We performed a comparison between Splunk APM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Application Performance Monitoring (APM) and Observability solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Splunk APM has helped us to standardize logging and monitoring procedures."
"The features are pretty much ready out of the box."
"The most valuable features are troubleshooting and optimizing application performance."
"This solution is very quick to deploy as it is a SaaS solution and integrates with tools like ServiceNow."
"Detectors are a powerful feature."
"The solution's service map feature allows us to have a holistic overview and to see quickly where the issues are."
"The most valuable feature is dashboard creation."
"It is a good tool. It allows you to set alerts for application and infrastructure monitoring, and it allows you to create dashboards."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"The best part of Splunk Enterprise Security is its customizable settings."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"Splunk's visualizations make it easy for users to understand the data."
"It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull on the reports very easily, take action, and notify stakeholders."
"The product provides visibility and enables us to correlate data and generate alerts."
"Without Splunk Enterprise Security, it would be difficult for us to manage and prioritize alerts. There's a potential to lose track of important notifications, and it's essential to our security that we do not miss anything. Splunk has improved our investigations because the reporting and dashboarding make things so much easier. We can provide weekly or monthly reports. I also like Splunk's ability to integrate."
"Splunk APM's performance could be improved - at the moment, it's very slow and takes forever to give me what I want."
"We currently lack log analysis capabilities in Splunk APM."
"There are some predefined metrics.......we may want to create customized metrics."
"Primarily, the logs in Slunk APM can be challenging to navigate and comprehend, making it difficult to understand the details within each log. Compared to other tools like LogDNA, which are more intuitive in this aspect, the logs in Slunk APM can require more effort to understand."
"The licensing model is expensive. We need to monitor the amount of data ingested because the cost is based on the data collected."
"The cardinality is pretty low."
"The UI enhancements could be a way to improve the solution in the future."
"The UI enhancements could be a way to improve the solution in the future."
"On the technical side, it would be nice to see aspects of the recent acquisition of Phantom make it into the core Splunk Enterprise, not just become a part of the premium Enterprise Security."
"The use cases provided by Splunk are a good starting point, but could cover many additional topics to ensure that a smaller or less experienced shop might maximize the value of an ES deployment."
"The price of the solution could be cheaper."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"I find that the learning curve for Splunk is relatively lengthy."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
"Sometimes, there is latency in the logs."
"Most of my interaction is with the user community, which is how Splunk wants it. When I need help, that community is very hit or miss."
Splunk APM is ranked 13th in Application Performance Monitoring (APM) and Observability with 13 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Splunk APM is rated 8.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of Splunk APM writes "Provides great visibility, analysis, and data telemetry". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Splunk APM is most compared with Splunk ITSI (IT Service Intelligence), Sentry, Monte Carlo, Elastic Observability and Observe, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Splunk APM vs. Splunk Enterprise Security report.
We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.