Try our new research platform with insights from 80,000+ expert users

Coralogix vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coralogix
Ranking in Log Management
39th
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
9
Ranking in other categories
Application Performance Monitoring (APM) and Observability (33rd), API Management (29th), Streaming Analytics (19th), Anomaly Detection Tools (1st)
Splunk Enterprise Security
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
306
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Coralogix is 0.3%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.5%, down from 12.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer1915599 - PeerSpot reviewer
Good capabilities, has a helpful interface and is straightforward to set up
We have asked for a couple of features from the company already. What typically happens is a lot of people - and developers are one of the biggest consumers of this product - go to this product to optimize their investigation process and specific configurations. That increases our data flow at times, so the cost changes. And a lot of changes happen due to that. We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The solution is easy to use and to start with."
"Coralogix scales well, and I will rate it nine out of ten."
"A non-tech person can easily get used to it."
"For now, we have not experienced any stability issues."
"The initial setup is straightforward."
"The log monitoring is good, and the dashboards that we create are beneficial."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"It is lovely to have everything we need in one tool. Everything is quite centralized."
"Splunk Enterprise Security offers valuable features like seamless integration and a SQL-standard Structured Query Language for easy searching."
"The product is good, it satisfies our customers."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"I have not seen any outages in the product in the past two years that it has been running in our company, so I think it is good when it comes to the stability part."
"Splunk allows us to find insights that we were not able to with traditional BI tools using ETL​. It allows us to dig into raw events."
"Search language is easy to understand and teach to new users."
"I find it beneficial that Splunk Enterprise Security easily integrates with other tools. Due to its excellent API capabilities, it facilitates connections with various cybersecurity tools."
 

Cons

"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions. The increasing volume of data and the resulting bandwidth charges are concerns."
"The documentation of the tool could be improved"
"Maybe they could make it more user-friendly."
"From my experience, Coralogix has horrible Terraform providers."
"The user interface could be more intuitive and explanatory."
"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"The user interface is not intuitive, especially when first onboarding, and improvements could be made here."
"An improved user interface along with multi-tenancy support would be beneficial."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"We'd like to have the number of devices covered under the license to be increased."
"Could be more user friendly."
"More control with Splunk Cloud as it seems a bit limited. I used to manage an on-premise instance of Splunk Enterprise and really liked having more control over it."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
 

Pricing and Cost Advice

"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"The cost of the solution is per volume of data ingested."
"We are paying roughly $5,000 a month."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"Splunk Enterprise Security is priced lower than competitors."
"It's a yearly subscription."
"Splunk Enterprise Security is affordable."
"The variables and the flexibility that Splunk provides are helpful, especially in a hybrid and multi-cloud environment."
"It's definitely worth it."
"It would be nice if the pricing were cheaper. However, we did purchase it."
"The licensing costs are high for Splunk Enterprise Security."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
848,989 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
10%
Manufacturing Company
8%
Healthcare Company
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Coralogix?
Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.
What is your experience regarding pricing and costs for Coralogix?
The pricing is expensive. We need to reduce logs to manage costs. Despite the expense, I believe it is worth the money to have Coralogix as a tool.
What needs improvement with Coralogix?
We need to reduce the number of logs generated by our system, which are substantial. We require some form of grouping or categorization of logs to identify them better. Additionally, we find that t...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Coralogix vs. Splunk Enterprise Security and other solutions. Updated: April 2025.
848,989 professionals have used our research since 2012.