Splunk Enterprise Security is praised for its threat intelligence, analytics, and monitoring capabilities, as well as its customizable features. Users acknowledge the need for improvements in user interface, query language, alerting, and performance. The pricing is considered high but worth the investment, with positive feedback on operational efficiency and customer support. On the other hand, Honeycomb.io is appreciated for its advanced visualization, query support, and collaborative tools. Users cite challenges with integrations, interface complexity, pricing, and support resources. The ROI is positive, with users highlighting improved performance and productivity. Customer service is highly praised for its helpfulness and responsiveness.
Features: Splunk Enterprise Security excels in threat intelligence, analytics, and scalability. It offers real-time monitoring, user-friendly interface, and detailed reporting. Honeycomb.io stands out with advanced visualization, high cardinality query support, flexible querying, and collaborative features for real-time sharing and discussion.
Pricing and ROI: Splunk Enterprise Security typically has higher setup costs compared to Honeycomb.io, but users find the value justifies the investment. Honeycomb.io offers competitive pricing and straightforward setup, with flexible licensing options to suit different needs and budgets. Splunk Enterprise Security boasts enhanced operational efficiency, threat detection, incident response, and security event visibility. In comparison, Honeycomb.io focuses on valuable insights, troubleshooting efficiency, and cost savings.
Room for Improvement: Splunk Enterprise Security users desire a more user-friendly interface and simplified search queries. They also seek enhanced alerting/reporting features and improved performance. Conversely, Honeycomb.io users want better integrations, simpler UI, more affordable pricing, and improved support/documentation.
Deployment and customer support: Some users reported varying timelines for deployment and setup with Splunk, while users had mixed feedback on the timeframe for implementing Honeycomb.io, emphasizing the importance of considering the context in which these terms are used. Splunk Enterprise Security's customer service is commended for prompt responses, knowledgeable staff, and helpful solutions. In contrast, Honeycomb.io excels in clear communication, expert assistance, and responsiveness, enhancing the overall user experience.
The summary above is based on 140 interviews we conducted recently with Splunk Enterprise Security and Honeycomb.io users. To access the review's full transcripts, download our report.
"The solution's initial setup process was straightforward since we were getting enough support from Honeycomb.io's team."
"The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data."
"The feature that we use the most is the correlation search engine within ES."
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
"We can quickly search for almost anything across many log sources in seconds."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"Easy to deploy and simple to use."
"Support is quick and competent."
"From the class that I took this week, being able to create notable events from whatever you find in the data set is pretty useful."
"The process of log scraping gets delayed on Honeycomb.io. At times, it gives false alerts to the application team."
"AngularJS/ReactJS inclusion could be made easier in GUI."
"It will be helpful for customers if they can create some real-world cases, and we can find a case study to align with. I know that Splunk has tremendous potential. We only include a tiny piece of it. There is a lot of stuff that we need to learn. If Splunk can provide more real-time examples, that will be helpful for customers."
"The UI can be difficult to understand for non-technical people."
"We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"I find the graphical options really limited and you don't have enough control over how to display the data that you want to see."
"I have concerns about the architecture as well since I can see it is not very well defined."
"It is a hugely complicated product."
Honeycomb.io is ranked 36th in Application Performance Monitoring (APM) and Observability with 1 review while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews. Honeycomb.io is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Honeycomb.io writes "A valuable solution for application teams to identify downtime and SLO-related issues". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Honeycomb.io is most compared with Grafana, Sentry, Datadog, Chronosphere and Observe, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.