No more typing reviews! Try our Samantha, our new voice AI agent.

RSA enVision vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 25, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

RSA enVision
Ranking in Security Information and Event Management (SIEM)
32nd
Average Rating
7.2
Reviews Sentiment
6.7
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
408
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of RSA enVision is 0.8%, up from 0.3% compared to the previous year. The mindshare of Splunk Enterprise Security is 7.3%, down from 9.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Splunk Enterprise Security7.3%
RSA enVision0.8%
Other91.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

SF
Président at ARS Solutions
Support both French and English, which is important for us and adapted to the evolving security landscape over time in my experience
You need a skilled engineer to deploy it because you can do anything with this tool. You can see everything on the network. A good engineer will be surprised and have fun using this tool because it's very powerful. Deployment process: You need to build a recipe/layout when you want to deploy something. Once the recipe is done, you just have to copy it. So you really need a good engineer at first, but then any other technician can copy the recipe. You don't need to be an expert once the recipe is finalized. So, once you have it set up, it's easy to deploy. But you need a good engineer to deploy it correctly. You will get alerts from the system, but if you want to fully explore and maximize the tool, the engineering needs are different.
Sathis-Kumar - PeerSpot reviewer
Senior Manager at Bank of America
Helps us detect cyber threats quickly and integrate multiple feeds effectively
Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The custom dashboard and correlation alerts in this solution improved our incident response process."
"The ease of log collection and stability of the platform are the most valuable features."
"RSA enVision provides the full system visibility of your events within your IT ecosystem."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"We developed around this solution and received excellent support from the company."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature of this solution is the reporting."
"With Splunk, we got more insights out of our data as it includes machine and secure data."
"The solution's most valuable feature is that it helps with our use cases to detect anomalies in our data and it is important to my company since we have a lot of data on different logs on the systems."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"The feature I appreciate the most about Splunk Enterprise Security is the dashboard."
"They have approximately 50,000 predefined correlation rules, which is quite a lot, and I find that good."
"Exporting is a good feature. It helps me out when I have to do reports. I do a lot of exporting and crunching of the numbers. Dashboards are okay for showing to the leadership, but for doing statistics and updating tickets, the export feature is very beneficial for me."
"Splunk's support is better, and its reporting is easier and better."
"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."
 

Cons

"There is no future for this solution. It does not exist anymore."
"Licensing could be improved to be more oriented towards Managed Service Providers (MSPs)."
"Sometimes the investigation panel and reporting engine work very slowly."
"RSA enVision log manager is out of date and is not in use anymore."
"Whenever you perform the query, it takes too long."
"The integration could be easier, it should support more products."
"In general, the solution currently isn't user-friendly."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support."
"The solution could use a different licensing model."
"Resource usage can probably be described as an area with shortcomings in the product where improvements are required."
"VMware and security device integration looks a bit complex."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day."
"The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files."
"There is not much to improve in Splunk Enterprise Security, but points such as deep learning and writing complex queries can be time-consuming, and managing multiple correlation rules can become complex over time, especially with high volumes of log data that can affect performance."
"This is not really a monitoring solution."
 

Pricing and Cost Advice

"We no longer pay a licensing fee because it is out of date and don't pay for support."
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."
"The variables and the flexibility that Splunk provides are helpful, especially in a hybrid and multi-cloud environment."
"Splunk Enterprise Security is an expensive solution."
"The Splunk licensing is high."
"Be upfront about your needs and expectations. Splunk is great to work with."
"There is an annual license required to use this solution."
"I think that most of the monitoring solutions are expensive."
"I am not personally involved with the pricing of the solution."
"The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Comms Service Provider
14%
Construction Company
12%
Manufacturing Company
11%
Retailer
10%
Financial Services Firm
13%
Manufacturing Company
9%
Computer Software Company
8%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business129
Midsize Enterprise62
Large Enterprise282
 

Questions from the Community

What needs improvement with RSA enVision?
Licensing could be improved to be more oriented towards Managed Service Providers (MSPs). Perhaps offering different types of licensing would be beneficial, as it can be expensive for industries wi...
What advice do you have for others considering RSA enVision?
Overall, I would rate it a nine out of ten. I recommend using it, but it also depends on the needs and the budget. If I still had my company, I think we would continue using RSA enVision. However, ...
What is your experience regarding pricing and costs for RSA enVision?
It's competitive, but they need to adapt to MSPs. Maybe that's not their target market, though.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about RSA enVision vs. Splunk Enterprise Security and other solutions. Updated: June 2026.
903,933 professionals have used our research since 2012.