Try our new research platform with insights from 80,000+ expert users

BMC TrueSight Operations Management vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BMC TrueSight Operations Ma...
Average Rating
8.2
Reviews Sentiment
6.7
Number of Reviews
50
Ranking in other categories
Application Performance Monitoring (APM) and Observability (22nd), Event Monitoring (2nd), IT Infrastructure Monitoring (26th), Cloud Monitoring Software (20th), AIOps (8th)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. BMC TrueSight Operations Management is designed for IT Infrastructure Monitoring and holds a mindshare of 0.8%, down 1.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.5% mindshare, down 12.8% since last year.
IT Infrastructure Monitoring
Security Information and Event Management (SIEM)
 

Featured Reviews

Srri G - PeerSpot reviewer
The product is reasonably priced, but the solution is a little obsolete because it is deployed on-premise
If I want custom monitoring across a very large estate of more than 50,000 units, the on-premise deployment gets quite slow. The on-premise product’s performance must be improved. The solution is a little obsolete. That is why the solution moved to Helix, a SaaS operating system. The SaaS platform has the features I like. There is no point in BMC expanding TrueSight Operations’ console. It's high time that BMC starts a demise path for the product and is associated only with Helix. If we need any additional function, we must switch to Helix. Since TrueSight is deployed on-premise, the scalability and usage of the product are mainly focused on providing basic features and not enhanced features like analytics or cost analysis. People should move to a SaaS platform because on-premise products have limited storage and capacity.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have one application, which is fairly large. In the past, we had Level 1 and 2 NOC support teams who were responsible for watching dashboards. When they saw an issue in the application, they would call Level 2 or 3 support and escalate the call, if necessary. Now, through the use of this product, we have been able to reduce the headcount by five people, as we are able to eliminate the eyes on the glass. We no longer have people watching the dashboard. We have events which are processed automatically through the system and get to the right people. We had six people in L1s, and now have one. So, we reduced five out of six headcount, which is pretty significant."
"It is a scalable solution."
"The solution provides visibility to our infrastructure, how it is, the resources we are monitoring, and quick updates when it has any problems. We have integrated it with ServiceNow to open instances."
"The tailoring of the knowledge modules has been particularly useful as I can streamline the agents to only report on critical events."
"It allows our operations team to have one single application to reference when investigating issues in our environment."
"The most valuable features are the rich reports, high performance, and the look and feel of the WebEx webpage are very good."
"We're using native monitoring capabilities for all our server hardware, for visibility for applications, for URLs, for webpage response and accuracy, and for monitoring network throughput in a lot of particular instances. We're using lightweight protocols for pinging, for DNS, for LDAP."
"Helix Innovation Studio is a very good feature. It allows us to develop our own enterprise applications and make them available for the customers."
"Its alerting is most valuable. We have alerts set up in our environment for certain attacks, such as an SQL injection attempt. We have a front-facing server for the website. It is out there, and anybody can access it. When those SQL injection attempts come in, we are able to detect that with the alert."
"In the past we used the different application to collect logs. We used SurfWatch and VMware to do so. But, we found that the Splunk has more capacity to do more in less time. They provide a aster speed to index all the events , and this is a huge asset."
"The benefits my company has seen from the use of Splunk Enterprise Security revolve around the speed of detection it offers."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"The tool helps with advanced reports and keeps the system scalable and flexible. It provides a clear picture of the current status of any incidents. As a CISO, I see a lot of potential for future innovation, which is interesting. I've noticed better performance, especially with the reports."
"It has virtual visualization, and other products do not."
"Splunk works based on parsing log files."
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
 

