Try our new research platform with insights from 80,000+ expert users

ITRS Geneos vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ITRS Geneos
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
57
Ranking in other categories
Application Performance Monitoring (APM) and Observability (28th), Network Monitoring Software (46th), IT Infrastructure Monitoring (31st)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. ITRS Geneos is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 1.4%, up 1.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.5% mindshare, down 12.8% since last year.
Application Performance Monitoring (APM) and Observability
Security Information and Event Management (SIEM)
 

Featured Reviews

Sanket - PeerSpot reviewer
With the help of the solution, we can predict and prevent failures
Currently, the most valuable thing for an individual is a mobile device. Since that is where people are currently tracking everything, we have multiple applications or apps that are for various products. I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself. Using the ITRS Geneos app, we could see the error message during our travels or wherever we are. I would like to see the capacity of messages for forecasting increased. Since the NSE is the number one derivative stock exchange in the work for three consecutive years, the number of messages is important. We use the capacity planner in ITRS to forecast our data needs for the next two months. The planner is important because the volume of data we produce is becoming more and more volatile compared to when we first started using ITRS Geneos in 2014.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In my experience, being able to monitor our databases is a valuable feature as we can create our own queries and aren't reliant on the in-built ones."
"This tool allows one to analyse, integrate and customize as per the systems and allows you to set your own rules."
"The Netprobe is so lightweight compared to the agents that most monitoring tools use. It's really superior to the competition. The agent that is used by almost every competitive tool takes a lot more system resources. It's slower and it requires a greater effort and more compromises in terms of security to install on the monitored servers. With Geneos, because it lives outside the code, it is far easier and far less taxing on the monitored systems."
"Custom script toolkits"
"One thing we're utilizing in Geneos is the Gateway-SQL. That's really helpful for us. Using Gateway-SQL, we are able to merge two different views into one. Suppose we have to check something in the log and that we have to check something in the database and do a comparison before publishing a result. We can achieve that using Gateway-SQL."
"Tons of default modules which are available out of the box"
"Geneos automatically sends email notifications when any batch job fails, the database is down or the website is down. It is automatically monitoring everything and reduces manual effort."
"I always appreciate Geneos's stability and ease of use."
"I like Splunk's automated threat detection and orchestration capabilities. Splunk offers a single solution for analyzing, aggregating, correlating, monitoring, reporting, visualizing, etc. You can get all of these capabilities in one place. On top of that, it provides a cloud, testing, on-premise, and hybrid solution, giving customers more flexibility for their use cases."
"Low barrier to start searching with the ability to normalize data on the fly."
"We are using Microsoft 365 and we're using the Exchange Mail Service. It's good for monitoring that in particular."
"It is very easy to use and integrate. There are connectors for every technology."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"It follows MITRE ATT&CK and Cyber Kill Chain frameworks. There are certain notable events for which we can configure our security posture."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"Splunk simplifies real-time problem identification and resolution by seamlessly integrating existing customer and vendor systems."
 

Cons

"There is one drawback to using lightweight data collection: we lack the feature of observability based on time series, such as historical model data. This makes it difficult to view data in ITRS. ITRS needs to improve this feature."
"ITRS Geneos cloud monitoring is very weak and can use improvement."
"The ITA, the post-incident analytics, could be improved."
"There is a part of the rules for monitoring alerts. I want to understand more about how to choose the samples and the requirements for the rules. That is the part that I want to understand better and get better training for."
"Currently, it is difficult to monitor secure websites using SSL or with SSO enabled."
"Their cloud monitoring solution needs to be improved. I have already given them the feedback that it's not capable of meeting the latest technology needs."
"Geneos' application monitoring could be improved a lot. Products like AppDynamics and Dynatrace provide the process thread-level monitoring, but Geneos lacks these capabilities."
"For the last year or two, I've been asking the vendor about the mobile app. This is something that probably everyone asks when they see the tool and they see how powerful it is. If there is any mobile app for this or if there is any way this tool can be more easily accessible other than having a big client installed, it would be great. I know you can build dashboards, et cetera, but there is no quick and easy way. I should be able to download an app, log in, and see my status. That will put this product above everything else out there. I believe it's on their roadmap."
"Custom visualizations are real hard. While the default visualizations are good, creating enhanced visualizations are complex."
"More training on PetaData using artificial intelligence techniques to identify the events which are not normal and exceptions that would help the organization identify threats and malware on the go with results."
"Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."
"Make it easier to include roles and user controls, as it is horrible now."
"The solution could use a different licensing model."
"Splunk can improve its third-party device application plugins."
"The UI can be difficult to understand for non-technical people."
"It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away."
 

Pricing and Cost Advice

"I can say it's not that cheap because the licensing is a little bit costly"
"The licensing cost may seem expensive upfront. However, the service is outstanding, the tool does things that no other tools can do, and the customizability more than makes up for the cost of licensing."
"The pricing seems reasonable. We're happy enough with it."
"Pricing is the touchy subject, even here. Upper management always wants us to find a cheaper solution. But we have so much integrated with ITRS... It's expensive, but it does its job very well. And you set it and go."
"When I first came in, their pricing was very high. ITRS had a high expectation of what their price should be based on perceived value. I think they have been realizing, more recently, that there are other competitors, so their pricing is a lot better. Licensing for on-premise is okay, however I feel there is quite some work to be done for cloud and containers. We're still working with them to try and work out what that pricing should look like."
"The market tools are on par with this solution, but if the solution included more features, then it would be well within the range for the cost."
"Its price is reasonable. It isn't too expensive, and it isn't too cheap, but it also depends on a company's volume and negotiation."
"ITRS Geneos is not a cheap tool. It's a moderate price for the banking industry. The reason we are not able to add the ITRS monitoring tool for the non-banking industries, and non-finance industries, is that the pricing is too high."
"Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
"Splunk Enterprise Security is expensive but the solution is equipped with a lot of features."
"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."
"The solution is costly."
"We have an unlimited one, and we pay yearly, but I don't know how much it costs. Previously, I worked for a startup, and when they started building it up, it was complicated for them because they didn't have the budget for that many licenses. It was very costly for them. So, startups might find it a little bit problematic because of the licensing, but for bigger companies, there is no issue."
"Splunk Enterprise Security is cheaper than competitors, but I do not know whether it is just our contract."
"There is an annual license required to use this solution."
"We have had a reduction in the time it takes to resolve issues and correlate what has failed."
report
Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
77%
Computer Software Company
6%
University
4%
Construction Company
1%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ITRS Geneos?
I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option.
What is your experience regarding pricing and costs for ITRS Geneos?
The pricing is high. Licensing fees might be around 500$ per server monthly.
What needs improvement with ITRS Geneos?
ITRS Geneos is a legacy system. It predicts or provides proactive measures once an issue is resolved. It doesn't offer any predictive capabilities or root cause analysis. They throw a lot of data i...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

Geneos
No data available
 

Overview

 

Sample Customers

ITRS Geneos is used by over 170 financial institutions, including JPMorgan, HSBC, RBS, Deutsche Bank and Goldman Sachs. Clients range from investment banks to exchanges and brokers.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about ITRS Geneos vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
845,040 professionals have used our research since 2012.