Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs WhatsUp Gold comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
303
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
WhatsUp Gold
Average Rating
7.8
Reviews Sentiment
7.4
Number of Reviews
24
Ranking in other categories
Application Performance Monitoring (APM) and Observability (30th), Network Monitoring Software (32nd), Server Monitoring (13th), IT Infrastructure Monitoring (31st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 10.8%, down 14.6% compared to last year.
WhatsUp Gold, on the other hand, focuses on Application Performance Monitoring (APM) and Observability, holds 0.5% mindshare, up 0.3% since last year.
Security Information and Event Management (SIEM)
Application Performance Monitoring (APM) and Observability
 

Featured Reviews

Avinash Gopu. - PeerSpot reviewer
Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations
There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.
Tom Condo - PeerSpot reviewer
If CPU, memory, or disk space is over-utilized, it alerts us immediately via text or email if there is an issue
When it comes to the intuitiveness of the topology mapping feature, our network architect created a vision diagram of our entire network and then created the links tied into the WhatsUp active monitoring to different spots on our topology map. It's one of the more critical functions we do here. We have the map displayed in different places in our room and help desk. We get alerted via emails but we can also see it visually. It does what it says it's going to do. We find this feature very helpful. The interactive mapping interface for scrolling, zooming, and drilling down on an element to learn about a network issue is good. When we see a network there will sometimes be a spot that has one link. You can go into a particular part of the topology map, scroll in, and see exactly which module it is. All the information is provided. This feature really helps. You can see the correlation between that link and what failed. This feature is very helpful. The interface is fairly intuitive. Some of our users used SolarWinds and Nagios, and WhatsUp is easy in comparison. Once you get set up, the look, feel, and configuration are good. Our network architect had never used it before but he was able to create the Visio and map. It was very simple. He has no problems with it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the ease with which dashboards can be created."
"What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis."
"The correlation searches (properly configured) populate the Incident Management dashboard and provide me a quick birds-eye view of my most important concerns."
"It gives us the liberty to do more in terms of use cases."
"The solution has plenty of features that are good."
"The most valuable feature of Splunk is the management and built-in workflows."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"It is easy to access and discover devices, as well as monitor them automatically. The topology discover is also a useful feature."
"NetFlow monitoring, real-time monitoring, and surveys have been the most valuable features for our business."
"It is stable."
"The most valuable feature is the auto-discovery function."
"This is a good, stable network monitoring solution for devices."
"I use it on premises to monitor my network database. We monitor the link up/down and use the SNMP traps as well."
"Auto scanning is most valuable. It looks for rogue devices on your network."
"The solution effectively monitors network devices and servers."
 

Cons

"Its pricing is extremely high. There are other tools out in the market that are competitive. They do not necessarily have all the functionality, but they are competitive. The professional services we have used have been high as well in comparison to the market."
"The search could be improved. Now, it is a bit difficult to write search queries because they become quite long, then maintaining those long search queries is a quite challenging."
"Resource usage can probably be described as an area with shortcomings in the product where improvements are required."
"It needs to improve the way to install third-party apps and enable installation without logging into splunk.com."
"For us, the area that Splunk Enterprise Security can improve is performance optimization."
"Being able to have a one-stop shop where you have the alert, but then you can generate the case right there from Splunk Enterprise Security instead of having to pivot to another tool such as Mission Control. You do not have to keep bouncing between them, so if you could do it all in one place, that would be great. The new release is supposed to start getting in that direction."
"Some of the search functions can be better. There has been a lot of talk at the conference about the update of SPL before each iteration. That will be a lot of help."
"Splunk needs local technical support."
"The new release cadence needs to be improved. It takes a while for them to add new features and functionality. There should be a quicker turnaround with new versions."
"Importing the maps and being able to customize them could be easier."
"Pricing is too high relative to how many devices we use. The price list is not linear to number of devices."
"The point system is not clear and clarity around this would improve our understanding of the system."
"You have to invest a few days to become an expert in this solution."
"Adding on services increases the cost and on the version we have there is no option for ATM monitoring."
"We can never achieve or get a good picture of the network topology."
"One of the biggest things that made us start to look at another product is we're not able to have an end to end monitoring from a user perspective throughout the system and back to the user. All the monitoring is from inside out, we need something that also can give us from outside in."
 

Pricing and Cost Advice

"The cost is on the high end, which makes it difficult for some organizations to use."
"The pricing of Splunk Enterprise Security is high."
"My experience with the solution's setup cost, pricing, and licensing was really good."
"The licensing model can be expensive, but the value it provides is significant."
"I work on the technical side, so I don't know precise figures. However, I know that Splunk is a premium product, so it's somewhat costly. Still, you get a lot of unique features for the money."
"The subscription is monthly."
"The pricing is based on the volume of data fed into it, which can lead to substantial costs. This pricing model is complex and unpredictable, making cost management difficult."
"Splunk is a bit pricier, but the benefits and ROI are huge."
"There is a license needed to use WhatsUp Gold."
"Pricing is reasonable compared to other products."
"The most valuable feature is the cost compared to other solutions."
"I'm not sure, but it's expensive. We don't pay any additional fees."
"It is per device, per year. The pricing is very clear. If you have a service agreement, you get all of your major upgrades and minor upgrades. It was under $10,000 to go all-in with all of the different add-ons for it."
"There are some subscription charges that are quite heavy. I need to pay for support every year and these charges can be quite expensive. Aside from the initial cost for the tool, you need to pay additionally for support."
"The pricing can be on the expensive side when considering competing products."
"The tool's price is reasonable. WhatsUp Gold is cheaper than SolarWinds."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
830,574 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
Computer Software Company
15%
Manufacturing Company
11%
Financial Services Firm
11%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What do you like most about WhatsUp Gold?
The interactive mapping interface for scrolling, zooming, and drilling down on an element to learn about a network issue is good. When we see a network there will sometimes be a spot that has one l...
What is your experience regarding pricing and costs for WhatsUp Gold?
Clients find the licensing calculator confusing, but we simplify this for them by collecting relevant information first. The licensing is based on devices, providing better cost-effectiveness than ...
What needs improvement with WhatsUp Gold?
Improvements are needed in integration, especially for WhatsApp call and messages. Our region heavily uses WhatsApp Messenger for communication, and integration with this platform would be benefici...
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Artoni Trasporti, Austin Independent School District, Banca Marche, Burke County North Carolina, Cambridge University School of Clinical Medicine, Clayco, Community Integrated Care, Desca, Deutsche Bergbau, Flexi-Van, Gropper, Hamleys, Hammonds Furniture, Knowledge IT, Idras S.P.A., Sibeg, Swann Engineering, Trivium Lindenhof
Find out what your peers are saying about Splunk Enterprise Security vs. WhatsUp Gold and other solutions. Updated: May 2023.
830,574 professionals have used our research since 2012.