Cons

"The product must provide application or service monitoring features."
"There are some small limitations with this tool in terms of reporting dashboards that fit all of the requirements of the individual customer."
"I would like them to improve the deep-dive details, tracing, and data agents in this product. We have EUEM, an end-user experience monitoring appliance. This one's quicker than the current one, and reporting side and filtration side are very bad. There are many details we look at and explain what we receive information in the current one, but we cannot have historical data like we do with EUEM. We cannot have a powerful point to look for specific traffic from a specific application and a specific browser. We don't have it in the new one. The current BMC also needs to add the thing that control versions."
"The UI for the end users could be improved and more flexible than it is now."
"The solution's support service could be better."
"The solution is overly complex."
"I think the ease of deployment needs to be looked at. It would be great if the deployment was faster and easier."
"The one piece that I would love to see is a general-purpose, configurable agent which would be a framework that you can deploy on anything, whether it be Java or anything else. It would allow you to easily deploy it on a platform that they support."
"I've noticed that onboarding data from various multi-cloud sources and diverse products, such as security network devices, can be challenging."
"Splunk could enhance its offerings by incorporating modules for network detection and response and fraud management, along with improving its threat intelligence management capabilities."
"The implementation and the scanning of the logs can be difficult."
"The UI can be difficult to understand for non-technical people."
"Splunk's high cost, despite its recognition in our region, prevents many organizations from adopting Splunk Enterprise Security, suggesting there's room for improvement in their pricing strategy."
"Splunk Enterprise Security has not helped reduce our alert volume."
"Could be more user friendly."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
 

Pricing and Cost Advice

"Use conservative figures. In terms of hardware, monitored servers and also effort. The product is not cheap. But as with other products, you get what you pay for."
"There is a big upfront cost when you buy the license, then there is annual maintenance. We look at, if I bought a license and paid for maintenance for five years, then average it out, what would be my monthly cost. We have had some of the competing tools come in around four dollars. This is coming in as a premium, which is why I don't have it deployed as I would like it. Therefore, we're in negotiations right now. If I can get it down to the four dollar range, I will triple my deployment in a year and a half."
"We're end-of-lifeing it now. Overall, the licensing costs of BMC are a challenge for us in that they're hard costs, whereas open-source monitoring has soft costs, where it's harder to line-item."
"We pay license fees of between $150 and $200 per asset. There is an enterprise software license fee, and then you pay a percentage for your maintenance, and then Premier Support. For example, if you buy a two-year license for the product, then the maintenance fee is added to that for two years at X percent a year. Then there's a small fee on top of that for Premier Support..."
"It is a relatively inexpensive solution."
"Annual licensing amount depends on the customers requirements. Support is an additional fee and there are options for three and five year support."
"Pricing is very high."
"The solutions are not the cheapest but are robust and stable. License model is rather complex and BMC do often change the model."
"It is expensive, but it is a good tool. It is worth the cost."
"Splunk Enterprise Security is expensive."
"Pricing can be a limiting factor. You have to continuously tune what you are bringing in and make sure what you bring in is of value."
"Its price is fair. Like with anything else, if you go into the cloud, different providers cost more, and you are able to throttle back or throttle up. The cost is comparable with anything else."
"From what I have seen so far, Splunk has multiple cost models. The one that we are using is pretty good when it comes to ingesting data into the environment. It has worked out pretty well."
"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."
"I've heard Splunk is often preferred over other options, but the cost can be prohibitive for smaller organizations."
"Splunk is really expensive."
report
Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
25%
Computer Software Company
15%
Manufacturing Company
7%
Government
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about BMC TrueSight Operations Management?
The solution provides visibility to our infrastructure, how it is, the resources we are monitoring, and quick updates when it has any problems. We have integrated it with ServiceNow to open instances.
What is your experience regarding pricing and costs for BMC TrueSight Operations Management?
Though I have no clue about the tool's actual price, I know that it is astronomical.
What needs improvement with BMC TrueSight Operations Management?
Cost is an issue with BMC TrueSight Operations Management. Though I am not responsible for the budget, I know that it is an expensive tool set when used only for event management. The tool's issue ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

ProactiveNet, TrueSight Operations Management
No data available
 

Overview

 

Sample Customers

Ensono, Transamerica, Boston Scientific, Park Place Technologies, inContact, TD Ameritrade, PNC Bank
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about BMC TrueSight Operations Management vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
845,406 professionals have used our research since 2012.