Centreon vs Splunk Enterprise Security comparison

The compared Centreon and Splunk solutions aren't in the same category. Centreon is ranked #21 in IM , with an average rating of 7.3, and holds a 3.2% mindshare in the category. Splunk is ranked #1 in SIEM , with an average rating of 8.4, and holds a 10.8% mindshare. Additionally, 92% of Centreon users are willing to recommend the solution, compared to 93% of Splunk users who would recommend it.

Centreon

Read 28 Centreon reviews

5,160 Views
3,239 Comparison Views

92% willing to recommend

Splunk Enterprise Security

Read 303 Splunk Enterprise Security reviews

15,261 Views
12,770 Comparison Views

93% willing to recommend

Centreon

Splunk Enterprise Security

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Centreon and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring.

To learn more, read our detailed IT Infrastructure Monitoring Report (Updated: December 2024).

Buyer's Guide

IT Infrastructure Monitoring

December 2024

Download the complete report

Helped 825,399 peers since 2012

Categories and Ranking

Centreon

Average Rating

8.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Network Monitoring Software (24th), IT Infrastructure Monitoring (21st), Cloud Monitoring Software (20th)

Splunk Enterprise Security

Average Rating

8.4

Reviews Sentiment

7.6

Number of Reviews

303

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

Mindshare comparison

While both are Systems Management solutions, they serve different purposes. Centreon is designed for IT Infrastructure Monitoring and holds a mindshare of 3.2%, down 3.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 10.8% mindshare, down 14.6% since last year.

IT Infrastructure Monitoring

Security Information and Event Management (SIEM)

Featured Reviews

Caulson Chua

Technical Services Manager at ATS

With fewer staff resources, we can identify and address issues before the system goes down

Centreon's most valuable features are preventative maintenance and cost-efficiency. Everything is monitored, and we get a log before the system fails. We have an opportunity to fix the issue and avoid downtime. The dashboard is user-friendly, and the solution provides good reporting and visibility. The layout is straightforward. You can click on the drop-down list to select the server you want. The anomaly detection feature helped us reduce our average resolution time by 30 minutes to an hour.

Read full review

Avinash Gopu.

Associate VP & Cyber Security Specialist at US Bank

Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations

There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I find the product's scalability to be one of the most valuable features since it allows us to add unlimited devices for monitoring and to set up additional polling servers without additional license cost or downtime in our monitoring."

"E-mail alert notifications are valuable."

"I really like the filtering capabilities of it. You can easily tell what's critical next to what's okay, the state of the services. It's very easy to get the whole picture quickly."

"Centreon's most valuable features are preventative maintenance and cost-efficiency. Everything is monitored, and we get a log before the system fails. We have an opportunity to fix the issue and avoid downtime."

"The downtimes feature is helpful. If the ISP is doing some maintenance on its network, we have the option to put downtime on the devices or the services, so we won't get any false alarms."

"For servers and for applications, it was very, very efficient."

"We use the remote server functionality on some customer sites, because you can see an independent view and are not dependent on a single connection. If you have branch offices or bigger office outside your headquarters, you can use remote servers because if the connection is broken or disrupted, then remote server will obtain a view of your environment and server availability. This is a good point against using other solutions. Because with other solutions, you don't have this feature. Then, you will be blind if you have this type of a situation."

"The single-pane view provides us a view of all of our network infrastructure, and it is one of the most important tools that we use to see the status of our customers' networks."

More Centreon pros

"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."

"The initial setup isn't overly complex."

"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."

"The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."

"Splunk Enterprise Security is able to process a huge amount of data without any issues."

"The solution allows easy gathering and ingestion of the data."

"The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time."

"The product is adept at log mining."

More Splunk Enterprise Security pros

Cons

"Centreon introduced network discovery in the most recent update. However, it doesn't work well. Our previous monitoring tool could discover networking equipment on the network and identify the relationships between the devices."

"There are improvements that they need to make to their API. When we're using different systems and we want to disable monitoring for a specific server, we still can't do that through the API. That's something that's lacking."

"Improvements are needed in the area of cloud monitoring, as that's a newer feature."

