We performed a comparison between Nagios Log Server and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A great feature of the solution involves its internal portal."
"The product is scalable."
"The initial setup of Nagios Log Server was easy and straightforward."
"It provides an easy way to identify errors and spot issues, making troubleshooting more efficient."
"One of the most valuable features is the dashboard because the UI was effective and easy to use. The alert systems are good as well. We had no failovers and had high availability. We can search the queries fast as well in Nagios Log Server."
"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."
"Compared to IBM QRadar, Splunk Enterprise Security offers faster alert resolution."
"The solution is very fast and succinct."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"It allows for transparency into IT metrics for insightful business analytics."
"The most valuable feature is the incident dashboard, and the extensive use of correlation searches, which isn't available with a standard Splunk search package. This feature is important to me because it enables SOC analysts to do their job more efficiently and be able to investigate or mediate incidents at a faster pace."
"The initial setup is pretty straightforward."
"It is easy to use in any environment."
"The customization and dashboards have shortcomings and need to be improved to make the tool look more presentable."
"It would be beneficial for Nagios to incorporate a tool that goes beyond log management and includes features to monitor overall system health and assess the effectiveness of antivirus solutions."
"The support could be better."
"The configurations during initial setup could be improved. If they could be agentless, as in the case of the Ansible product, it would be better. I would like to be able to analyze the network bandwidth."
"As we are talking about a product which is open to the public, the pricing makes it challenging for us to profit off of its marketing."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"Its performance can be better. Sometimes, it takes longer when we do queries."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"Splunk does not build apps. They only go back and validate the apps that somebody has already built. They should have remote consulting support. They have a wonderful solution. They have 24/7 security. Nobody needs to depend on any third party and will therefore just buy Splunk on the cloud."
"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
"A lot of people are averse to using new tools so if they make it even more user-friendly than it already is, I think that could go a long way."
Nagios Log Server is ranked 38th in Log Management with 5 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Nagios Log Server is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Nagios Log Server writes "A scalable and affordable tool for monitoring data centers ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Nagios Log Server is most compared with Wazuh, Graylog, LogRhythm SIEM, syslog-ng and SolarWinds Kiwi Syslog Server, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Nagios Log Server vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.