ITRS Geneos vs Splunk Enterprise Security comparison

The compared ITRS and Splunk solutions aren't in the same category. ITRS is ranked #19 in APM , with an average rating of 7.6, and holds a 1.4% mindshare in the category. Splunk is ranked #1 in SIEM , with an average rating of 8.4, and holds a 11.2% mindshare. Additionally, 96% of ITRS users are willing to recommend the solution, compared to 93% of Splunk users who would recommend it.

ITRS Geneos

Read 57 ITRS Geneos reviews

3,823 Views
2,114 Comparison Views

96% willing to recommend

Splunk Enterprise Security

Read 301 Splunk Enterprise Security reviews

16,171 Views
13,494 Comparison Views

93% willing to recommend

ITRS Geneos

Splunk Enterprise Security

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between ITRS Geneos and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two Application Performance Monitoring (APM) and Observability solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed ITRS Geneos vs. Splunk Enterprise Security Report (Updated: May 2023).

Buyer's Guide

ITRS Geneos vs. Splunk Enterprise Security

May 2023

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

ITRS Geneos

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (19th), Network Monitoring Software (26th), IT Infrastructure Monitoring (20th)

Splunk Enterprise Security

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

301

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. ITRS Geneos is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 1.4%, up 1.2% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 11.2% mindshare, down 15.0% since last year.

Application Performance Monitoring (APM) and Observability

Security Information and Event Management (SIEM)

Featured Reviews

Durai CT

Head FM Monitoring at a financial services firm with 10,001+ employees

A stable, scalable, and flexible monitoring tool

Real-time data is one of the unique features that ITRS Geneos offers. For example, if there is an impact on a particular server and a particular application, I want to see what the impact is or what the CPU or hardware usage information is, as well as the service in the same application. I can see the real-time data and the impact by accessing ITRS Geneos and looking at the tree. I don't want a tool that tells me when something is broken. I want the tool to tell me when something is going to break. That is the difference between ITRS Geneos and other tools. I want proactive monitoring, not reactive. I don't need to be notified after the fact that something has broken. If something is broken, I get a notification by email, and some of my customers are going to call me. ITRS Geneos provides proactive monitoring. The great advantage of this tool is real-time monitoring. ITRS Geneos not only alerts us but also gives us a real-time view of the data. This is the tool's first great advantage. It is also lightweight and flexible and can adapt to monitor even low-latency systems, which is the tool's second advantage. Another great feature of this tool is its good presentation layer, which allows us to build custom dashboards to present to business stakeholders. This gives them a high-level status of what is being monitored. If we compare ITRS Geneos to other tools, we will find that each one specializes in a specific area, but the ITRS Geneos tool is more comprehensive. This is its great advantage.

Read full review

Avinash Gopu.

Associate VP & Cyber Security Specialist at US Bank

Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations

There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Custom script toolkits"

"The NetProbe carries over 100 samplers which are capable of monitoring hardware, OS, and the application layer."

"The Netprobe is so lightweight compared to the agents that most monitoring tools use. It's really superior to the competition. The agent that is used by almost every competitive tool takes a lot more system resources. It's slower and it requires a greater effort and more compromises in terms of security to install on the monitored servers. With Geneos, because it lives outside the code, it is far easier and far less taxing on the monitored systems."

"Ability to monitor logs for potential issues to prevent app outages before problems get a chance to arise. That's invaluable for our teams in a fast-paced trading environment."

"The remarkable feature of Geneos is the dashboard. Geneos' flexible dashboard sets it apart from other monitoring tools. Other solutions have limitations in their dashboard design and can't be customized as much. The Geneos dashboard allows unlimited creativity."

"ITRS uses SNMP to communicate with our devices as well as SNMP net probes installed on our servers."

"The built-in plug-ins allow administrators to easily configure monitoring components for market data systems such as Thomson Reuters Enterprise Platform and SRLabs Wombat (formerly NYSE)."

"The flexibility of the product is most valuable. It is highly customizable. If you put your mind to it and think of something you could do, there's a good possibility you can get it integrated within the console, if it's not readily available. The simplicity or ease of customization has been valuable."

More ITRS Geneos pros

"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."

"It helped us consolidate all our solutions into an easy tool to use for various employees."

"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."

"We can do things in minutes instead of days."

"The search engine and indexes are fast and optimized, and the report generation dashboard is user-friendly."

"I like the search feature and the indexing. It's very fast and comprehensive."

"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."

"If properly built, I'm very impressed with the stability of Splunk ES."

More Splunk Enterprise Security pros

Cons

"One thing that could be improved in terms of rapid scaling would be more ability to clone aspects of an implementation. It seems like there are opportunities in this area, where we have repetitive tasks to do when it comes to implementing things on new servers or on new gateways. It would be great if there was an easy way to clone something that had already been done."

"I would like better access to the data that is being collected."

"ITRS Geneos cloud monitoring is very weak and can use improvement."

"There is a part of the rules for monitoring alerts. I want to understand more about how to choose the samples and the requirements for the rules. That is the part that I want to understand better and get better training for."

"The ITA, the post-incident analytics, could be improved."

"I would like to see ITRS integrate its setup editor with a SVN to check-in setup XML after major changes."

"I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself."

"Backward compatibility with deprecated features and in system documentation on what configuration areas are needed to be updated."

More ITRS Geneos cons

"Writing queries is a bit complicated sometimes."

