Try our new research platform with insights from 80,000+ expert users

Coralogix vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coralogix
Ranking in Log Management
39th
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
9
Ranking in other categories
Application Performance Monitoring (APM) and Observability (33rd), API Management (29th), Streaming Analytics (19th), Anomaly Detection Tools (1st)
Splunk Enterprise Security
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Coralogix is 0.3%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.5%, down from 12.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer1915599 - PeerSpot reviewer
Good capabilities, has a helpful interface and is straightforward to set up
We have asked for a couple of features from the company already. What typically happens is a lot of people - and developers are one of the biggest consumers of this product - go to this product to optimize their investigation process and specific configurations. That increases our data flow at times, so the cost changes. And a lot of changes happen due to that. We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For now, we have not experienced any stability issues."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The log monitoring is good, and the dashboards that we create are beneficial."
"Coralogix scales well, and I will rate it nine out of ten."
"The solution offers very good convenience filtering."
"The initial setup is straightforward."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The solution is easy to use and to start with."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"Aggregation searches have reduced time and difficulty of identifying trends and conditions which need to reviewed."
"The compatibility with the add-ons helps us add more data in the same compatible format and use data models to elaborate and make it faster."
"You can use it to gather syslog messages from anything."
"Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations."
"We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."
"Splunk allows us to find insights that we were not able to with traditional BI tools using ETL​. It allows us to dig into raw events."
 

Cons

"The user interface is not intuitive, especially when first onboarding, and improvements could be made here."
"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions. The increasing volume of data and the resulting bandwidth charges are concerns."
"The documentation of the tool could be improved"
"From my experience, Coralogix has horrible Terraform providers."
"The user interface could be more intuitive and explanatory."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"Maybe they could make it more user-friendly."
"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system."
"Due to its high licensing cost, Splunk is out of reach for many organizations."
"Custom visualizations are real hard. While the default visualizations are good, creating enhanced visualizations are complex."
"We don't have SOAR products from Splunk. I believe that's an important piece."
"Splunk Enterprise Security offers a vast amount of information to learn and comprehend, resulting in a challenging initial learning curve."
"I do not like the pricing model. It is expensive."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"Missing capability for audio/video and image processing."
 

Pricing and Cost Advice

"We are paying roughly $5,000 a month."
"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"The cost of the solution is per volume of data ingested."
"Splunk Enterprise Security is priced lower than competitors."
"I assume that the pricing is reasonable, because if it was too costly, there are other alternatives."
"Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
"I remember Splunk being relatively affordable. Kibana was more reasonable, but you get more with Splunk. If I was suggesting something, I would probably suggest Splunk because it is better to pay a little bit more and get a lot more."
"Be upfront about your needs and expectations. Splunk is great to work with."
"Splunk Enterprise Security is affordable."
"Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms."
"Splunk is really expensive compared to all the other tools on the market, including Microsoft Sentinel."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
10%
Healthcare Company
8%
Manufacturing Company
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Coralogix?
Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.
What is your experience regarding pricing and costs for Coralogix?
The pricing is expensive. We need to reduce logs to manage costs. Despite the expense, I believe it is worth the money to have Coralogix as a tool.
What needs improvement with Coralogix?
We need to reduce the number of logs generated by our system, which are substantial. We require some form of grouping or categorization of logs to identify them better. Additionally, we find that t...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Coralogix vs. Splunk Enterprise Security and other solutions. Updated: March 2025.
845,406 professionals have used our research since 2012.