No more typing reviews! Try our Samantha, our new voice AI agent.

Splunk Enterprise Security vs Stellar Cyber Open XDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 25, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
415
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
Stellar Cyber Open XDR
Ranking in Security Information and Event Management (SIEM)
44th
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
User Entity Behavior Analytics (UEBA) (28th), Endpoint Detection and Response (EDR) (58th), Network Traffic Analysis (NTA) (16th), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (40th), Identity Threat Detection and Response (ITDR) (21st)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Splunk Enterprise Security is 7.3%, down from 9.3% compared to the previous year. The mindshare of Stellar Cyber Open XDR is 1.3%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Splunk Enterprise Security7.3%
Stellar Cyber Open XDR1.3%
Other91.4%
Security Information and Event Management (SIEM)
 

Featured Reviews

Sathis-Kumar - PeerSpot reviewer
Senior Manager at Bank of America
Helps us detect cyber threats quickly and integrate multiple feeds effectively
Overall, the product is good, but when it comes to some infrastructure issues, we have to dig into more logs. There is no straightforward indication of an issue. Health check kind of dashboards are not available. More AI would help us, and more optimization, since security products run more queries. The AI module could suggest solutions, optimizing queries or workload balancing. If the product itself advises on running queries during peak times, it would be similar to what ChatGPT currently offers. We see quite a few issues on stability. Even last week, we faced something, and identifying bottlenecks is not easy. We need more SMEs, and there is no mechanism to tell us about indexer or search head issues. Self-monitoring dashboards could be beneficial. The technical support still requires more improvement. Often, primary support takes a lot of time and forwards most solutions to the engineering side. The primary support team has very limited knowledge to provide.
Hrishiraj Bhattacharjee - PeerSpot reviewer
Founder & CEO at Team Karimganj
Correlates incidents, allows for quicker identification and helps prioritize investigations
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very complex system. It requires a lot of expertise. All my guys who work on it have gone through certification from Stellar itself. There are three different certifications that you need to complete. Only then are you certified by Stellar to work on it. It’s a very complex platform. Not everyone can use it. A simple IT engineer or system admin won’t be able to handle it because it’s quite complex. You need to have an understanding of the industry, the subject, and the tool. So, just purchasing this tool or license and then using it on your own would be very difficult to configure and manage on a day-to-day basis. The pricing model is not suitable for small and medium companies, particularly small companies. The minimum pricing model they have is suitable for companies with more than one thousand users. So, if someone has 50 to 100 users, like typical small companies, it’s difficult for them because the cost involved is high. Stellar would charge you for those thousand users, but you do not need all those users. So what are they going to do? I guess Stellar does not want to target small companies directly and maybe relies on resellers and MSPs like us to sell it. So, that is something I would recommend changing. Otherwise, it’s a great tool, but because of the pricing model, small companies are unable to leverage the advantage of this beautiful tool. So, the pricing model should be suitable for small and medium businesses. The product currently has vulnerability monitoring and everything. But if they could also do something about vulnerability management and maybe patch management, that would be nice.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Log search and alerting/reporting."
"Splunk Enterprise Security is more advanced compared to other solutions, which makes it stand out as a better option."
"Splunk goes beyond collecting basic metrics like CPU or memory utilization; it comprehensively gathers data from various sources, including networks, applications, and virtualization, eliminating the need for siloed solutions and enhancing the capabilities of existing engineering software."
"Overall, Splunk is among the top three SIEM tools due to its capabilities and agility in bridging business analytics with security needs."
"If you are an enterprise and you need the best service for critical business analysis, Splunk would be one of the best choices."
"This is a straightforward solution, easy to configure."
"The most valuable feature is that it brings all of the components necessary to identify, analyze, and respond together."
"I would assess the stability and reliability of Splunk Enterprise Security as typically very good, with minimal downtime or crashes."
"Stellar Cyber Open XDR offers these functionalities at a more affordable price, making it easier for me to position it with price-sensitive customers."
"It can integrate with almost any cybersecurity tool available in the market."
 

Cons

"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
"To improve Splunk Enterprise Security, I would suggest allowing third-party SOAR solutions to work with it."
"The CIM model is the method Splunk uses to normalize data and categorize its important parts, but it is quite complex."
"While Splunk Enterprise Security is powerful, it presents significant complexity for users, as it's not particularly user-friendly for beginners."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"Scalability may become a challenge when deploying Splunk Enterprise Security due to licensing based on ingestion GBs, while cloud-based solutions such as Microsoft Sentinel offer more flexibility without requiring additional infrastructure resources."
"You do need a lot of training and certification with this product."
"I find the process for customizing, developing, testing, deploying, and refining detections in Splunk Enterprise Security to be cumbersome."
"Support is an issue because they have a limited number of resources."
"I would rate the stability at about five to six. The platform requires some fine-tuning, especially when integrating data sources and creating connectors."
 

Pricing and Cost Advice

"I've heard Splunk is often preferred over other options, but the cost can be prohibitive for smaller organizations."
"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
"The tool's licensing is good and we haven't received any complaints from the team handling it."
"Splunk Enterprise Security is a worthwhile investment given the comprehensive range of features it offers."
"Splunk Enterprise Security is expensive."
"Splunk Enterprise Security is not a cheap product, but I think it is worth every dollar that you pay."
"I have no opinion on pricing."
"The licensing costs are high for Splunk Enterprise Security."
"It’s a single license platform."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
9%
Computer Software Company
8%
Construction Company
7%
Manufacturing Company
13%
Comms Service Provider
9%
Computer Software Company
8%
Outsourcing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business129
Midsize Enterprise64
Large Enterprise283
No data available
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What is your experience regarding pricing and costs for Stellar Cyber Open XDR?
Pricing is a major benefit of Stellar Cyber Open XDR. I rate it between three and four on the cost scale. It offers functionalities at a significantly lower cost than rival products, enabling me to...
What needs improvement with Stellar Cyber Open XDR?
I am currently evaluating Stellar Cyber Open XDR in terms of their support. I do not see any major areas for improvement as of now. Their support is good, and the team is small, enabling them to ca...
What is your primary use case for Stellar Cyber Open XDR?
I use Stellar Cyber Open XDR ( /products/stellar-cyber-open-xdr-reviews ) as a 24/7 security monitoring tool, especially for customers with large and medium networks. It eliminates the need for a d...
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Sumitomo Chemical USA, PlastiPak Packaging, University of Denver, Large California State Agency, Large Midwestern American City
Find out what your peers are saying about Splunk Enterprise Security vs. Stellar Cyber Open XDR and other solutions. Updated: June 2026.
904,748 professionals have used our research since 2012.