Try our new research platform with insights from 80,000+ expert users

Google Chronicle Suite vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

Google Chronicle Suite
Ranking in Security Information and Event Management (SIEM)
17th
Average Rating
8.0
Number of Reviews
9
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Google Chronicle Suite is 3.5%, up from 0.5% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.9%, down from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

AniketGoyal - PeerSpot reviewer
Sep 17, 2024
Seamless integration and advanced threat intelligence with good data management
I am an implementation architect, so I have admin access to Google Chronicle. Google Chronicle is a SIEM tool that collects and stores data from various sources, such as network logs, cloud logs, device logs, security logs, and audit logs. It offers four types of ingestion: forwarder, cloud…
Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The dashboards are clean and clearly written, making it easy to use and understand."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The support team is responsive."
"Google Chronicle Suite provides useful APIs."
"The log folder is fairly simple."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"The risk-based alerting is excellent."
"It is a very stable solution. I never really had a hiccup with the tool."
"The solution has proven to be quite stable."
"The ability to manage large amounts of generated data and to protect all devices from unauthorized use are the most valuable features."
"The SIEM is the most valuable feature of the product."
"The initial setup is really straightforward. It's one of the easiest installations."
 

Cons

"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool is complicated for a first-time user. It should also include newer APIs."
"The configuration is not optimal."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"The product's default dashboard feature has a few limitations regarding availability."
"A few areas are difficult to understand for someone who has less experience using the product."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"It'd be really nice if Splunk Enterprise Security had a better and solid configuration guide."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"Splunk is very expensive. The license is based on the volume of the logs ingested. I was responsible for managing the contract with our service integrator. I don't know the precise details of the competing solution, but I have heard that Splunk is more expensive than others. I don't know what the going rate is on the market, but I think there are at least two competitors that are less expensive. We have experienced a few issues with our service providers in terms of log filtering and ingestion, so we continue to pay a bit more per day for our logs."
"The Splunk platform is not unified. We have all of these different tools and they feel a bit disjointed."
"Delays in responses from the technical team can pose challenges for both vendors and clients, especially considering that Splunk applications and machine solutions are critical assets."
"We usually have to follow up with technical support on our open cases."
"From the commercial point of view, they have to bring down their costs."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
 

Pricing and Cost Advice

"The tool is cheaper than Microsoft Sentinel."
"The solution's pricing is dependent on the data amount."
"Compared to other solutions, Google Chronicle Suite's pricing is fine."
"We have to pay extra charges for the amount of data transfer and technical support services."
"The price of Splunk is too high for our market."
"Splunk Enterprise Security's pricing is pretty competitive."
"Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms."
"While Splunk offers generous developer licenses and obtaining annual licenses is straightforward, the cost is a major consideration."
"The solution is costly."
"Splunk is a bit pricier, but the benefits and ROI are huge."
"Splunk is really expensive compared to all the other tools on the market, including Microsoft Sentinel."
"I believe there is room for improvement in reducing costs, particularly in the financial aspect, as Splunk tends to be pricier compared to other options."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
13%
Retailer
8%
Manufacturing Company
6%
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Google Chronicle Suite?
Google Chronicle Suite is a highly scalable solution with good search capabilities.
What needs improvement with Google Chronicle Suite?
The tool is perfectly fine, and I have not faced any challenges while using it.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Google Chronicle Suite vs. Splunk Enterprise Security and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.