Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Stellar Cyber Open XDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
306
Ranking in other categories
Log Management (2nd), IT Operations Analytics (1st)
Stellar Cyber Open XDR
Ranking in Security Information and Event Management (SIEM)
52nd
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
Endpoint Detection and Response (EDR) (61st), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (21st), Extended Detection and Response (XDR) (34th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Splunk Enterprise Security is 9.5%, down from 12.8% compared to the previous year. The mindshare of Stellar Cyber Open XDR is 1.3%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.
Hrishiraj Bhattacharjee - PeerSpot reviewer
Correlates incidents, allows for quicker identification and helps prioritize investigations
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very complex system. It requires a lot of expertise. All my guys who work on it have gone through certification from Stellar itself. There are three different certifications that you need to complete. Only then are you certified by Stellar to work on it. It’s a very complex platform. Not everyone can use it. A simple IT engineer or system admin won’t be able to handle it because it’s quite complex. You need to have an understanding of the industry, the subject, and the tool. So, just purchasing this tool or license and then using it on your own would be very difficult to configure and manage on a day-to-day basis. The pricing model is not suitable for small and medium companies, particularly small companies. The minimum pricing model they have is suitable for companies with more than one thousand users. So, if someone has 50 to 100 users, like typical small companies, it’s difficult for them because the cost involved is high. Stellar would charge you for those thousand users, but you do not need all those users. So what are they going to do? I guess Stellar does not want to target small companies directly and maybe relies on resellers and MSPs like us to sell it. So, that is something I would recommend changing. Otherwise, it’s a great tool, but because of the pricing model, small companies are unable to leverage the advantage of this beautiful tool. So, the pricing model should be suitable for small and medium businesses. The product currently has vulnerability monitoring and everything. But if they could also do something about vulnerability management and maybe patch management, that would be nice.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This is a straightforward solution, easy to configure."
"I like the Splunk dashboard and search engine."
"We can quickly search for almost anything across many log sources in seconds."
"Correlation search, in general, is valuable because it allows us to search multiple data sources easily."
"Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations."
"It gives me notifications of notable events."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"My customer was integrated with many third-party credentials and other threat sources as well. The integration part was seamless and easy. The rates for allocating valuable information and IOCs from different sources are also good."
"It can integrate with almost any cybersecurity tool available in the market."
"Stellar Cyber Open XDR offers these functionalities at a more affordable price, making it easier for me to position it with price-sensitive customers."
 

Cons

"For us, the area that Splunk Enterprise Security can improve is performance optimization."
"Splunk is query-based, which is not the case with most cybersecurity tools. It is based on search queries and can be difficult to use. It would be good if they can make it easier to understand how to create search queries. They can improve the knowledge base for better understanding. To create your dashboard, you need to have a search query. We have multiple firewalls in our company, and we need a dashboard for them. It would be helpful if a default firewall dashboard is included in Splunk to make monitoring easier. If a dashboard is available for a security device, the operation part will be more efficient. We won't have to follow a manual process for this."
"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."
"The product is relatively expensive."
"Considering the contract thing and the whole legal area, it takes forever to get the contracts signed and to be able to agree to the terms and conditions for my company as well as for Splunk's team."
"It needs integration with a configuration management solution."
"The configuration could be better."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"Support is an issue because they have a limited number of resources."
"I would rate the stability at about five to six. The platform requires some fine-tuning, especially when integrating data sources and creating connectors."
 

Pricing and Cost Advice

"The price of Splunk Enterprise Security is reasonable, falling somewhere in the middle range."
"There is an annual license required to use this solution."
"The tool's licensing is good and we haven't received any complaints from the team handling it."
"It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases."
"Licensing is a yearly, one-time cost."
"Splunk is costly but it’s worth it due to the high-end features."
"It's a little bit expensive for a small to medium enterprise."
"It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation."
"It’s a single license platform."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
Computer Software Company
15%
Comms Service Provider
12%
Manufacturing Company
8%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What is your experience regarding pricing and costs for Stellar Cyber Open XDR?
Pricing is a major benefit of Stellar Cyber Open XDR. I rate it between three and four on the cost scale. It offers functionalities at a significantly lower cost than rival products, enabling me to...
What needs improvement with Stellar Cyber Open XDR?
I am currently evaluating Stellar Cyber Open XDR in terms of their support. I do not see any major areas for improvement as of now. Their support is good, and the team is small, enabling them to ca...
What is your primary use case for Stellar Cyber Open XDR?
I use Stellar Cyber Open XDR ( /products/stellar-cyber-open-xdr-reviews ) as a 24/7 security monitoring tool, especially for customers with large and medium networks. It eliminates the need for a d...
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Sumitomo Chemical USA, PlastiPak Packaging, University of Denver, Large California State Agency, Large Midwestern American City
Find out what your peers are saying about Splunk Enterprise Security vs. Stellar Cyber Open XDR and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.