Try our new research platform with insights from 80,000+ expert users

LogRhythm Axon vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm Axon
Ranking in Log Management
36th
Average Rating
7.6
Reviews Sentiment
6.3
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Log Management
2nd
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of LogRhythm Axon is 0.2%, down from 0.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 7.4%, down from 11.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

AshishDubey - PeerSpot reviewer
A tool that offers features like SOAR and UBA, along with an out-of-the-box connector for users
LogRhythm Axon has come up with the AI cloud concept in the market. When it comes to the AI cloud concept, you need to consider that every region has differences when it comes to data sovereignty. The AI cloud concept from LogRhythm Axon was based on real-time AI and ML concepts, along with analytics parts that were carried out. The AI cloud concept from LogRhythm Axon is not something that is available in India, so I want it to be introduced in India soon with data sovereignty compliance in place. LogRhythm should focus more on Axon and its cloud platform, which can be helpful in the future to compete with players like Sentinel and Splunk, which currently offer cloud models to users. With LogRhythm Axon, stability and support are areas with shortcomings where improvements are required.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Scalability-wise, LogRhythm Axon is a good product."
"For me, the most valuable feature of LogRhythm AXON is the log parsing technology it has. With my company, I'm the current policy builder, so not having to know an archaic, cryptic format and being able to visually grab a log and assign an element to a particular meta tag quickly and easily and being able to run tests on that have been super useful. It's going to revolutionize the way the logs are identified and classified."
"The search feature within AXON is pretty robust. It's actually very fast in comparison to that in the previous platform. It's going to really help with investigations when they get rules put into the system."
"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"The solution's most valuable feature is its data modeling."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used."
"The solution's most valuable feature is the dashboard, which allows us to see everything on the same page and provides easy visibility into problems."
"The most valuable feature of Splunk Enterprise Security is website activity monitoring."
 

Cons

"With LogRhythm Axon, stability and support are areas with shortcomings where improvements are required."
"It's a very beta solution right now, and there are so many features that we would like to see added in, such as integration with Active Directory, which is essential for user management and for streamlining that process significantly."
"I'd give technical support a five out of ten. There are definitely areas that they can improve upon. Faster response times would be wonderful, and having more knowledgeable staff who provide the support would also be great."
"Splunk's ability to analyze malicious activities scores an 8 out of 10, but there's room for improvement. By analyzing emerging patterns, Splunk could identify and predict potential threats more effectively."
"The solution is expensive."
"The solution should also have more advanced capabilities in comparison with QRadar, which offers Watson."
"The monitoring aspect of Splunk could be improved. We have to do some queries to get as much information as CrowdStrike or other solutions provide. If you run a big query, you will see a delay. That is the only concern we have because it will take some time if you query large data sets."
"It does not give us permission to implement on-premise so we implement them on the cloud."
"We'd like to see a more seamless cloud-based integration."
"We've sometimes faced issues with upgrades. The incident review dashboard sometimes breaks after updates. When we add a space or something in the description or anywhere in the SQL, the drill-down value may be reset with a blank value. Before rolling out any software, they should test it thoroughly and ensure clients won't have issues with the upgraded version. It should be compatible with all or most of the apps. All major issues must be addressed before rolling out the upgrade."
"It is important to make sure that everything is built off of the threat models and all the underlying items within Splunk."
 

Pricing and Cost Advice

"I know that there are certain payments to be made towards the licensing costs attached to the product...The pricing of LogRhythm Axon falls under the mid-range, in my opinion."
"The Splunk Enterprise Security license is expensive."
"It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation."
"Setup cost is cheap: It is free, it is user-friendly, and it is fast."
"Pricing can be a limiting factor. You have to continuously tune what you are bringing in and make sure what you bring in is of value."
"The pricing is very complicated, and it is very pricey. You do require a lot of different licenses in order to get a comprehensive solution that is not just the SIEM solution."
"Regarding the product's pricing, I think it has always been difficult to have a conversation with Splunk."
"I think the price could be improved."
"Splunk is priced higher than other solutions."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Government
17%
Computer Software Company
10%
Educational Organization
8%
Performing Arts
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about LogRhythm AXON?
Scalability-wise, LogRhythm Axon is a good product.
What is your experience regarding pricing and costs for LogRhythm AXON?
I know that there are certain payments to be made towards the licensing costs attached to the product. LogRhythm Axon is neither a cheap nor an expensive solution, especially when compared to produ...
What needs improvement with LogRhythm AXON?
LogRhythm Axon has come up with the AI cloud concept in the market. When it comes to the AI cloud concept, you need to consider that every region has differences when it comes to data sovereignty. ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Information Not Available
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about LogRhythm Axon vs. Splunk Enterprise Security and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.