"During the initial setup we faced some issues. Part of it was because we had to become more knowledgeable in the solution. There are some gray areas and if you don't know the product well you may have issues. Another part of it was some bugs that we came across, although that's part of every software solution in IT nowadays. But the initial setup could be easier."

"To get it started is a lot of work, since it comes empty. We had to push information into it to make it work."

"Centreon is actually missing an easy way to create a trendline for the metrics. Actually it is possible to create it, but you need a good knowledge of math, Centreon, and RRD."

"The product collects the information, but it fails to send them via SMS, WhatsApp or Telegram."

"I would like them to improve their documentation. When I faced some issues, I was looking for more documentation on the Internet. There is official documentation on Centreon's website, which sometimes is useful. Sometimes it is not very useful, as you cannot find the information or enough examples of configuration. The answer for me was to contact the support, who helped me, but I was not able to find all the information by myself on Centreon's website. A Centreon community or blog would be helpful."

More Centreon cons

"It is very complicated to write your own correlation rules without the help of Splunk support."

"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."

"The pricing can be better."

"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."

"I would like some additional AI capabilities to provide additional information about things going wrong and things going well."

"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."

"When files are absent, troubleshooting becomes difficult, and performance issues inevitably arise."

"Splunk Enterprise Security offers a vast amount of information to learn and comprehend, resulting in a challenging initial learning curve."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"If you need basic monitoring without dashboards, just monitoring, the plugins are very useful and really cheap. If you want a more complete solution with dashboards and reporting, the EMS solution is great and it is not that much more expensive. It's a good value. Really good."

"I would like to see improvement in the licensing model. You can purchase X number of licenses, up to 1,000 devices or 1,000 instances. Your next batch is 2,000. But what if you only need, say, 1,200? The model could be changed a little bit."

"The pricing works out well for us, given our environment and where we are."

"I think Centreon's pricing is fair, especially given the criticality of our system. They were cheaper than the other solutions. The licensing terms were pretty straightforward. I believe it was based on the number of hosts."

"The pricing starts at around 5000 euro. However, this depends on: Your environment, the size of your host, how many hosts you have, how many remote pollers you have, and if you want to use the Monitoring Business Intelligence or Centreon MAP functionalities."

"The price is not too high. Licensing is driven by how many hosts you monitor, but because you can run the agentless version, you don't have to declare every host to Centreon, one at a time. That means you can drive your infrastructure supervision with a very low number of declared hosts."

"You purchase a package. You have a support contract (there is also a platinum support contract) and it is per module. That means you have to pay, e.g., for the MBI module or the BAM module. Or, if you want to save a lot of money, you can pay for IMP, which is the complete package."

"The tool is cheaply priced."

More Centreon pricing and cost advice

"It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases."

"Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms."

"Splunk ES is quite expensive compared to some products on the market."

"It's definitely worth it."

"Splunk Enterprise Security is expensive."

"In addition to the licensing fee, there is also a support and maintenance charge."

"This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."

"We have an unlimited one, and we pay yearly, but I don't know how much it costs. Previously, I worked for a startup, and when they started building it up, it was complicated for them because they didn't have the budget for that many licenses. It was very costly for them. So, startups might find it a little bit problematic because of the licensing, but for bigger companies, there is no issue."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.

See recommendations

825,399 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

19%

Government

11%

Financial Services Firm

Educational Organization

Financial Services Firm

15%

Computer Software Company

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Centreon?

See all answers

What is your experience regarding pricing and costs for Centreon?

The tool is cheaply priced.

See all answers

What needs improvement with Centreon?

The issue my company has with the tool stems from the fact that it didn't give an on-time response to us. The product collects the information, but it fails to send them via SMS, WhatsApp or Telegr...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

Comparisons

Zabbix vs Centreon

Compared 30% of the time

PRTG Network Monitor vs Centreon

Compared 14% of the time

Nagios Core vs Centreon

Compared 11% of the time

Icinga vs Centreon

Compared 5% of the time

Elastic Observability vs Centreon

Compared 2% of the time

More Centreon Competitors

Wazuh vs Splunk Enterprise Security

Compared 10% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 9% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Datadog vs Splunk Enterprise Security

Compared 5% of the time

Sentinel vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Product Reports

Buyer's Guide

Centreon

December 2024

Download Centreon product report

Buyer's Guide

Splunk Enterprise Security

December 2024

Download Splunk Enterprise Security product report

Learn More

Centreon

Splunk

Overview

Centreon is an all-in-one IT monitoring solution that is a network, system, applicative supervision, and monitoring tool. It is free and open source, and one of the most flexible and powerful monitoring softwares on the market.

