OpenText SiteScope vs Splunk Enterprise Security comparison

The compared OpenText and Splunk solutions aren't in the same category. OpenText is ranked #24 in APM , with an average rating of 8.0, and holds a 0.6% mindshare in the category. Splunk is ranked #1 in SIEM , with an average rating of 8.4, and holds a 11.2% mindshare. Additionally, 92% of OpenText users are willing to recommend the solution, compared to 93% of Splunk users who would recommend it.

OpenText SiteScope

Read 25 OpenText SiteScope reviews

1,762 Views
861 Comparison Views

92% willing to recommend

Splunk Enterprise Security

Read 301 Splunk Enterprise Security reviews

16,171 Views
13,494 Comparison Views

93% willing to recommend

OpenText SiteScope

Splunk Enterprise Security

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between OpenText SiteScope and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two Application Performance Monitoring (APM) and Observability solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed OpenText SiteScope vs. Splunk Enterprise Security Report (Updated: May 2023).

Buyer's Guide

OpenText SiteScope vs. Splunk Enterprise Security

May 2023

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

OpenText SiteScope

Average Rating

7.6

Reviews Sentiment

7.9

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (24th)

Splunk Enterprise Security

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

301

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. OpenText SiteScope is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 0.6%, up 0.5% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 11.2% mindshare, down 15.0% since last year.

Application Performance Monitoring (APM) and Observability

Security Information and Event Management (SIEM)

Featured Reviews

Christopher M Cook

Senior Service Analyst at Exelon

Doesn't require much custom coding and can run on different platforms, but the types of scripting files you can execute on it are limited

In terms of issues with Micro Focus SiteScope, some that we've run into were unintended, for example, extra executions of monitors and some false alerts when there were problems connecting to endpoints or there were issues with the application that sometimes resulted in false positives. We had a few issues with the way time zones were configured when the system time differed from the time indicated during the monitoring, but those were just little things that weren't too bad. As far as the limitations of Micro Focus SiteScope, the types of scripting files that can be executed are rather limited unless you go to some third-party plugins. These are the areas for improvement in the solution.

Read full review

Avinash Gopu.

Associate VP & Cyber Security Specialist at US Bank

Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations

There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Simple deployment: The deployment uses protocols such as NetBios, SSH, WMI, SNMP, which means that any device with any of these protocols will be monitored."

"There's no agent you need installed on the servers. In our environment, we have some servers out of our control so we cannot manage them. We use SiteScope to monitor the availability, the resources on the servers, etc. This allows us to do this job without installing agents so there's no need to take care of anything on the server."

"The product's ability to monitor systems and applications and send alerts and create support tickets are the most valuable features of the product."

"Instead of executing jobs multiple times, I can configure it once, schedule, and apply it on multiple servers in sequence. It allows me to create scripts and automate several processes, making tasks simpler and more efficient."

"SiteScope has built-in flat file DB, hence it removes the dependency of an external DB for higher stability."

"The most valuable feature of OpenText SiteScope is that it is easy to manage and user-friendly."

"The URL monitoring is excellent."

"It has multiple monitors that can be deployed OOTB, which includes basic system monitors for CPU, Disk, Memory, NIC's, etc."

More OpenText SiteScope pros

"The most valuable features are how stable and easy to use Splunk is."

"The most valuable feature of Splunk Enterprise Security is the threat intelligence integration because essentially having to go out and correlate all the data on our own becomes convoluted."

"We did not encounter any issues with scalability. It is almost seamless to add new index (storage) or search (used to analyze the data) nodes to the cluster."

"We have a more secure, robust environment, which keeps the harmful software out of the zone required."

"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."

"Splunk has give us the capability to easily track problems and their status."

"I like Splunk's automated threat detection and orchestration capabilities. Splunk offers a single solution for analyzing, aggregating, correlating, monitoring, reporting, visualizing, etc. You can get all of these capabilities in one place. On top of that, it provides a cloud, testing, on-premise, and hybrid solution, giving customers more flexibility for their use cases."

"Splunk can deliver more information by going deeper. By creating a dashboard, we can identify the root cause of the threat. Let's say I have a firewall from Check Point. Splunk will find the dashboard for Check Point, implement it in our environment, and connect it to the Check Point firewall logs, which are shown on the dashboard. If we request a custom dashboard, the engineer will take longer to complete the task."

