Try our new research platform with insights from 80,000+ expert users

ITRS Geneos vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ITRS Geneos
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
57
Ranking in other categories
Application Performance Monitoring (APM) and Observability (28th), Network Monitoring Software (46th), IT Infrastructure Monitoring (31st)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. ITRS Geneos is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 1.4%, up 1.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.5% mindshare, down 12.8% since last year.
Application Performance Monitoring (APM) and Observability
Security Information and Event Management (SIEM)
 

Featured Reviews

Sanket - PeerSpot reviewer
With the help of the solution, we can predict and prevent failures
Currently, the most valuable thing for an individual is a mobile device. Since that is where people are currently tracking everything, we have multiple applications or apps that are for various products. I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself. Using the ITRS Geneos app, we could see the error message during our travels or wherever we are. I would like to see the capacity of messages for forecasting increased. Since the NSE is the number one derivative stock exchange in the work for three consecutive years, the number of messages is important. We use the capacity planner in ITRS to forecast our data needs for the next two months. The planner is important because the volume of data we produce is becoming more and more volatile compared to when we first started using ITRS Geneos in 2014.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The NetProbe carries over 100 samplers which are capable of monitoring hardware, OS, and the application layer."
"One of the most valuable features of ITRS Geneos is the active time feature that helps with the trading applications that I support."
"This solution has helped provide relief to existing Level 2 teams, allowing them to focus efforts on in-depth problem analysis."
"Real-time log monitoring with desktop alerts is valuable as it tells us immediately when there is an issue."
"The ability to build integrations to tools that are not monitored out of the box is the most valuable feature."
"The Netprobe is so lightweight compared to the agents that most monitoring tools use. It's really superior to the competition. The agent that is used by almost every competitive tool takes a lot more system resources. It's slower and it requires a greater effort and more compromises in terms of security to install on the monitored servers. With Geneos, because it lives outside the code, it is far easier and far less taxing on the monitored systems."
"I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option."
"Geneos automatically sends email notifications when any batch job fails, the database is down or the website is down. It is automatically monitoring everything and reduces manual effort."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"Search language is easy to understand and teach to new users."
"It is lovely to have everything we need in one tool. Everything is quite centralized."
"The technical support is among the best in the market."
"It is the best tool if you have a complex environment or if data ingestion is too huge."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"Being able to aggregate detection and alerts from various sources is valuable. Like everyone else, we have a wide range of tools in our shop. We are able to stop at one spot and look at all the data. All the data is able to come through, and we can then jump from source to source or index to index. We can dig deep whenever we need to and get a good high-level understanding."
"The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports."
 

Cons

"ITRS Geneos cloud monitoring is very weak and can use improvement."
"​It needs to be easier to configure, especially with the JMX plugins.​"
"Backward compatibility with deprecated features and in system documentation on what configuration areas are needed to be updated."
"I would like better access to the data that is being collected."
"Much of the reporting outside of the user interface is very basic and requires much customization to be useful."
"Sometimes, if there is a lot of data coming onto the servers, we have observed a little bit of slowness on the gateway servers which are doing the ITRS dashboard monitoring."
"A lightweight version which could host more than 100 gateways, as we can see slowness while loading all our gateways."
"One area where there is room for improvement is the log file. I would like to be able to do a pre-run on the log files. When you are testing log files for regular expressions, it would be good to be able to do a quick check up front on that side of things before you release that into production."
"For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is better sharding, when it comes to Splunk, so that data retrieval can be faster."
"Endpoint access is the only issue I can think to mention, even though the endpoint access we have with Cisco is fine."
"I think the only thing lacking is that there are some answers that I couldn't find about the tool without reaching out to support, and it had to be escalated to the engineering team."
"The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options."
"Splunk could enhance its offerings by incorporating modules for network detection and response and fraud management, along with improving its threat intelligence management capabilities."
"The solution is expensive."
"I would like to have fraud detection features. Fraud is within the same turf as with security operations. Fraud and cybersecurity work hand in hand. I would like to have detection capabilities, or at least dashboards in Enterprise Security for fraud."
"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."
 

Pricing and Cost Advice

"I can say it's not that cheap because the licensing is a little bit costly"
"Pricing is the touchy subject, even here. Upper management always wants us to find a cheaper solution. But we have so much integrated with ITRS... It's expensive, but it does its job very well. And you set it and go."
"The product is priced quite high. There are pricing options for customers based on the size of the environment and plug-ins used by the monitoring system."
"The pricing is fairly market-related. They have been very lenient because we have been working with them for so long. An example is that we're currently migrating some of our services to AWS, and they've given us a grace period for some of the things to help with the migration and not to grow additional costs while we are migrating, but it's still on par with the market."
"The market tools are on par with this solution, but if the solution included more features, then it would be well within the range for the cost."
"Its price is reasonable. It isn't too expensive, and it isn't too cheap, but it also depends on a company's volume and negotiation."
"Pricing and licensing is based on the requirements."
"The organization is not just purchasing a license for the product, but also managing services and professional services from ITRS. Another factor is if the implementation is going to be in production, non-production, or both."
"It can be tough to determine if you are getting all of the value out of your investment at times."
"The pricing can be better. We are already considering Elastic because Splunk is too expensive. You have to pay based on per-day ingestion. There should be a more flexible model for the use cases where one day you have a huge amount, and on other days, it is quite less."
"Free Splunk license for PoCs on personal machines and the ability to scale the PoC to an enterprise level app."
"Splunk Enterprise Security is not a cheap product, but I think it is worth every dollar that you pay."
"The tool's licensing is good and we haven't received any complaints from the team handling it."
"Splunk Enterprise Security is priced lower than competitors."
"Splunk is costly but it’s worth it due to the high-end features."
"Splunk Enterprise Security is expensive."
report
Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
77%
Computer Software Company
6%
University
4%
Construction Company
1%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ITRS Geneos?
I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option.
What is your experience regarding pricing and costs for ITRS Geneos?
The pricing is high. Licensing fees might be around 500$ per server monthly.
What needs improvement with ITRS Geneos?
ITRS Geneos is a legacy system. It predicts or provides proactive measures once an issue is resolved. It doesn't offer any predictive capabilities or root cause analysis. They throw a lot of data i...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

Geneos
No data available
 

Overview

 

Sample Customers

ITRS Geneos is used by over 170 financial institutions, including JPMorgan, HSBC, RBS, Deutsche Bank and Goldman Sachs. Clients range from investment banks to exchanges and brokers.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about ITRS Geneos vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
842,767 professionals have used our research since 2012.