Try our new research platform with insights from 80,000+ expert users

FileAudit vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FileAudit
Ranking in Log Management
43rd
Ranking in Security Information and Event Management (SIEM)
44th
Average Rating
9.0
Reviews Sentiment
7.3
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of FileAudit is 0.1%, up from 0.1% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.5%, down from 12.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

AntoSebastin - PeerSpot reviewer
A scalable SIEM solution for monitoring a user's activity in the file server
The most valuable features of the solution are its quick and simple features related to advanced permissions for files, allowing for what permission needs to be granted to the users when it comes to the monitoring folder in the solution. If someone who has been denied permission to use a particular folder tries to go to that folder, then the administrator gets a notification. In general, the administrator can easily gather and maintain records if a person who has been denied permission to a particular confidential folder tries to access it.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our customer acquires the complete report which is kept for future auditing purposes."
"Alerting upon file changes is the most valuable aspect of the product."
"It is a good and stable solution...It is a scalable solution."
"I am satisfied with the support."
"There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive."
"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."
"The most valuable feature of Splunk is the log monitoring."
"The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time."
"Overall, Splunk is among the top three SIEM tools due to its capabilities and agility in bridging business analytics with security needs."
"The two features I appreciate most in Splunk Enterprise Security are the content management system and the inter-incident review dashboard."
"The solution's most valuable features are the granularity and analysis of the logs."
 

Cons

"Whenever someone cuts and paste, it shows as "file is deleted"."
"The updates management and central management console could be improved."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"More training on PetaData using artificial intelligence techniques to identify the events which are not normal and exceptions that would help the organization identify threats and malware on the go with results."
"The biggest problem is data compression. Splunk is an outstanding product, but it is a resource hog. There should be better data compression for being able to maintain our data repositories. We end up having to buy lots of additional storage just to house our Splunk data. This is my only complaint about it."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"An improved user interface along with multi-tenancy support would be beneficial."
"I would like more assistance with use cases and help with teaching us how to use it once it's installed."
"This is not really a monitoring solution."
"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly."
"They can improve their support teams. They can also improve their capability of ingesting data from different IoT sources."
 

Pricing and Cost Advice

"FileAudit provides a trial license for 30 days, and after that, customers can choose between perpetual licensing or the annual-based licensing option offered by FileAudit."
"I assume that the pricing is reasonable, because if it was too costly, there are other alternatives."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"It is economical than other solutions."
"Splunk Enterprise Security is cheaper than competitors, but I do not know whether it is just our contract."
"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
"The pricing and licensing of the product are quite high."
"The tool's licensing is good and we haven't received any complaints from the team handling it."
"Splunk has always been on the expensive side."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about FileAudit?
It is a good and stable solution...It is a scalable solution.
What needs improvement with FileAudit?
The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks. It would be great if the aforementioned details wer...
What is your primary use case for FileAudit?
My company uses FileAudit as an SIEM solution, and it is used for monitoring the file server activity to find out what users did in the file server, which may include modifying the file, deleting i...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

CommuniCare Health Centre, DP World, BAE Systems, Moet Hennessy, Ernst & Young, Honda, Volswagon, VTech, GlakoSmithKline, Lockheed Martin, US Navy, University of Alabama, Ministry of Interior Saudi Arabia, Total
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about FileAudit vs. Splunk Enterprise Security and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.