Try our new research platform with insights from 80,000+ expert users

Everbridge IT Alerting vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Everbridge IT Alerting
Average Rating
8.8
Number of Reviews
23
Ranking in other categories
IT Alerting and Incident Management (9th)
Splunk Enterprise Security
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Systems Management solutions, they serve different purposes. Everbridge IT Alerting is designed for IT Alerting and Incident Management and holds a mindshare of 13.5%, up 8.6% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 10.9% mindshare, down 14.3% since last year.
IT Alerting and Incident Management
Security Information and Event Management (SIEM)
 

Featured Reviews

CQ
Nov 11, 2019
We have seen substantial savings with its usage as it drives down our MTTR
The automated escalations are the most valuable feature. We program in our escalation chains for each individual IT group. Being able to go out and request a resource from that team, and if they don't respond, that automated escalation makes it very hands off. So, our major incident managers and our network operations center can focus more on the other work that they need to do rather than chasing down those resources. They can rest assured that somebody will be answering. Another valuable feature is the ease of integration into our ServiceNow platform, where we are doing all of our work between two teams. They are able to make requests from within the tickets that we can manage rather than having to use another portal or logging into Everbridge directly. Reliability is their biggest value.
Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The email integration, the ability to launch from other programs using email triggers, was the primary reason we got the solution and it's been really helpful"
"Even in the first few months, we realized some of those benefits around shortening the time to resolution."
"You can program in rotations, shifts, and scenarios of different kinds and it allows you to page multiple people, or people in sequence, or a group of people simultaneously."
"By leveraging Everbridge, with a few clicks of a mouse, we are able to go in and request as many teams as we require to respond to an incident and bring them together to collaborate much faster."
"Valuable features include incident management and ease of integrations."
"The most important feature, from our perspective, is the integration with our ticketing system. That eliminates wasted motion and time in drafting and sending and finding the right distribution list."
"The rotation and replacement options save our managers a lot of time."
"With SaaS, we can implement in other regions without having to physically go to there."
"The graph visualization is the most valuable feature."
"It has virtual visualization, and other products do not."
"Splunk Enterprise Security has helped speed up our security investigations."
"Splunk is user-friendly. We can easily customize the monitoring script."
"The initial setup is really straightforward. It's one of the easiest installations."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"It allows us to digest the information, the data, the different data streams, so we can make decisions based upon information that we receive, and it is pretty robust."
"It has increased our business resilience. It's a top-of-the-line SIEM security product. It's the best tool for our security analysts which helps them do their job better. That then protects our company from adversary actors."
 

Cons

"Lacks ability to customize messages."
"One thing that could be improved would be to enable the mobile app to more easily display published calendars via the Member Portal. Currently, it is quite difficult."
"The solution's non-targeted communication with external parties could be enhanced."
"You have to create schedules in Everbridge. It would be better if it could tie into an existing solution, such as Microsoft Exchange or Google Calendar, so that you don't have to create it in both places. That's one thing it lacks right now. You can't just say, "Hey, look at this Microsoft calendar. That's what we want to use." You have to create it in Everbridge."
"The ability for members to change their schedules, and change the person their swapping with, could use improvement. The GUI is a little tough to navigate. It's not very straightforward when someone is trying to change schedules."
"An ability to get to the database that houses our information would be great. Currently, we are at the mercy of Everbridge and, if they do not have the function built, we cannot gather the information that we would like."
"The ability to not have to worry about the IT alerting and calendar resources. I would like it to be simpler in the sense of a different cost structure."
"It could use more enhancement type integrations, but no improvements to functionality are needed."
"The user interface is not user-friendly for non-technical users."
"Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling."
"For us, the area that Splunk Enterprise Security can improve is performance optimization."
"Their technical support sucks."
"It's missing some features that other solutions have, such as the ability to upgrade the endpoint and perform endpoint universal forwarders from a deployment server instead of using a third-party solution, such as Puppet or Ansible."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"The glass table feature does not perform as expected."
 

Pricing and Cost Advice

"For the one-way license, which refers to someone is just on the receiving end, it's very affordable. I was actually surprised that it was a really good price. The two-way license, like an on-call resource who is actually going to be in a calendar and be paged, it is a bit more expensive, but for the gains that we've realized, it's certainly worth the price."
"I do not know about the licensing costs, but I know they're in groups, and there are permission caps. For example, you can have five admin accounts, and anyone can receive a notification. There's a mobile component too, which I find particularly useful, but it has to be a part of the contract."
"Licensing cost is driven largely by the number of users in the platform including admins, group managers, and message senders, so you want to consider your needs there."
"Pricing is reasonable."
"For us, the pricing is a good value. I can't say whether or not their list pricing looks favorable to everyone who's checking, but I can say that the process of sourcing and procurement with them was very professional, comfortable, and friendly. The negotiations were done well on both sides, and in the end, I'd say the price was very effective... I think that people will find that Everbridge is a great listener and is willing to meet in the middle."
"Everbridge is not an inexpensive tool, but as the adage says, you get what you pay for."
"They are one of the cheapest solutions on the market. We looked at all of the major competitors in the space. Everbridge was one of the most affordable for what they are offering."
"The annual cost is $125,000 USD. That is for everything. It includes the 11,000 mass notifications. Technically, we have 500 licenses for IT Alerting."
"Luckily, we come under a large federal agency, and before the pandemic, they signed a large enterprise license agreement. It worked out great and to our advantage because we are a small organization. We got a 300 gig license, and we just did not have the buying power to be able to get products cheaply. Because we all partnered together under the agency umbrella, we were able to get Splunk Enterprise Security, UBA, and ITSI for cheap. This was good considering the fact that some of these premium apps require a minimum number of users, and we do not have the number of people needed to even justify buying it."
"It's a little bit expensive for a small to medium enterprise."
"It is expensive, but it is a good tool. It is worth the cost."
"We had a yearly subscription."
"I think that most of the monitoring solutions are expensive."
"I remember Splunk being relatively affordable. Kibana was more reasonable, but you get more with Splunk. If I was suggesting something, I would probably suggest Splunk because it is better to pay a little bit more and get a lot more."
"The pricing modules could be improved."
"My experience with the solution's setup cost, pricing, and licensing was really good."
report
Use our free recommendation engine to learn which IT Alerting and Incident Management solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
14%
Healthcare Company
10%
Government
10%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Everbridge IT Alerting?
It's mainly for mass notification and pooling of contacts. Pooling of customers is valuable.
What needs improvement with Everbridge IT Alerting?
The solution's non-targeted communication with external parties could be enhanced.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

Choice Hotels, Alexion, Navy Federal Credit Union, EastWest Bank, IBM, Core Logic, Paypal, Charter Communications, Lowes, Express Scripts, Finastra, Worldpay
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about PagerDuty, Atlassian, Splunk and others in IT Alerting and Incident Management. Updated: October 2024.
814,763 professionals have used our research since 2012.