Try our new research platform with insights from 80,000+ expert users

ITRS Geneos vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ITRS Geneos
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
57
Ranking in other categories
Application Performance Monitoring (APM) and Observability (29th), Network Monitoring Software (46th), IT Infrastructure Monitoring (31st)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
306
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. ITRS Geneos is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 1.4%, up 1.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.5% mindshare, down 12.8% since last year.
Application Performance Monitoring (APM) and Observability
Security Information and Event Management (SIEM)
 

Featured Reviews

Sanket - PeerSpot reviewer
With the help of the solution, we can predict and prevent failures
Currently, the most valuable thing for an individual is a mobile device. Since that is where people are currently tracking everything, we have multiple applications or apps that are for various products. I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself. Using the ITRS Geneos app, we could see the error message during our travels or wherever we are. I would like to see the capacity of messages for forecasting increased. Since the NSE is the number one derivative stock exchange in the work for three consecutive years, the number of messages is important. We use the capacity planner in ITRS to forecast our data needs for the next two months. The planner is important because the volume of data we produce is becoming more and more volatile compared to when we first started using ITRS Geneos in 2014.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option."
"One thing we're utilizing in Geneos is the Gateway-SQL. That's really helpful for us. Using Gateway-SQL, we are able to merge two different views into one. Suppose we have to check something in the log and that we have to check something in the database and do a comparison before publishing a result. We can achieve that using Gateway-SQL."
"Custom script toolkits"
"The ability to logically normalize data gathered from multiple types of sources via pre-built plugins is extremely powerful. This functionality, coupled with the ability to import custom data via the Toolkit plugin allows Geneos to be leveraged to monitor every system in the enterprise."
"It's a very powerful application monitoring tool across the industry. Many free, open-source tools are available. There are also paid tools, but ITRS Geneos is a real-time application monitoring tool where the user can monitor, self-configure, and manage alerts through their console."
"This tool allows one to analyse, integrate and customize as per the systems and allows you to set your own rules."
"The ability to completely tailor and customize what it's monitoring is one of its strongest points. A lot of other monitoring tools are good at certain things, but one of my colleagues described it as the “Swiss Army Knife” of monitoring tools. It can do anything you want."
"One of the most valuable features is that it can be configured by non-developers. It doesn't require development expertise to configure it."
"The most valuable features of the solution are it is straightforward to use and the documentation is good for finding out how to get the data you are looking for."
"You can check up on security from the dashboards."
"Splunk Enterprise Security helped improve our organization’s ability to ingest and normalize data."
"I am enjoying our implementation of risk-based alerting. That has helped very much with cutting out a lot of the noise that we have. It has reduced our alert volume significantly. There is about an 80% reduction."
"Visualizations helped the organisation with a better understanding of its KPIs."
"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."
"Our clients are easily able to modify and evolve their implementations."
"Splunk Enterprise Security is a standard solution providing good customer service and partnership."
 

Cons

"For the solution to stay relevant in the cloud-based monitoring environment Geneos needs more plug-ins with more features. Instead of offering clients workarounds, the solution should have a cloud-based out-of-the-box version."
"The main feature that needs work is the Dashboard designer."
"Backward compatibility with deprecated features and in system documentation on what configuration areas are needed to be updated."
"There is one drawback to using lightweight data collection: we lack the feature of observability based on time series, such as historical model data. This makes it difficult to view data in ITRS. ITRS needs to improve this feature."
"Mobile phone integration is probably not as rich as it could be."
"Much of the reporting outside of the user interface is very basic and requires much customization to be useful."
"ITRS Geneos cloud monitoring is very weak and can use improvement."
"Their cloud monitoring solution needs to be improved. I have already given them the feedback that it's not capable of meeting the latest technology needs."
"Sometimes, there is latency in the logs."
"If it could be made available as a service, this would be much better than as a product."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"The main issue that I have with it is that the field transformations sometimes overlap with those in Splunk Enterprise, and then you get permissions issues that lead to troubles."
"The product must improve insider threat detection."
"The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
"The glass table feature does not perform as expected."
 

Pricing and Cost Advice

"Pricing and licensing is based on the requirements."
"Pricing is the touchy subject, even here. Upper management always wants us to find a cheaper solution. But we have so much integrated with ITRS... It's expensive, but it does its job very well. And you set it and go."
"The pricing is fairly market-related. They have been very lenient because we have been working with them for so long. An example is that we're currently migrating some of our services to AWS, and they've given us a grace period for some of the things to help with the migration and not to grow additional costs while we are migrating, but it's still on par with the market."
"When I first came in, their pricing was very high. ITRS had a high expectation of what their price should be based on perceived value. I think they have been realizing, more recently, that there are other competitors, so their pricing is a lot better. Licensing for on-premise is okay, however I feel there is quite some work to be done for cloud and containers. We're still working with them to try and work out what that pricing should look like."
"You will get the best price if you get a single global deal."
"I can say it's not that cheap because the licensing is a little bit costly"
"Given our spend and the amount of service we have in it, the pricing is quite reasonable."
"The product is priced quite high. There are pricing options for customers based on the size of the environment and plug-ins used by the monitoring system."
"Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
"Splunk is a bit pricier, but the benefits and ROI are huge."
"As a team, we prefer the old pricing model with a perpetual license. We are still evaluating the whole subscription-based model."
"Pricing can be a limiting factor. You have to continuously tune what you are bringing in and make sure what you bring in is of value."
"Some of the insights that we have obtained as a part of using Splunk have greatly helped us in increasing our revenue in terms of selling our products."
"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."
"It's a little bit expensive for a small to medium enterprise."
"Our customers often complain that the price of Splunk is too high."
report
Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
76%
Computer Software Company
6%
University
4%
Construction Company
2%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ITRS Geneos?
I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option.
What is your experience regarding pricing and costs for ITRS Geneos?
The pricing is high. Licensing fees might be around 500$ per server monthly.
What needs improvement with ITRS Geneos?
ITRS Geneos is a legacy system. It predicts or provides proactive measures once an issue is resolved. It doesn't offer any predictive capabilities or root cause analysis. They throw a lot of data i...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

Geneos
No data available
 

Overview

 

Sample Customers

ITRS Geneos is used by over 170 financial institutions, including JPMorgan, HSBC, RBS, Deutsche Bank and Goldman Sachs. Clients range from investment banks to exchanges and brokers.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about ITRS Geneos vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
848,716 professionals have used our research since 2012.