ClearSkies SaaS NG SIEM vs Splunk Enterprise Security comparison

ClearSkies SaaS NG SIEM vs. Splunk Enterprise Security

Download the complete report

Helped 883,448 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ClearSkies SaaS NG SIEM

Ranking in Security Information and Event Management (SIEM)

42nd

Average Rating

8.0

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

No ranking in other categories

Splunk Enterprise Security

Ranking in Security Information and Event Management (SIEM)

1st

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

380

Ranking in other categories

Log Management (2nd), IT Operations Analytics (1st)

Mindshare comparison

As of March 2026, in the Security Information and Event Management (SIEM) category, the mindshare of ClearSkies SaaS NG SIEM is 0.7%, up from 0.1% compared to the previous year. The mindshare of Splunk Enterprise Security is 7.2%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
Splunk Enterprise Security	7.2%
ClearSkies SaaS NG SIEM	0.7%
Other	92.1%

Security Information and Event Management (SIEM)

Featured Reviews

Zuhair Hasan

Manager, Information Technology Security at Nesma

Has good integration capability and provides information and events but improvement is needed in information retrieval speed

The best features are the comprehensive event collection and analysis. Once set up properly, we receive all events and information. The team analyzes our data and presents incidents to us. We can communicate with their team to escalate and resolve incidents. It has a feature we use to search for information about our environment and past incidents. This is very valuable. The integration capability is very good - the ClearSkies SaaS NG SIEM team is collaborative. We've integrated most of our systems, including EDR and NDR. They have agents to collect events from servers and assets.

Read full review

reviewer1469784

Senior Manager at a financial services firm with 10,001+ employees

Helps us detect cyber threats quickly and integrate multiple feeds effectively

Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The integration capability is very good - the ClearSkies SaaS NG SIEM team is collaborative. We've integrated most of our systems, including EDR and NDR. They have agents to collect events from servers and assets."

"The correlation rules and the user platform are most valuable."

"Its alerting is most valuable. We have alerts set up in our environment for certain attacks, such as an SQL injection attempt. We have a front-facing server for the website. It is out there, and anybody can access it. When those SQL injection attempts come in, we are able to detect that with the alert."

"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."

"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."

"Great platform with user-friendly interface and GUI."

"It has been really good at consolidating a lot of data from different sources. It's really good at generating summaries."

"Regarding scalability, Splunk Enterprise Security is way ahead compared to other products, and I would score it at the maximum."

"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."

"The solution is stable and reliable."

More Splunk Enterprise Security pros

Cons

"The main issue for improvement is the platform's slowness in presenting information. Retrieving information can take a little time when clicking on something."

"They can add behavior analytics and AI or machine learning technology. They also improve their correlation engine. In addition to collecting logs from devices, they can collect the traffic and then correlate these logs and the traffic information."

"The tool should include more real-world use case examples built out either through videos or in the community."

"We don't have SOAR products from Splunk. I believe that's an important piece."

"I would like to see the asset and identity lookups be more automatic and less manual."

"One area Splunk Enterprise Security fails to improve is the pricing aspect; while the initial pricing seems fine, the licensing cost can skyrocket over time, creating trauma for organizations."

"Data retention can be better. If we want to look at the data for five months or six months, that is not available to us."

"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."

"We've sometimes faced issues with upgrades. The incident review dashboard sometimes breaks after updates. When we add a space or something in the description or anywhere in the SQL, the drill-down value may be reset with a blank value. Before rolling out any software, they should test it thoroughly and ensure clients won't have issues with the upgraded version. It should be compatible with all or most of the apps. All major issues must be addressed before rolling out the upgrade."

"We're planning to incorporate UBA and SOAR. It would be good to have everything in one place."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"They have changed the pricing policy. Its price is competitive. Its price is less than half of the price of QRadar, LogRhythm, and Splunk."

"Regarding pricing, I'd say it's in the middle range. Pricing is very good compared to others."

"While Splunk offers generous developer licenses and obtaining annual licenses is straightforward, the cost is a major consideration."

"I work on the technical side, so I don't know precise figures. However, I know that Splunk is a premium product, so it's somewhat costly. Still, you get a lot of unique features for the money."

"Splunk Enterprise Security is not a cheap product, but I think it is worth every dollar that you pay."

"Its price is fair. Like with anything else, if you go into the cloud, different providers cost more, and you are able to throttle back or throttle up. The cost is comparable with anything else."

"Splunk Enterprise Security is a worthwhile investment given the comprehensive range of features it offers."

"We have seen ROI and improvements as we have continued to use the product, but they are more reactive."

