We performed a comparison between Elastic Observability and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For full stack observability, Elastic is the best tool compared with any other tool ."
"The solution is open-source and helps with back-end logging. It is also easy to handle."
"The price is very less expensive compared to the other solutions."
"The Elastic User Interface framework lets us do custom development when needed. You need to have some Javascript knowledge. We need that knowledge to develop new custom tests."
"The solution has been stable in our usage."
"We can view and connect different sources to the dashboard using it."
"The architecture and system's stability are simple."
"Elastic APM has plenty of features, such as the Elastic server for Kibana and many additional plugins. It's a comprehensive tool when used as a logging platform."
"The client site login is pretty extensible and probably cost-effective."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"Aggregation searches have reduced time and difficulty of identifying trends and conditions which need to reviewed."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"The most valuable feature is the custom dashboard feature."
"Splunk Enterprise Security offers two valuable features: the Common Information Model and arrangement modules."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"The completeness of the solution is what we like the most."
"If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful."
"In the future, Elastic APM needs a portfolio iTool. They can provide an easy way to develop the custom UI for Kibana."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"Elastic Observability is difficult to use. There are only three options for customization but this can be difficult for our use case. We do not have other options to choose the metrics shown, such as CPU or memory usage."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"Elastic Observability’s price could be improved."
"Elastic Observability needs to have better standardization, logging, and schema."
"Improving code insight related to infrastructure and network, particularly focusing on aspects such as firewalls, switches, routers, and testing would be beneficial."
"Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding. To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this."
"The solution could use a different licensing model."
"In terms of the interface, it could include some improvements for the look and feel."
"The documentation is in definite need of improvement."
"Splunk needs local technical support."
"I think the machine learning should be emphasized. Now, it's really important to analyze Big Data, data mining. A SIEM solution, like Splunk, needs an improved data mining solution, artificial intelligence."
"The setup time is quite long."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
Elastic Observability is ranked 14th in Log Management with 22 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Elastic Observability is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our Elastic Observability vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.