No more typing reviews! Try our Samantha, our new voice AI agent.

ELK Kibana vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ELK Kibana
Average Rating
7.2
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
405
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Featured Reviews

KJ
Engineer at Raytheon Technologies
Visualization tools are optimized providing us with increased flexibility
One area that could be improved is security. Being an open source product, if you want to add security, if you want to add authentication, you've got to use a third party plugin that may or may not cost you, or alternatively upgrade to their subscription service, which is a downside as well. I think the types of visualizations are nice, but I think there's room to add more without having to go to third party plugins to do that. Just comparing the total number of visualizations that it provides compared to Grafana, you can see that it's lacking. The UI experience isn't as rich as it is with Grafana or certain other tools. I would like to see better authentication options, typical authentication options, like active directory and LDAP as well, just a richer UI with more graph type options.
Sathis-Kumar - PeerSpot reviewer
Senior Manager at Bank of America
Helps us detect cyber threats quickly and integrate multiple feeds effectively
Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The automatic update of the graphs from a dashboard is very convenient."
"The stability of this solution is fantastic, as it has not failed us for months and we use it extensively."
"Having a tool where you can find logs that were generated months ago, and being able to search over a long period of time, is great."
"The optimization and flexibility of visualization tools."
"Some visualization tools are optimized for time series like Kibana, which allows you to do both, and we like the flexibility of being able to analyze different types of data."
"The user interface is very good, and the data visualization is simple and user-friendly."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"The features of Splunk Enterprise Security that I find most valuable include Mission Control, which I really appreciate, the way accelerated data functions, making it really fast to see, the integration with SOAR, which is something really cool and integrates with automated processes, and the way to ingest threat intelligence feeds, which is an amazing feature as well."
"Splunk Enterprise Security's most valuable features are its stability and the robust Splunk Search Processing Language, allowing extensive customization and analysis capabilities."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"Overall, Splunk is among the top three SIEM tools due to its capabilities and agility in bridging business analytics with security needs."
"I like Splunk's automated threat detection and orchestration capabilities. Splunk offers a single solution for analyzing, aggregating, correlating, monitoring, reporting, visualizing, etc. You can get all of these capabilities in one place. On top of that, it provides a cloud, testing, on-premise, and hybrid solution, giving customers more flexibility for their use cases."
"Splunk can quickly be deployed and it's not difficult to learn the solution."
"Splunk has provided a venue for us to determine student engagement during COVID, for which we didn't really have any other way except by looking at data that we captured off of our student systems and our authentication servers to see who's logging in, and who's logging out, and for how long they've been logged in."
 

Cons

"Having a kind of wizard that would help you when you are typing your search would make it easier and quicker to refine your search, and ultimately find what you are looking for."
"Security could be improved thereby avoiding the necessity of a third party plugin."
"One area that could be improved is security. Being an open source product, if you want to add security, if you want to add authentication, you've got to use a third party plugin that may or may not cost you, or alternatively upgrade to their subscription service, which is a downside as well."
"Populating data sometimes is also difficult for the user."
"This solution should allow the user to combine two indices into one graph and it should provide a unique count."
"It'd be really nice if Splunk Enterprise Security had a better and solid configuration guide."
"However, for smaller organizations, the deployment and management can be expensive, leading them to choose other SIEM tools."
"They can improve their support teams. They can also improve their capability of ingesting data from different IoT sources."
"While Splunk Enterprise Security is powerful, it presents significant complexity for users, as it's not particularly user-friendly for beginners."
"Configuring a few apps is complex, not straightforward."
". Having a trial version or more training on Splunk would be helpful."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."
 

Pricing and Cost Advice

Information not available
"Splunk Enterprise Security's pricing is competitive."
"Splunk is definitely not a cheap solution. It is an expensive product."
"The price can always be lower, but it is fair at the moment. The cost efficiencies depend on the licensing and how much data we are bringing in. We have a fairly large footprint, so it is cost-effective."
"Splunk is priced higher than other solutions."
"Splunk Enterprise Security's pricing is pretty competitive."
"We had a yearly subscription."
"It is a bit costly."
"We have an unlimited one, and we pay yearly, but I don't know how much it costs. Previously, I worked for a startup, and when they started building it up, it was complicated for them because they didn't have the budget for that many licenses. It was very costly for them. So, startups might find it a little bit problematic because of the licensing, but for bigger companies, there is no issue."
report
Use our free recommendation engine to learn which Data Visualization solutions are best for your needs.
903,067 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
14%
Manufacturing Company
9%
Computer Software Company
8%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business125
Midsize Enterprise61
Large Enterprise279
 

Questions from the Community

Ask a question
Earn 20 points
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Sprint, Grab, Volkswagen, Autopilot, Voyages-SNCF.com, Just Eat, Accenture, Dell, Verizon Wireless, Kaidee, Green Man Gaming, Compare Group, Tango, Quizlet
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Salesforce, Splunk, Apache and others in Data Visualization. Updated: June 2026.
903,067 professionals have used our research since 2012.