No more typing reviews! Try our Samantha, our new voice AI agent.

RSA enVision vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 25, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

RSA enVision
Ranking in Security Information and Event Management (SIEM)
32nd
Average Rating
7.2
Reviews Sentiment
6.7
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
415
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of RSA enVision is 0.8%, up from 0.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 7.3%, down from 9.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Splunk Enterprise Security7.3%
RSA enVision0.8%
Other91.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

SF
Président at ARS Solutions
Support both French and English, which is important for us and adapted to the evolving security landscape over time in my experience
You need a skilled engineer to deploy it because you can do anything with this tool. You can see everything on the network. A good engineer will be surprised and have fun using this tool because it's very powerful. Deployment process: You need to build a recipe/layout when you want to deploy something. Once the recipe is done, you just have to copy it. So you really need a good engineer at first, but then any other technician can copy the recipe. You don't need to be an expert once the recipe is finalized. So, once you have it set up, it's easy to deploy. But you need a good engineer to deploy it correctly. You will get alerts from the system, but if you want to fully explore and maximize the tool, the engineering needs are different.
Sathis-Kumar - PeerSpot reviewer
Senior Manager at Bank of America
Helps us detect cyber threats quickly and integrate multiple feeds effectively
Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of this solution is the reporting."
"RSA enVision provides the full system visibility of your events within your IT ecosystem."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The custom dashboard and correlation alerts in this solution improved our incident response process."
"The ease of log collection and stability of the platform are the most valuable features."
"We developed around this solution and received excellent support from the company."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"The most valuable feature is the log aggregation, being able to scan through all of the logs."
"Splunk can deliver more information by going deeper. By creating a dashboard, we can identify the root cause of the threat. Let's say I have a firewall from Check Point. Splunk will find the dashboard for Check Point, implement it in our environment, and connect it to the Check Point firewall logs, which are shown on the dashboard. If we request a custom dashboard, the engineer will take longer to complete the task."
"The flexibility of the solution is quite good."
"In terms of technical support, we don't have any issues, as the professional services which they have extended to us are very, very good."
"One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us."
"Splunk is one of the most powerful SIEM platforms due to its flexibility, scalability, and advanced search capabilities as it uses the SPL language."
"What Splunk calls operational intelligence: fast availability of operational data spread across several servers to prevent or react faster to outages or performance decreases."
"The SIEM is the most valuable feature of the product."
 

Cons

"In general, the solution currently isn't user-friendly."
"Sometimes the investigation panel and reporting engine work very slowly."
"The integration could be easier, it should support more products."
"RSA enVision log manager is out of date and is not in use anymore."
"Licensing could be improved to be more oriented towards Managed Service Providers (MSPs)."
"There is no future for this solution. It does not exist anymore."
"Whenever you perform the query, it takes too long."
"They could offer pre-built search queries for everyday use cases like brute force attacks, DDoS attacks, and other security threats."
"Pricing is one factor that hurts everybody on the market; the client, the reseller, everybody that touches it. Only Splunk makes money."
"Deployment is not difficult but the lock sources and configurations can take time."
"The biggest thing with Splunk is making sure that the documentation is maintained."
"The main improvement needed in Splunk Enterprise Security is its system visibility after installation."
"I'd love to see more integrations, which is one of the primary points of the key node with Splunk Enterprise Security."
"We usually have to follow up with technical support on our open cases."
"I'd like to see more integration with more antivirus systems."
 

Pricing and Cost Advice

"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."
"We no longer pay a licensing fee because it is out of date and don't pay for support."
"Splunk Enterprise Security is priced lower than competitors."
"It's a little bit expensive for a small to medium enterprise."
"In addition to the licensing fee, there is also a support and maintenance charge."
"It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases."
"This product could use better pricing in general."
"Regarding the product's pricing, I think it has always been difficult to have a conversation with Splunk."
"It is economical than other solutions."
"While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Comms Service Provider
14%
Construction Company
12%
Manufacturing Company
11%
Retailer
10%
Financial Services Firm
13%
Manufacturing Company
9%
Computer Software Company
8%
Outsourcing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business129
Midsize Enterprise64
Large Enterprise283
 

Questions from the Community

What needs improvement with RSA enVision?
Licensing could be improved to be more oriented towards Managed Service Providers (MSPs). Perhaps offering different types of licensing would be beneficial, as it can be expensive for industries wi...
What advice do you have for others considering RSA enVision?
Overall, I would rate it a nine out of ten. I recommend using it, but it also depends on the needs and the budget. If I still had my company, I think we would continue using RSA enVision. However, ...
What is your experience regarding pricing and costs for RSA enVision?
It's competitive, but they need to adapt to MSPs. Maybe that's not their target market, though.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about RSA enVision vs. Splunk Enterprise Security and other solutions. Updated: June 2026.
904,836 professionals have used our research since 2012.