Try our new research platform with insights from 80,000+ expert users

LogRhythm Axon vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm Axon
Ranking in Log Management
36th
Average Rating
7.6
Reviews Sentiment
6.3
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Log Management
2nd
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
306
Ranking in other categories
Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of LogRhythm Axon is 0.2%, down from 0.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 7.4%, down from 11.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

AshishDubey - PeerSpot reviewer
A tool that offers features like SOAR and UBA, along with an out-of-the-box connector for users
LogRhythm Axon has come up with the AI cloud concept in the market. When it comes to the AI cloud concept, you need to consider that every region has differences when it comes to data sovereignty. The AI cloud concept from LogRhythm Axon was based on real-time AI and ML concepts, along with analytics parts that were carried out. The AI cloud concept from LogRhythm Axon is not something that is available in India, so I want it to be introduced in India soon with data sovereignty compliance in place. LogRhythm should focus more on Axon and its cloud platform, which can be helpful in the future to compete with players like Sentinel and Splunk, which currently offer cloud models to users. With LogRhythm Axon, stability and support are areas with shortcomings where improvements are required.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The search feature within AXON is pretty robust. It's actually very fast in comparison to that in the previous platform. It's going to really help with investigations when they get rules put into the system."
"For me, the most valuable feature of LogRhythm AXON is the log parsing technology it has. With my company, I'm the current policy builder, so not having to know an archaic, cryptic format and being able to visually grab a log and assign an element to a particular meta tag quickly and easily and being able to run tests on that have been super useful. It's going to revolutionize the way the logs are identified and classified."
"Scalability-wise, LogRhythm Axon is a good product."
"Recently, Splunk upgraded to version 9.0.02, which includes excellent data dashboards and visualization effects."
"The product provides visibility and enables us to correlate data and generate alerts."
"It's better than IBM, in my opinion, because it's an independent entity."
"The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening."
"Positive features include replication capabilities, software development kits, and the architecture."
"It is the best tool if you have a complex environment or if data ingestion is too huge."
"I very much enjoy Splunk's robust search nature, which enables me to find the data I want within the data I have."
"You can check up on security from the dashboards."
 

Cons

"It's a very beta solution right now, and there are so many features that we would like to see added in, such as integration with Active Directory, which is essential for user management and for streamlining that process significantly."
"I'd give technical support a five out of ten. There are definitely areas that they can improve upon. Faster response times would be wonderful, and having more knowledgeable staff who provide the support would also be great."
"With LogRhythm Axon, stability and support are areas with shortcomings where improvements are required."
"We usually have to follow up with technical support on our open cases."
"It'd be really nice if Splunk Enterprise Security had a better and solid configuration guide."
"The solution's case management system could be further improved to make it easier for analysts to manage cases."
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"Its pricing is extremely high. There are other tools out in the market that are competitive. They do not necessarily have all the functionality, but they are competitive. The professional services we have used have been high as well in comparison to the market."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"It does not give us permission to implement on-premise so we implement them on the cloud."
 

Pricing and Cost Advice

"I know that there are certain payments to be made towards the licensing costs attached to the product...The pricing of LogRhythm Axon falls under the mid-range, in my opinion."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
"It is expensive. That is why many customers have moved to IBM QRadar. The price is definitely a challenge for customers."
"The pricing of Splunk Enterprise Security is high."
"The price can always be lower, but it is fair at the moment. The cost efficiencies depend on the licensing and how much data we are bringing in. We have a fairly large footprint, so it is cost-effective."
"It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases."
"Splunk's costing is a little more difficult. The pricing method is complicated, and the way that costing is calculated in Splunk is a little more difficult."
"Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms."
"This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Government
17%
Computer Software Company
9%
Educational Organization
8%
Performing Arts
7%
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about LogRhythm AXON?
Scalability-wise, LogRhythm Axon is a good product.
What is your experience regarding pricing and costs for LogRhythm AXON?
I know that there are certain payments to be made towards the licensing costs attached to the product. LogRhythm Axon is neither a cheap nor an expensive solution, especially when compared to produ...
What needs improvement with LogRhythm AXON?
LogRhythm Axon has come up with the AI cloud concept in the market. When it comes to the AI cloud concept, you need to consider that every region has differences when it comes to data sovereignty. ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Information Not Available
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about LogRhythm Axon vs. Splunk Enterprise Security and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.