system to use Tableau."
"When I've done presentations in the past, I've had issues with uploading the cartography."
"Its documentation can be improved so that a user can get a good hands-on experience. Tableau is well documented, and on their website, there are a lot of tutorials that are available for free. I started my learning process through those tutorials, but there are certain loopholes in those tutorials, which only got filled through a couple of good YouTube channels that talk about Tableau. YouTube helped me a lot. So, the documentation could be better, I understand that it is evolving day by day, and with more usage, there would be more such documentation."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 290 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.