More Splunk Enterprise Security pros

Cons

"Sometimes in a huge environment, I think the documentation does not provide the required calculations so you can't know what the required set up should be. You need to test."

"I would be very interested in having transaction traceability included in the product, to give us a better view of what is really going wrong in a particular method and action."

"SiteScope isn't productive if you want to monitor RAM or if you want to monitor some URL."

"The tool needs to support new technologies like Kubernetes. It also needs to improve scalability."

"They need to offer better technical support, which, right now, is not helpful or responsive."

"Direct integration with an SMS gateway for sending critical alerts to the support SME. This will help customer investing in third party middleware solutions for SMS."

"You can use OpenText SiteScope for small or middle environments. But if you want to monitor a large environment, it is not scalable. If you can monitor a large environment with OpenText SiteScope, it can be a valuable product."

"Micro Focus Voltage SiteScope could improve by adding more features, such as cloud, APM, and DevOps monitoring."

More OpenText SiteScope cons

"The solution's automation could be improved."

"On-premises scaling of the solution is a bit more limited than it is on the cloud."

"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."

"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."

"Splunk is very expensive. The license is based on the volume of the logs ingested. I was responsible for managing the contract with our service integrator. I don't know the precise details of the competing solution, but I have heard that Splunk is more expensive than others. I don't know what the going rate is on the market, but I think there are at least two competitors that are less expensive. We have experienced a few issues with our service providers in terms of log filtering and ingestion, so we continue to pay a bit more per day for our logs."

"The setup time is quite long."

"It's missing some features that other solutions have, such as the ability to upgrade the endpoint and perform endpoint universal forwarders from a deployment server instead of using a third-party solution, such as Puppet or Ansible."

"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"The pricing or licensing cost for Micro Focus SiteScope is often bundled with other things, so the cost for each individual would be difficult to calculate. Pricing could be $2,000,000 a year. My company pays for technical support because it's part of the contract with Micro Focus SiteScope. You buy the licenses, but you're also paying for the support. With Nagios, it's much more bare-bones as far as paying for licenses and the software itself, and my company didn't have to use as much Nagios support yet in one or two years because there weren't too many problems using Nagios, and it's much more cost-effective, so that's one of the reasons why my company is migrating to Nagios from Micro Focus SiteScope."

"I rate the solution's pricing a six out of ten on a scale where one is cheap and ten is expensive."

"When Micro Focus Voltage SiteScope has introduced approximately eight years ago and there was not very much competition making the price high. However, when comparing the price of Micro Focus Voltage SiteScope now to other tools, they should reduce the price. It is similar to a legacy tool at this point."

"Depending on your requirements, there are two licensing models available. A simple point model, or an endpoint model."

"SiteScope licensing can be node based-or monitor-based. I would recommend for node-based licensing."

"The product's pricing should be lower since there are many open-source products that can do the same job with better user interfaces. The tool's pricing is yearly and you need to pay for support."

"Licensing is a little steep."

"You have to pay for their "solution templates". Other tools do not charge you for knowledge-based monitoring bundles."

More OpenText SiteScope pricing and cost advice

"Splunk Enterprise Security is expensive. I would rate the cost an eight out of ten with ten being the most expensive."

"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."

"Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."

"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."

"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."

"It's more expensive than the other tools, but it's worth it. Every penny is worth it."

"Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."

"It's a yearly subscription."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

32%

Manufacturing Company

17%

Computer Software Company

10%

Government

Financial Services Firm

15%

Computer Software Company

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Micro Focus Voltage SiteScope?

The most valuable feature of SiteScope is its infrastructure monitoring.

See all answers

What is your experience regarding pricing and costs for Micro Focus Voltage SiteScope?

The licensing scheme for Micro Focus tools is reasonable, and more affordable. It's seen as medium or de-receivable.

See all answers

What needs improvement with Micro Focus Voltage SiteScope?

While working with OpenText, I noticed sometimes teams refuse intervention due to compliance issues. Overcoming control restrictions for different applications could be improved.

