Splunk Enterprise Security and Datadog are both key players in the operational visibility and security metrics space. Splunk appears to have the advantage with its comprehensive real-time alerts and scalability, making it a robust option for MSSPs, while Datadog's strength lies in monitoring within cloud environments, which is appealing for infrastructure-focused organizations.
Features: Splunk Enterprise Security effectively manages vast datasets, offers customizable solutions for operational visibility, and features scalable log management with real-time alerts. Datadog provides comprehensive monitoring with powerful APM and log management, particularly within cloud environments, and offers seamless deployment across diverse infrastructures.
Room for Improvement: Splunk Enterprise Security's GUI and integration processes with cloud services can be more intuitive, and its visualization tools could have more flexibility. Datadog's billing structure is complex, and its analytics could benefit from AI for more accurate alerts, with a cost that remains a concern compared to competitors.
Ease of Deployment and Customer Service: Splunk Enterprise Security supports on-premises, public, and hybrid cloud deployments with comprehensive support resources that reduce the need for technical assistance. Datadog offers straightforward cloud-centric integration but relies on a centralized ticket system for support, which could use faster response times.
Pricing and ROI: Splunk Enterprise Security has a high pricing point, offering strong SIEM and data ingestion capabilities, presenting cost challenges for smaller organizations. Datadog's modular pricing enables tailored payments but can result in unexpected costs if not managed properly. Both solutions provide a strong ROI by enhancing operational visibility and streamlining incident management.
I have noticed a return on investment with Splunk Enterprise Security, as it delivers substantial value for money.
For smaller organizations, other products may provide better value for money.
If you want to write your own correlation rules, it is very difficult to do, and you need Splunk's support to write new correlation rules for the SIEM tool.
I have sought assistance from Splunk Enterprise Security support in the past, particularly during deployment, and they provide friendly and effective help.
The technical support for Splunk met my expectations.
They struggle a bit with pure virtual environments, but in terms of how much they can handle, it is pretty good.
It is easy to scale.
I find it easy to scale Splunk Enterprise Security for our environment.
It provides a stable environment but needs to integrate with ITSM platforms to achieve better visibility.
It is very stable.
The documentation is adequate, but team members coming into a project could benefit from more guided, interactive tutorials, ideally leveraging real-world data.
There should be a clearer view of the expenses.
Improving the infrastructure behind Splunk Enterprise Security is vital—enhanced cores, CPUs, and memory should be prioritized to support better processing power.
Data retention can be better. If we want to look at the data for five months or six months, that is not available to us. We only have a history of 20 or 30 days.
Splunk could enhance its offerings by incorporating modules for network detection and response and fraud management.
The setup cost for Datadog is more than $100.
I saw clients spend two million dollars a year just feeding data into the Splunk solution.
The platform requires significant financial investment and resources, making it expensive despite its comprehensive features.
Splunk is priced higher than other solutions.
Our architecture is written in several languages, and one area where Datadog particularly shines is in providing first-class support for a multitude of programming languages.
The technology itself is generally very useful.
This capability is useful for performance monitoring and issue identification.
Splunk Enterprise Security's most valuable features are its stability and the robust Splunk Search Processing Language.
The Splunk Enterprise Security's threat-hunting capabilities have been particularly useful in later releases.
Datadog is a comprehensive cloud monitoring platform designed to track performance, availability, and log aggregation for cloud resources like AWS, ECS, and Kubernetes. It offers robust tools for creating dashboards, observing user behavior, alerting, telemetry, security monitoring, and synthetic testing.
Datadog supports full observability across cloud providers and environments, enabling troubleshooting, error detection, and performance analysis to maintain system reliability. It offers detailed visualization of servers, integrates seamlessly with cloud providers like AWS, and provides powerful out-of-the-box dashboards and log analytics. Despite its strengths, users often note the need for better integration with other solutions and improved application-level insights. Common challenges include a complex pricing model, setup difficulties, and navigation issues. Users frequently mention the need for clearer documentation, faster loading times, enhanced error traceability, and better log management.
What are the key features of Datadog?
What benefits and ROI should users look for in reviews?
Datadog is implemented across different industries, from tech companies monitoring cloud applications to finance sectors ensuring transactional systems' performance. E-commerce platforms use Datadog to track and visualize user behavior and system health, while healthcare organizations utilize it for maintaining secure, compliant environments. Every implementation assists teams in customizing monitoring solutions specific to their industry's requirements.
Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.
Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.
What are the key features?Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.