Centreon Features

Centreon has many valuable key features. Some of the most useful ones include:

Supervision of hybrid infrastructures, from one end to the other
Open and flexible architecture
Open-source solution, downloadable for free
Filtering capability in GUI interface
Proactive end to end monitoring
Easily configurable and simple to handle
Dedicated dashboard widgets
Scalability
Independent application for monitoring
End to end reporting with actual logs

Centreon Benefits

There are several benefits to implementing Centreon. Some of the biggest advantages the solution offers include:

Single platform, multi-user rights & access: Centreon is designed with built-in ACL, allowing enterprise users access to the monitored data on a need-to-know basis.

Smart data-mapping for customized macro & micro views: Centreon provides real-time custom views in multiple screens with graphic-rich data mapping, which also enables monitoring operators to act and troubleshoot from a distance.

Ready monitoring intelligence & reporting: With Centreon, you can easily generate reports of essential operational KPIs by using pre-configured templates, and add reports as needed by exploiting the dedicated monitoring data warehouse.

Reviews from Real Users

Below are some reviews and helpful feedback written by Centreon users.

PeerSpot user Thor M., CEO at a tech services company, says, "The single-pane view provides us a view of all of our network infrastructure, and it is one of the most important tools that we use to see the status of our customers' networks. It provides a nice benefit when it comes to helping align IT operations with business objectives. The top-down views, dashboards, and business context reporting are things that are nice to have because you want to be able to show the customer that everything is working, that problems have been addressed, and that you're providing value.”

Thomas C., Managing Director, Canada at Eva, comments, “The most valuable feature of the solution is the flexibility, the ability to integrate all kinds of equipment. As long as something has an IP you can monitor it. What we try to achieve all the time is not only saying a company's system is available, but to give additional data on the performance of the equipment. So the flexibility is what matters the most to us, where we can script everything. Centreon has a lot of Plugin Packs, meaning they support, by design, a lot of devices. And on top of that, we have the ability to add our own scripts and do whatever we want and display the data as we want in the central dashboards.”

Marcilio L., President at ITS Solucoes, expresses, "The dashboards are valuable because they ease troubleshooting and viewing. It becomes easier to locate the source of a problem... The dashboards make it easier to communicate with our clients. They don't want to see the alert console, they want to see a beautiful dashboard representing their network and their business and to watch it in case something is wrong in their environment."

Florent Q., Network Engineer at a computer software company, mentions, "The most valuable feature is that we can manually configure everything we need. After it comes inside the interface of Centreon, you can display it. Because the interface is quite user-friendly, you can manually configure the configuration very deeply, which is very pleasant and useful because you can monitor and see everything on your service list, dashboard, or MAP. The most useful feature for me is that you can create your own plugin and monitoring query."

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?

Comprehensive Dashboards: Provide a holistic view of security operations.
Flexible Data Ingestion: Supports various data sources for better analysis.
Robust Log Aggregation: Centralizes log management for easier monitoring.
Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
SIEM Capabilities: Integrates security information and event management.
Threat Intelligence: Utilizes external information to improve security measures.
Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
Correlation Searches: Identifies and correlates security events effectively.

What benefits or ROI should users look for?

Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
Faster Incident Response: Speeds up identification and resolution of security issues.
Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
Scalability: Adapts to growing and changing security needs.
Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Sample Customers

Airbus, Bollore, BT, Canal Plus, Kuehne Nagel, Limagrain, LVMH, Oberthur Technologies, Orange, Darty, Addax Petroleum, Plastic Omnium, Auchan, Valeo, Saint Gobin, Clarins, Hugo Boss, JC Decaux, French Government (Defense, Justice, Environment, Agriculture), OptiComm, Thales, Zeiss.

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Buyer's Guide

IT Infrastructure Monitoring

December 2024

Download Free Report

Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring. Updated: December 2024.

DOWNLOAD NOW

825,399 professionals have used our research since 2012.

We monitor all IT Infrastructure Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.