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

Comparisons

Dynatrace vs OpenText SiteScope

Compared 14% of the time

AppDynamics vs OpenText SiteScope

Compared 14% of the time

Grafana vs OpenText SiteScope

Compared 12% of the time

SCOM vs OpenText SiteScope

Compared 11% of the time

New Relic vs OpenText SiteScope

Compared 8% of the time

More OpenText SiteScope Competitors

Wazuh vs Splunk Enterprise Security

Compared 10% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 9% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Datadog vs Splunk Enterprise Security

Compared 5% of the time

Sentinel vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Product Reports

Buyer's Guide

OpenText SiteScope

December 2024

Download OpenText SiteScope product report

Buyer's Guide

Splunk Enterprise Security

November 2024

Download Splunk Enterprise Security product report

Also Known As

Micro Focus SiteScope, HPE SiteScope, SiteScope

No data available

Learn More

OpenText

Splunk

Overview

OpenText SiteScope is an agentless monitoring program that tracks the availability and performance of distributed IT infrastructures such as servers, network devices and services, applications and application components, virtualization software, operating systems, and other IT enterprise components.

OpenText SiteScope is an autonomous hybrid IT monitoring system that can monitor more than 100 different types of IT components in real time, thanks to a lightweight and highly customizable remote access architecture.

With OpenText SiteScope, IT teams can get the data they need to keep on top of problems and eliminate bottlenecks before they become major concerns.

OpenText SiteScope can reduce total cost of ownership (TCO) by utilizing agentless technology, which eliminates the need to install and monitor agents on each box. Manual activities can be automated, and teams can save time and effort by using pre-packaged solution templates.

OpenText SiteScope Features

OpenText SiteScope has many valuable key features. Some of the most useful ones include:

Broad functionality built on expertise: OpenText SiteScope's architecture is scalable and supports a broad range of functions, including data collecting, alerting, event management, and reporting. Data is collected via remote access, which eliminates the need for agents to be deployed and maintained on monitored nodes. OpenText SiteScope connects to systems as a remote user via the central server, which supports JMX, SNMP, HTTP, SSH, NetBIOS, and WMI.

Monitors legacy and modern environments: OpenText SiteScope comes with more than 100 built-in monitors that track things like utilization, response time, use, and resource availability.
- Cloud: You can monitor virtual servers and applications on Amazon Web Services (AWS). AWS-hosted applications can provide data to Amazon CloudWatch, which can be used for auto-scaling, reporting, and alerting.
- Virtualization: OpenText SiteScope supports VMware, Microsoft, Citrix, and Oracle/Sun virtualization technologies. Monitor Docker clusters, nodes, containers, and workloads.

Flexibility with configuration: By adding or deleting specific monitors, you can adapt to dynamic changes in data center configuration.

Templates for solutions: The template database is based on best practices for monitoring complex application settings with the least amount of time and effort. The templates include built-in domain experience of specialized monitors, default metrics and thresholds, proactive testing, and best practices for a given application or monitoring component.

Notifications, alerts, and reports: Email, SNMP traps, HTTP post, and database alerts are all supported. Administrators receive alerts based on defined thresholds and schedules.

Flexibility in user management: Using LDAP or an internal management solution, define group-level permissions, construct user roles, and assign security groups depending on role. Extensive WS (Web Service)-based API that automates numerous management situations without the need for the SiteScope UI.

Integrations with SiteScope: OpenText SiteScope not only offers a number of benefits on its own, but it can also be linked with a number of OpenText and third-party solutions, giving teams the ability to properly integrate their IT operations center.

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?

Comprehensive Dashboards: Provide a holistic view of security operations.
Flexible Data Ingestion: Supports various data sources for better analysis.
Robust Log Aggregation: Centralizes log management for easier monitoring.
Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
SIEM Capabilities: Integrates security information and event management.
Threat Intelligence: Utilizes external information to improve security measures.
Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
Correlation Searches: Identifies and correlates security events effectively.

What benefits or ROI should users look for?

Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
Faster Incident Response: Speeds up identification and resolution of security issues.
Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
Scalability: Adapts to growing and changing security needs.
Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Sample Customers

Vodafone Ireland, Kuveyt Turk Participation Bank

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Buyer's Guide

OpenText SiteScope vs. Splunk Enterprise Security

May 2023

Free Report: OpenText SiteScope vs. Splunk Enterprise Security

Find out what your peers are saying about OpenText SiteScope vs. Splunk Enterprise Security and other solutions. Updated: May 2023.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our OpenText SiteScope vs. Splunk Enterprise Security report.

We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.