"We usually have to follow up with technical support on our open cases."

"I'd like to see more integration with more antivirus systems."

"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now."

"The Web Application Firewall will send you too much information because it's more dedicated to security than a normal firewall."

"The user experience could be improved."

"We had some connections issues with the solution at the beginning."

"Splunk should align its security principles with those of other vendors like SentinelOne. Splunk has mature APIs that can communicate with various security applications and devices. Splunk can process more to produce an understandable dashboard."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"Its price is reasonable. It isn't too expensive, and it isn't too cheap, but it also depends on a company's volume and negotiation."

"The product is priced quite high. There are pricing options for customers based on the size of the environment and plug-ins used by the monitoring system."

"ITRS Geneos is not a cheap tool. It's a moderate price for the banking industry. The reason we are not able to add the ITRS monitoring tool for the non-banking industries, and non-finance industries, is that the pricing is too high."

"When I first came in, their pricing was very high. ITRS had a high expectation of what their price should be based on perceived value. I think they have been realizing, more recently, that there are other competitors, so their pricing is a lot better. Licensing for on-premise is okay, however I feel there is quite some work to be done for cloud and containers. We're still working with them to try and work out what that pricing should look like."

"Given our spend and the amount of service we have in it, the pricing is quite reasonable."

"The pricing is fairly market-related. They have been very lenient because we have been working with them for so long. An example is that we're currently migrating some of our services to AWS, and they've given us a grace period for some of the things to help with the migration and not to grow additional costs while we are migrating, but it's still on par with the market."

"Pricing and licensing is based on the requirements."

"Based on feedback from colleagues and friends working in the financial sector, Geneos is relatively costly. Many companies have been switching from Geneos to Dynatrace, Sysdig, or other monitoring tools in the past two years because of the price."

More ITRS Geneos pricing and cost advice

"It can be tough to determine if you are getting all of the value out of your investment at times."

"Price-wise, if you compare QRadar to Splunk for SIEM functionality then they are in the same range but when you integrate SOAR with these solutions, Splunk takes the lead and is more competitive."

"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."

"The Splunk licensing is high."

"Splunk Enterprise Security is affordable."

"Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."

"Splunk is costly but it’s worth it due to the high-end features."

"Splunk can be an expensive solution. It all depends on how we configure the alerts and the events from the endpoints. You can save some money if you do that correctly. If not, it becomes an expensive solution."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

77%

Computer Software Company

University

Real Estate/Law Firm

Financial Services Firm

15%

Computer Software Company

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about ITRS Geneos?

I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option.

See all answers

What is your experience regarding pricing and costs for ITRS Geneos?

The pricing is high. Licensing fees might be around 500$ per server monthly.

See all answers

What needs improvement with ITRS Geneos?

ITRS Geneos is a legacy system. It predicts or provides proactive measures once an issue is resolved. It doesn't offer any predictive capabilities or root cause analysis. They throw a lot of data i...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

Comparisons

Dynatrace vs ITRS Geneos

Compared 24% of the time

AppDynamics vs ITRS Geneos

Compared 14% of the time

Grafana vs ITRS Geneos

Compared 13% of the time

Prometheus vs ITRS Geneos

Compared 10% of the time

New Relic vs ITRS Geneos

Compared 6% of the time

More ITRS Geneos Competitors

Wazuh vs Splunk Enterprise Security

Compared 10% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 9% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Datadog vs Splunk Enterprise Security

Compared 5% of the time

Sentinel vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Product Reports

Buyer's Guide

ITRS Geneos

December 2024

Download ITRS Geneos product report

Buyer's Guide

Splunk Enterprise Security

November 2024

Download Splunk Enterprise Security product report

Also Known As

Geneos

No data available

Learn More

ITRS

Splunk

Overview

ITRS Geneos is a real-time monitoring tool designed for managing increasingly complex, hybrid and interconnected IT estates.

Built with financial services and trading organisations in mind, it collects a wide range of data relating to server performance, infrastructure, trading, connectivity and applications, and analyses it to provide relevant information and alerts in real time.

Geneos can give full stack visibility across highly dynamic environments and presents all the information through a single pane of glass and its configurable and customisable dashboards provide end-to-end visibility to both technical and business users.

For more information, please visit https://www.itrsgroup.com/products/geneos

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?

Comprehensive Dashboards: Provide a holistic view of security operations.
Flexible Data Ingestion: Supports various data sources for better analysis.
Robust Log Aggregation: Centralizes log management for easier monitoring.
Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
SIEM Capabilities: Integrates security information and event management.
Threat Intelligence: Utilizes external information to improve security measures.
Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
Correlation Searches: Identifies and correlates security events effectively.

What benefits or ROI should users look for?

Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
Faster Incident Response: Speeds up identification and resolution of security issues.
Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
Scalability: Adapts to growing and changing security needs.
Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Sample Customers

ITRS Geneos is used by over 170 financial institutions, including JPMorgan, HSBC, RBS, Deutsche Bank and Goldman Sachs. Clients range from investment banks to exchanges and brokers.

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Buyer's Guide

ITRS Geneos vs. Splunk Enterprise Security

May 2023

Free Report: ITRS Geneos vs. Splunk Enterprise Security

Find out what your peers are saying about ITRS Geneos vs. Splunk Enterprise Security and other solutions. Updated: May 2023.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our ITRS Geneos vs. Splunk Enterprise Security report.

We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.