We performed a comparison between IBM SevOne Network Performance Management (NPM) and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"In 90% of the cases, new devices are plug-and-play, so when a new version comes out then SevOne has support for it out of the box."
"With this tool it is interesting to show the info to the client and explain where the traffic is."
"SevOne provides support for all universal connectors. They internally work with other data sources to get features implemented. We have an SD-WAN implementation and use other app data to monitor performance. If you pull that data into one centralized location, that is very useful for management."
"Scalability. I have never had to worry about how to handle really big environments."
"Data Insight reporting tool is the most valuable feature. They came up with it a couple of years ago. The most pleasing factor is the dark theme. You don't have a white background. It has templates that you can create for all kinds of reports that you can hit on the fly. It's much better printing of the reports. If you want to send PDFs to people, the reports are actually decent. Whereas for years, the old architecture of the PDFs was rubbish and even our customers said, "We have to manipulate your PDFs because they all have bad margin breaks. SevOne fixed that a couple of years ago with the new Data Insight. It's fantastic."
"Another useful feature is that SevOne gives you real-time insights into your network performance. It polls every five minutes. That is important for our customers because there are some network teams that are always monitoring their networks."
"The modules and the performance management reports that come with data insights are two of the most valuable features. I also find the reports for Wi-Fi, Netflow, LAN, and WAN for monitoring to be very good."
"We solve issues that we previously could not since we now have the data."
"Our clients use the solution to find any threats or vulnerabilities inside their environment."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"The solution helped reduce our alert volume."
"The search function for spam is like a google search. You just enter and it will quickly show you the results."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"There are a lot of pain points. My main problem is that we don't have a high availability system. There are 20 peers. We're going to lose the end-of-life appliances that are old. If we lose a peer and it doesn't come back, we lose all that data. The reason we don't have high availability is because it's double the charge."
"High-frequency polling is data-intensive because you're pulling more. If SevOne could figure out a way to manage the impact of high-frequency polling on the system, that would be very popular."
"One area that requires a little bit of improvement is the topology of visualization and being able to map out connections, end-to-end. It's able to do that, but it's not as impressive as we would like it to be. We would like to understand the different interface types and the connection points better, through the visualization. Heatmaps also need further development."
"Some similar solutions offer end-to-end visibility."
"Would benefit with the addition of AI modules for proactive data insights."
"The reporting of NMS is good, but it could be better."
"I would like to see live maps as an added feature. Also, build modules on AI and EML to provide better data insights that would proactively tell us what we should be looking after."
"User-friendly, multi-tenancy."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"The training was mostly sales-focused, like how to monitor your sales. It was hard to then come back from doing the training and try to switch it to a cybersecurity focus because all the training we did was sales oriented. The basic training didn't really touch on any kind of cybersecurity use cases or anything like that. That would have been great to see in the training."
"Free-floating panels in the dashboards are like a glass table."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"While Splunk offers SOAR as a separate product, integrating it into the next version of Splunk Enterprise Security as a unified solution would be beneficial."
"Deployment is not difficult but the lock sources and configurations can take time."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 31st in Log Management with 53 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". IBM SevOne Network Performance Management (NPM) is most compared with Instana Infrastructure Monitoring, LogicMonitor, SolarWinds Network Device Monitor, SolarWinds NPM and Dynatrace, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our IBM SevOne Network Performance Management (NPM) vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
