Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Stellar Cyber Open XDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), IT Operations Analytics (1st)
Stellar Cyber Open XDR
Ranking in Security Information and Event Management (SIEM)
51st
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
Endpoint Detection and Response (EDR) (61st), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (21st), Extended Detection and Response (XDR) (35th)
 

Mindshare comparison

As of March 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Splunk Enterprise Security is 9.8%, down from 13.3% compared to the previous year. The mindshare of Stellar Cyber Open XDR is 1.3%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.
Hrishiraj Bhattacharjee - PeerSpot reviewer
Correlates incidents, allows for quicker identification and helps prioritize investigations
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very complex system. It requires a lot of expertise. All my guys who work on it have gone through certification from Stellar itself. There are three different certifications that you need to complete. Only then are you certified by Stellar to work on it. It’s a very complex platform. Not everyone can use it. A simple IT engineer or system admin won’t be able to handle it because it’s quite complex. You need to have an understanding of the industry, the subject, and the tool. So, just purchasing this tool or license and then using it on your own would be very difficult to configure and manage on a day-to-day basis. The pricing model is not suitable for small and medium companies, particularly small companies. The minimum pricing model they have is suitable for companies with more than one thousand users. So, if someone has 50 to 100 users, like typical small companies, it’s difficult for them because the cost involved is high. Stellar would charge you for those thousand users, but you do not need all those users. So what are they going to do? I guess Stellar does not want to target small companies directly and maybe relies on resellers and MSPs like us to sell it. So, that is something I would recommend changing. Otherwise, it’s a great tool, but because of the pricing model, small companies are unable to leverage the advantage of this beautiful tool. So, the pricing model should be suitable for small and medium businesses. The product currently has vulnerability monitoring and everything. But if they could also do something about vulnerability management and maybe patch management, that would be nice.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful gets into the system."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."
"It's the completeness of the solution that we like the most."
"I like the ease of setting up dashboards on Splunk. They're easy to create, manage, alter, and share. You can fine-tune them any way you see fit."
"The Splunk Enterprise Security's threat-hunting capabilities have been particularly useful in later releases."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"Easy to deploy and simple to use."
"Stellar Cyber Open XDR offers these functionalities at a more affordable price, making it easier for me to position it with price-sensitive customers."
"It can integrate with almost any cybersecurity tool available in the market."
 

Cons

"The search could be improved. Now, it is a bit difficult to write search queries because they become quite long, then maintaining those long search queries is a quite challenging."
"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."
"The support that is included with the standard licensing fee is very bad."
"We had some connections issues with the solution at the beginning."
"While Splunkbase (the app repository) has a lot of great content, some apps are terribly old and could stand to be updated or purged."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"The licensing price is high and has room for improvement."
"Many of my clients want to get better at Splunk, but they're afraid of using the tool because they feel it's too complex for them."
"Support is an issue because they have a limited number of resources."
"I would rate the stability at about five to six. The platform requires some fine-tuning, especially when integrating data sources and creating connectors."
 

Pricing and Cost Advice

"ROI is estimated at saving my team roughly 10 to 12 man hours per week in troubleshooting for our company as well as what our profits had been from our services of installing, configuring, and supporting other clients with the product."
"While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."
"Splunk Enterprise Security is a worthwhile investment given the comprehensive range of features it offers."
"The price of Splunk Enterprise Security fluctuates based on the customer, but I believe it's quite costly, especially for our clientele."
"I work on the technical side, so I don't know precise figures. However, I know that Splunk is a premium product, so it's somewhat costly. Still, you get a lot of unique features for the money."
"The price of Splunk is reasonable."
"It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation."
"It can be tough to determine if you are getting all of the value out of your investment at times."
"It’s a single license platform."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
842,690 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
Computer Software Company
16%
Comms Service Provider
12%
Manufacturing Company
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What is your experience regarding pricing and costs for Stellar Cyber Open XDR?
Pricing is a major benefit of Stellar Cyber Open XDR. I rate it between three and four on the cost scale. It offers functionalities at a significantly lower cost than rival products, enabling me to...
What needs improvement with Stellar Cyber Open XDR?
I am currently evaluating Stellar Cyber Open XDR in terms of their support. I do not see any major areas for improvement as of now. Their support is good, and the team is small, enabling them to ca...
What is your primary use case for Stellar Cyber Open XDR?
I use Stellar Cyber Open XDR ( /products/stellar-cyber-open-xdr-reviews ) as a 24/7 security monitoring tool, especially for customers with large and medium networks. It eliminates the need for a d...
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Sumitomo Chemical USA, PlastiPak Packaging, University of Denver, Large California State Agency, Large Midwestern American City
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
842,690 professionals have used our research since 2012.