Try our new research platform with insights from 80,000+ expert users

Centreon vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Centreon
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
28
Ranking in other categories
Network Monitoring Software (25th), IT Infrastructure Monitoring (22nd), Cloud Monitoring Software (18th)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Systems Management solutions, they serve different purposes. Centreon is designed for IT Infrastructure Monitoring and holds a mindshare of 2.9%, up 2.9% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.5% mindshare, down 12.8% since last year.
IT Infrastructure Monitoring
Security Information and Event Management (SIEM)
 

Featured Reviews

Caulson Chua - PeerSpot reviewer
With fewer staff resources, we can identify and address issues before the system goes down
Centreon's most valuable features are preventative maintenance and cost-efficiency. Everything is monitored, and we get a log before the system fails. We have an opportunity to fix the issue and avoid downtime. The dashboard is user-friendly, and the solution provides good reporting and visibility. The layout is straightforward. You can click on the drop-down list to select the server you want. The anomaly detection feature helped us reduce our average resolution time by 30 minutes to an hour.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is that we can manually configure everything we need. After it comes inside the interface of Centreon, you can display it. Because the interface is quite user-friendly, you can manually configure the configuration very deeply, which is very pleasant and useful because you can monitor and see everything on your service list, dashboard, or MAP. The most useful feature for me is that you can create your own plugin and monitoring query."
"What I like most about Centreon is that it is very flexible and customizable, based on the user and/or business needs. Centreon is very flexible when it comes to monitoring parameters. We can use scripts found on the internet or scripts created by our infra/apps team. Also, the data visualization features are very simple and straightforward, yet very informative."
"It supports active monitoring so we don't have to use traps. From time to time traps are not very useful because we never know if they are actually working or not. The reporting part is also valuable as are the event logs. Using them we can check right away if something has had a hiccup."
"Centreon's most valuable features are preventative maintenance and cost-efficiency. Everything is monitored, and we get a log before the system fails. We have an opportunity to fix the issue and avoid downtime."
"We use the remote server functionality on some customer sites, because you can see an independent view and are not dependent on a single connection. If you have branch offices or bigger office outside your headquarters, you can use remote servers because if the connection is broken or disrupted, then remote server will obtain a view of your environment and server availability. This is a good point against using other solutions. Because with other solutions, you don't have this feature. Then, you will be blind if you have this type of a situation."
"The customizable reports and dashboards are really flexible. We started this partnership with Centreon, when we were looking for a solution, because of the flexibility of the reporting. That's what we found to be most attractive in the solution. You can display the data as you want."
"The most valuable feature is the monitoring of servers and networks, because we have a lot of them and need to maintain control."
"The most valuable feature of the solution is that most of its plug-ins are free."
"Splunk simplifies real-time problem identification and resolution by seamlessly integrating existing customer and vendor systems."
"It is very scalable."
"We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company."
"Splunk incorporates a lot of elements that help to reduce security risks. For it to reach certain compliance, we need to have some security insight. Splunk is a very good SIEM, it’s a top solution, but the best feature is its cost of visibility. We have all the most important features to detect vulnerabilities or risks."
"The user interface is excellent, and since I'm using Splunk as a power user, it's easy to create dashboards."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"Splunk allows us to customize processing and dashboards, which helps us take care of our customers' needs."
"The initial setup is really straightforward. It's one of the easiest installations."
 

Cons

"I would like to see a better UI, one which is more responsive."
"The most important issue is the capability to interconnect with other systems. It already exists for some of them. For example, the Stream Connector is something we use to populate data in another system. This kind of facility for connecting should exist for all products that it makes sense to have connected to a monitoring solution."
"Sometimes, when the GUI and some of the search fields are being reset, and I return to the page, then I have to set them again. Therefore, some improvement on the UI and the filtering is needed."
"Centreon supports officially 10,000 services per poller. That is not much for larger customers, because this limit is reached very quickly. We use it with three times the limit without any problems, but Centreon says, "Okay, we are only supporting it with 10,000 services." We are aware that increasing the limit has different impacts because they need to support it. However, for most customers, it would be be very good if they could increase the limit of services."
"Centreon technical support is only available during Central European business hours. When it comes to critical business solutions, there should be a 24/7 hotline that customers can rely on."
"The Home view could be improved by adding customization functions that allow users to change the size of the widgets for a more uniform layout."
"Centreon needs to improve the granularity of the data as well as the graphical data. It would also be better to if there was improvement to the filtering/grouping system as well as the creation of views."
"The product collects the information, but it fails to send them via SMS, WhatsApp or Telegram."
"​Not even Splunk's support guy, who came to our firm, could help with defining proper role management.​"
"I do not like the pricing model. It is expensive."
"Missing capability for audio/video and image processing."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
"Most of my interaction is with the user community, which is how Splunk wants it. When I need help, that community is very hit or miss."
"If it could be made available as a service, this would be much better than as a product."
"It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics."
"Splunk isn't appropriate for smaller companies. It's too expensive."
 

Pricing and Cost Advice

"It is perfect and very cheap if you are a little company or startup. After that, it is quite expensive for a big company."
"Centreon is an open source product. Thus, there is no need for licensing."
"Centreon is better than Nagios XI in regards to cost and support response times, when you have a problem. If you have a problem, it costs money to contact the Nagios XI support."
"For more complex tasks, we use prepaid support days and ask Centreon to come onsite."
"They only sell four hour slots for support, so if you have just one question, then you need to pay for four hours. Or, you need to wait until you have enough questions to fill those four hours. They are not flexible in this."
"I would like to see improvement in the licensing model. You can purchase X number of licenses, up to 1,000 devices or 1,000 instances. Your next batch is 2,000. But what if you only need, say, 1,200? The model could be changed a little bit."
"The tool is cheaply priced."
"You purchase a package. You have a support contract (there is also a platinum support contract) and it is per module. That means you have to pay, e.g., for the MBI module or the BAM module. Or, if you want to save a lot of money, you can pay for IMP, which is the complete package."
"Our ROI is high."
"I've heard Splunk is often preferred over other options, but the cost can be prohibitive for smaller organizations."
"While Splunk offers generous developer licenses and obtaining annual licenses is straightforward, the cost is a major consideration."
"Splunk Enterprise Security's pricing is competitive."
"Regarding the product's pricing, I think it has always been difficult to have a conversation with Splunk."
"Some of the insights that we have obtained as a part of using Splunk have greatly helped us in increasing our revenue in terms of selling our products."
"Further reductions would be fantastic, and I believe that more and more people would flock to it."
"The licensing is good, but the pricing absolutely needs some work. It is very high."
report
Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
11%
Government
10%
Comms Service Provider
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Centreon?
Centreon's most valuable features are preventative maintenance and cost-efficiency. Everything is monitored, and we get a log before the system fails. We have an opportunity to fix the issue and av...
What needs improvement with Centreon?
The issue my company has with the tool stems from the fact that it didn't give an on-time response to us. The product collects the information, but it fails to send them via SMS, WhatsApp or Telegr...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Airbus, Bollore, BT, Canal Plus, Kuehne Nagel, Limagrain, LVMH, Oberthur Technologies, Orange, Darty, Addax Petroleum, Plastic Omnium, Auchan, Valeo, Saint Gobin, Clarins, Hugo Boss, JC Decaux, French Government (Defense, Justice, Environment, Agriculture), OptiComm, Thales, Zeiss.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring. Updated: March 2025.
844,944 professionals have used our research since 2012.