We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"It has a simplified and user-friendly interface."
"The most valuable feature of Fortinet FortiAnalyzer is its performance."
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"FortiAnalyzer has a user-friendly interface with a quick response and good analytics. It's very secure because it's taking the log from the devices on a secure channel, so there is no problem with that in your network."
"It gives us reporting features, which are helpful in the case of troubleshooting and audit purposes."
"We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network."
"The log events are quite useful for us."
"It is easy to integrate Fortinet FortiAnalyzer with other products. You have a better overview of what's going on."
"The most valuable features are how stable and easy to use Splunk is."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."
"We can easily configure things as required in relation to our use cases."
"The ability to ingest any data and display it in a way that anyone can understand."
"The speed of the search engine"
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology."
"When using this solution, you need a high-level expert to make it work as it should."
"The UI can be more user-friendly for new users."
"I'm looking for something more efficient to analyze different foreign things. That's why FortiSIEM could compete with FortiAnalyzer."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation."
"When it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering."
"From my point of view, at this time, the solution isn't lacking any features or functionalities."
"Splunk needs to be able to hold more days of data. At the moment it only holds three months of data."
"Professional support is great, but too expensive."
"It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics."
"The implementation and the scanning of the logs can be difficult."
"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
"The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"The price has room for improvement."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and Datadog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.