No more typing reviews! Try our Samantha, our new voice AI agent.

ELK Kibana vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ELK Kibana
Average Rating
7.2
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
408
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Featured Reviews

KJ
Engineer at Raytheon Technologies
Visualization tools are optimized providing us with increased flexibility
One area that could be improved is security. Being an open source product, if you want to add security, if you want to add authentication, you've got to use a third party plugin that may or may not cost you, or alternatively upgrade to their subscription service, which is a downside as well. I think the types of visualizations are nice, but I think there's room to add more without having to go to third party plugins to do that. Just comparing the total number of visualizations that it provides compared to Grafana, you can see that it's lacking. The UI experience isn't as rich as it is with Grafana or certain other tools. I would like to see better authentication options, typical authentication options, like active directory and LDAP as well, just a richer UI with more graph type options.
Sathis-Kumar - PeerSpot reviewer
Senior Manager at Bank of America
Helps us detect cyber threats quickly and integrate multiple feeds effectively
Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Some visualization tools are optimized for time series like Kibana, which allows you to do both, and we like the flexibility of being able to analyze different types of data."
"Having a tool where you can find logs that were generated months ago, and being able to search over a long period of time, is great."
"The automatic update of the graphs from a dashboard is very convenient."
"The stability of this solution is fantastic, as it has not failed us for months and we use it extensively."
"The optimization and flexibility of visualization tools."
"The user interface is very good, and the data visualization is simple and user-friendly."
"Splunk Enterprise Security's most valuable features are its stability and the robust Splunk Search Processing Language, allowing extensive customization and analysis capabilities."
"You're in for a nice surprise, Splunk is fun, easy to use, and will give you the results you are looking for and more."
"We can easily configure things as required in relation to our use cases."
"Splunk simplifies real-time problem identification and resolution by seamlessly integrating existing customer and vendor systems."
"Splunk ITSI (IT Service Intelligence) has very good capability of storing, analyzing, and searching compared to other tools."
"Splunk is one of the top SIEM solutions to work with."
"We did not encounter any issues with scalability. It is almost seamless to add new index (storage) or search (used to analyze the data) nodes to the cluster."
"It provides a lot of analytics with the underlying AI engine, and it is a lot easier than other solutions."
 

Cons

"This solution should allow the user to combine two indices into one graph and it should provide a unique count."
"Having a kind of wizard that would help you when you are typing your search would make it easier and quicker to refine your search, and ultimately find what you are looking for."
"One area that could be improved is security. Being an open source product, if you want to add security, if you want to add authentication, you've got to use a third party plugin that may or may not cost you, or alternatively upgrade to their subscription service, which is a downside as well."
"Populating data sometimes is also difficult for the user."
"Security could be improved thereby avoiding the necessity of a third party plugin."
"The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side."
"Splunk Enterprise Security is a very mature platform, but there are a few areas where I think it can improve."
"Splunk should align its security principles with those of other vendors like SentinelOne. Splunk has mature APIs that can communicate with various security applications and devices. Splunk can process more to produce an understandable dashboard."
"It needs documentation, and "how-to-do" information. It's complicated to build reports and views."
"Splunk Enterprise Security can be improved with more AI in the commands and more help in the commands, as not all people know how to write code in SPL, and we need more help in this area."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"Splunk Enterprise Security would benefit from a more robust rule engine to reduce false positives."
"Improving the infrastructure behind Splunk Enterprise Security is vital—enhanced cores, CPUs, and memory should be prioritized to support better processing power. When we execute heavy, resource-intensive queries over long periods, the performance dips."
 

Pricing and Cost Advice

Information not available
"We have had a reduction in the time it takes to resolve issues and correlate what has failed."
"Splunk Enterprise Security is cheaper than competitors, but I do not know whether it is just our contract."
"The pricing can be better. We are already considering Elastic because Splunk is too expensive. You have to pay based on per-day ingestion. There should be a more flexible model for the use cases where one day you have a huge amount, and on other days, it is quite less."
"Splunk Enterprise Security is expensive. I would rate the cost an eight out of ten with ten being the most expensive."
"Be upfront about your needs and expectations. Splunk is great to work with."
"It is not cheap."
"Splunk can be expensive, as its licensing is based on the daily data ingestion volume."
"Setup cost is cheap: It is free, it is user-friendly, and it is fast."
report
Use our free recommendation engine to learn which Data Visualization solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
13%
Manufacturing Company
9%
Computer Software Company
8%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business129
Midsize Enterprise62
Large Enterprise282
 

Questions from the Community

Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Sprint, Grab, Volkswagen, Autopilot, Voyages-SNCF.com, Just Eat, Accenture, Dell, Verizon Wireless, Kaidee, Green Man Gaming, Compare Group, Tango, Quizlet
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Salesforce, Splunk, Apache and others in Data Visualization. Updated: June 2026.
903,933 professionals have used our research since 2012.