"The pricing is based on the volume of data fed into it, which can lead to substantial costs. This pricing model is complex and unpredictable, making cost management difficult."

"Splunk Enterprise Security is expensive."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

883,448 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

No data available

Financial Services Firm

12%

Computer Software Company

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	112
Midsize Enterprise	50
Large Enterprise	266

Questions from the Community

What is your experience regarding pricing and costs for ClearSkies SaaS NG SIEM?

Regarding pricing, I'd say it's in the middle range. Pricing is very good compared to others.

What needs improvement with ClearSkies SaaS NG SIEM?

The main issue for improvement is the platform's slowness in presenting information. Retrieving information can take a little time when clicking on something.

What is your primary use case for ClearSkies SaaS NG SIEM?

I use the solution as a SIEM and managed SOC. It collects events and incidents from all our systems like, EDR, NDR, servers, and switches. The managed SOC team raises incidents for us to review and...

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

Sumo Logic Security vs ClearSkies SaaS NG SIEM

Comparisons

Compared 10% of the time

IBM Security QRadar vs ClearSkies SaaS NG SIEM

Compared 8% of the time

Snare vs ClearSkies SaaS NG SIEM

Compared 7% of the time

Logsign Next-Gen SIEM vs ClearSkies SaaS NG SIEM

Compared 6% of the time

OpenText Enterprise Security Manager vs ClearSkies SaaS NG SIEM

Compared 6% of the time

More ClearSkies SaaS NG SIEM Competitors

IBM Security QRadar vs Splunk Enterprise Security

Compared 10% of the time

Wazuh vs Splunk Enterprise Security

Compared 5% of the time

Sentinel vs Splunk Enterprise Security

Compared 5% of the time

Dynatrace vs Splunk Enterprise Security

Compared 3% of the time

Elastic Security vs Splunk Enterprise Security

Compared 3% of the time

More Splunk Enterprise Security Competitors

Product Reports

Security Information and Event Management (SIEM)

Download ClearSkies SaaS NG SIEM product report

Splunk Enterprise Security

Download Splunk Enterprise Security product report

Also Known As

ClearSkies NG SIEM

No data available

Overview

ClearSkies™ Software-as-a-Service is a fast, robust, scalable and flexible Next Generation SIEM solution. It provides real-time correlation of log data combined with evidence-based knowledge of emerging threats and vulnerabilities, thus allowing the early detection of and response to targeted attacks and data breaches.

Odyssey Cybersecurity

Splunk Enterprise Security delivers powerful log management, rapid searches, and intuitive dashboards, enhancing real-time analytics and security measures. Its advanced machine learning and wide system compatibility streamline threat detection and incident response across diverse IT environments.

Splunk Enterprise Security stands out in security operations with robust features like comprehensive threat intelligence and seamless data integration. Its real-time analytics and customizable queries enable proactive threat analysis and efficient incident response. Integration with multiple third-party feeds allows detailed threat correlation and streamlined data visualization. Users find the intuitive UI and broad compatibility support efficient threat detection while reducing false positives. Despite its strengths, areas such as visualization capabilities and integration processes with cloud environments need enhancement. Users face a high learning curve, and improvements in automation, AI, documentation, and training are desired to maximize its potential.

What Are the Key Features of Splunk Enterprise Security?

Log Management: Efficiently manages and organizes a vast amount of logs for better data handling.
Rapid Data Search: Quickly retrieves relevant data for fast decision-making.
Flexible Dashboards: Customizable dashboards provide clear data visualization.
Comprehensive Threat Intelligence: Offers detailed insights to preemptively defend against threats.
Real-Time Analytics: Analyzes data in real-time to enhance response times.
Integration with Third-Party Feeds: Streamlines information flow from multiple sources.

What Benefits Should Users Investigate in Reviews?

Efficient Incident Response: Enhances the ability to respond promptly to threats.
False Positive Reduction: Minimizes incorrect threat alarms, making monitoring more efficient.
Threat Detection Speed: Accelerates the identification and evaluation of security threats.
Cost-Effectiveness: Potential savings through better licensing options and operational efficiency.
User Adaptability: Enhancements in documentation and training resources aid in overcoming the learning curve.

In specific industries like finance and healthcare, Splunk Enterprise Security is instrumental for log aggregation, SIEM functionalities, and compliance monitoring. Companies leverage its capabilities for proactive threat analysis and response, ensuring comprehensive security monitoring and integration with various tools for heightened operational intelligence.

Splunk

Sample Customers

Information Not Available

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

ClearSkies SaaS NG SIEM vs. Splunk Enterprise Security