Splunk Competitors and Alternatives

Get our free report covering IBM, Dynatrace, Graylog, and other competitors of Splunk. Updated: September 2019.
371,062 professionals have used our research since 2012.

Read reviews of Splunk competitors and alternatives

Real User
Senior Architect at a energy/utilities company with 201-500 employees
Oct 31 2018

What is most valuable?

We do a lot of the alerting, as far as user accounts. We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot.

How has it helped my organization?

We're still struggling to get a real return on it and finding something that isn't false noise. There have been a few things, such as weird service accounts that have an encrypted password which are locking things out. However, we haven't… more»

What needs improvement?

We still have a lot of noise, so this is a problem. We are having a hard time visually sifting through it. We need help dialing it in. We don't have the in-house expertise. Do we hire someone just for this purpose and have them sit there… more»

What other advice do I have?

I am rating the solution a six out of ten, because we have not gotten it to work yet. With all its components, there is such a learning curve. I haven't gotten far enough along in the process to know if the solution has a shortcoming or if… more»

Which other solutions did I evaluate?

We went back and forth between LogRhythm, Splunk, and AlienVault. I liked LogRhythm mostly for how it integrated with the network infrastructure. It was my decision, and I'm not 100% sure that I picked the right one. LogRhythm works well… more»
Omar Sánchez (Mr.Tech)
Consultant
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Oct 21 2018

What is most valuable?

They do have a way to pre-configure or have pre-configurations for companies that are starting and they don't know too much about SIEM or working with SIEMs. The solution uses SIEM to get the information to the managers so I will say that… more»

What needs improvement?

It is not a user-friendly program. It is a very glorified Excel program. I would love to see a more user-friendly version in a future rollout. In addition, the management services team needs some improvement. They are, at times, confused… more»

What's my experience with pricing, setup cost, and licensing?

It is a pricey product. It is very expensive.

If you previously used a different solution, which one did you use and why did you switch?

I have used Splunk in the past.

Which other solutions did I evaluate?

QRadar needs a lot of fine tuning. I had to schedule meetings with IBM for help. For example, one of the things that we were having difficulties with QRadar is that the detection rules are sent by IBM and we wanted those detection rules. In… more»
Cybersecon67
Consultant
Cyber Security Consultant at a tech services company with 51-200 employees
Aug 12 2019

What is most valuable?

The most valuable features of this solution are the logging and the dashboards. This solution integrates easily and very well with other technologies. We are creating… more»

How has it helped my organization?

This solution helps us to provide services for our clients and integrates well with their other technologies.

What needs improvement?

We are having trouble migrating our data sources from version 10 to version 11.2. We cannot add new data sources to the most recent version. I would like to see the Active… more»

What's my experience with pricing, setup cost, and licensing?

The cost is dependent on the customer's environment and requirements.

If you previously used a different solution, which one did you use and why did you switch?

We did not previously offer a different solution to our customers. We are currently onboarding Splunk to work concurrently with this solution, but it depends on the… more»

What other advice do I have?

From my perspective, for anyone with a small or medium-sized business, this is the best solution. It is easy to deploy and it is less, from a cost point of view, than… more»

Which other solutions did I evaluate?

We have experience using ArcSight, but it is very difficult when it comes to creating the connector to integrate with different technologies. We spend time evaluating each… more»
Jordan French
Consultant
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
Apr 25 2018

What is most valuable?

* Smart Connectors and Flex Wizard * Multi-tenant access * Customization for dashboards and reporting * Improvements made to the ADP platform

How has it helped my organization?

Without it, we would not have a managed SIEM offering to speak of. We spent over a year evaluating leading competitors and ArcSight was the clear winner. It opened up a… more»

What needs improvement?

The marketplace is a bit of a joke; steps should be taken to improve participation. Micro Focus desperately needs to improve their core offering rather than adding more… more»

What's my experience with pricing, setup cost, and licensing?

Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service. A lot of the complex setup and administration duties are… more»

If you previously used a different solution, which one did you use and why did you switch?

We have not use a previous solution past its initial evaluation period.

What other advice do I have?

It has its quirks, but ultimately, it delivers capabilities that no other SIEM could provide.

Which other solutions did I evaluate?

We evaluated Splunk, QRadar, and LogRhythm.
AmirJalilzadeh
Real User
Security Operation Center Analyst at Sadad
Aug 19 2019

What is most valuable?

This is one of the best open-source log management and log analyzer tools in the world.

How has it helped my organization?

This solution assists in tuning our applications.

What needs improvement?

The documentation for this solution is very important, and more needs to be developed. It was not as good as we expected, and because of that, we prefer to work on… more»

What's my experience with pricing, setup cost, and licensing?

We use the open-source version, so there is no charge for this solution.

If you previously used a different solution, which one did you use and why did you switch?

We used Splunk in parallel with this solution. In my role as a Security Operations Center Analyst, I think that Splunk is more useful for me. This is because I do not work… more»

What other advice do I have?

Our company uses Logstash for gathering the data, and Kibana for searching. The two are used together. This is a solution that I recommend. It is the best open-source… more»

Which other solutions did I evaluate?

The solution does not work as well as Splunk.
Get our free report covering IBM, Dynatrace, Graylog, and other competitors of Splunk. Updated: September 2019.
371,062 professionals have used our research since 2012.
Sign Up with Email