We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time."
"The most valuable feature is the custom dashboard feature."
"The initial setup is pretty straightforward."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful gets into the system."
"The most valuable feature is the incident dashboard, and the extensive use of correlation searches, which isn't available with a standard Splunk search package. This feature is important to me because it enables SOC analysts to do their job more efficiently and be able to investigate or mediate incidents at a faster pace."
"The visibility is amazing with easy dashboard creation."
"We can easily configure things as required in relation to our use cases."
"It's very easy to visualize data with this product. The visualization maps of and frames that we have been able to cross-reference has been excellent."
"Tableau Prep tool for data preparation is a most valuable tool."
"The initial setup is quick and easy and you don't need special outside assistance to set everything up."
"This solution has transformed us from an Excel reporting environment to one of visual exploration."
"The most valuable features are data discovery and fine visualizations."
"The platform's most important feature is predictive analysis."
"The most valuable feature is the ease of use."
"It is so easy to do a lot of things. There is a lot of flexibility and creativity in this product. In other products, you don't have this flexibility."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The reporting could be more structured."
"The product can be improved by reducing the cost to use AI machine learning."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The solution could improve the playbooks."
"The support and the pricing can be better"
"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."
"The support that is included with the standard licensing fee is very bad."
"I would like to see an updated dashboard. The dashboard is a little out-of-date. It could be made prettier."
"There is a definite learning curve to starting out."
"Professional support is great, but too expensive."
"The solution’s pricing could be improved."
"Could have more integrations with different platforms."
"When it comes to large datasets, the data should be extracted faster."
"Requires a lot of user training."
"Implementation requires a technical background."
"More integration with Python or something related to machine learning would be a good improvement."
"The interface can be improved, in part because there is no indication that something is running or that it's processing."
"The setup was easy but we are having some problems with the configuration that is taking a long time. We have done some initial tests and some of the delays could be from bandwidth issues. However, the whole installation process should be simplified."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 293 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.