Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Zabbix comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 12, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.2
Splunk Enterprise Security enhances visibility, streamlines operations, and supports real-time decisions, improving efficiency and security in large-scale environments.
Sentiment score
7.7
Zabbix's open-source approach offers high ROI by eliminating costs, enhancing system visibility, and reducing operational expenses.
Splunk's cost is justified for large environments with extensive assets.
 

Customer Service

Sentiment score
6.7
Splunk Enterprise Security support is mixed: knowledgeable at higher levels but variable with first-tier responses, praised online.
Sentiment score
7.0
Zabbix's support is praised for community assistance, responsiveness, expertise, and effective forums, with room for improvement noted.
If you want to write your own correlation rules, it is very difficult to do, and you need Splunk's support to write new correlation rules for the SIEM tool.
The technical support for Splunk met my expectations.
It is so straightforward that I have never had to use the support.
 

Scalability Issues

Sentiment score
7.7
Splunk Enterprise Security is scalable and effective for large deployments, though costs and planning are essential considerations.
Sentiment score
6.9
Zabbix offers efficient scalability and performance for large enterprises, overcoming database and hardware challenges without costly licenses.
It is easy to scale.
They struggle a bit with pure virtual environments, but in terms of how much they can handle, it is pretty good.
Zabbix is very scalable and lightweight.
I would rate its scalability ten out of ten.
 

Stability Issues

Sentiment score
7.9
Splunk Enterprise Security is reliable and adaptable, handling large data volumes with minimal downtime and robust performance.
Sentiment score
7.6
Zabbix is highly stable, reliable, and resource-efficient, though occasional configuration and tuning are needed, especially for databases.
It provides a stable environment but needs to integrate with ITSM platforms to achieve better visibility.
It is very stable.
Zabbix is very scalable and lightweight.
 

Room For Improvement

Splunk Enterprise Security needs improved setup, GUI, user control, pricing, machine learning, and intuitive dashboards for better accessibility.
Zabbix's user interface and features need improvement, with insufficient scalability, modern workload monitoring, and inadequate documentation.
Splunk Enterprise Security would benefit from a more robust rule engine to reduce false positives.
What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel.
Data retention can be better. If we want to look at the data for five months or six months, that is not available to us. We only have a history of 20 or 30 days.
The only issue I can note is that it's Linux-based, and Linux documentation is not the best.
 

Setup Cost

Splunk Enterprise Security is costly but valued for features and scalability, offering significant ROI with careful data management.
Zabbix is a cost-effective, open-source enterprise solution with no licensing fees, appealing for its affordability compared to competitors.
The platform requires significant financial investment and resources, making it expensive despite its comprehensive features.
I saw clients spend two million dollars a year just feeding data into the Splunk solution.
Splunk is priced higher than other solutions.
 

Valuable Features

Splunk Enterprise Security enhances threat detection with fast data retrieval, customizable visualizations, and seamless third-party integration for efficient operations.
Zabbix offers flexible, scalable open-source monitoring with strong customization, seamless API integration, and user-friendly features supported by robust documentation.
This capability is useful for performance monitoring and issue identification.
They have approximately 50,000 predefined correlation rules.
Splunk Enterprise Security's most valuable features are its stability and the robust Splunk Search Processing Language.
If disk usage surpasses a threshold, say 70%, I receive alerts and can take proactive action.
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
305
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
Zabbix
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
105
Ranking in other categories
Application Performance Monitoring (APM) and Observability (8th), Network Monitoring Software (1st), Server Monitoring (1st), IT Infrastructure Monitoring (1st), Cloud Monitoring Software (2nd)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 9.5%, down 12.8% compared to last year.
Zabbix, on the other hand, focuses on Network Monitoring Software, holds 13.0% mindshare, up 11.2% since last year.
Security Information and Event Management (SIEM)
Network Monitoring Software
 

Featured Reviews

ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.
ASM Naushad Alam - PeerSpot reviewer
Allows any number of customizations but lacks functionality for finding root causes
We have not yet purchased the commercial version so have a lack of technical ability. We do not yet fully know the key points or key features of the solution. We just use what we use along with WhatsUp Gold. Based on our use only, stability is rated a seven out of ten.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Comparison Review

it_user174738 - PeerSpot reviewer
May 31, 2015
Nagios vs. Zabbix vs. PRTG vs. Spiceworks vs. Solarwinds Network Performance Monitor
I have researched a quite a few network monitoring tools which can be used for various monitoring purposes of not only the servers, but the intermediate routers as well. There are majorly three types of these softwares. Ones which are completely open-source, you can do almost anything you want…
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
8%
Government
8%
Educational Organization
37%
Computer Software Company
11%
Financial Services Firm
6%
Manufacturing Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What do you like most about Zabbix?
The template system in Zabbix is very beneficial as it saves time in configuration.
What needs improvement with Zabbix?
For me, Zabbix is very straightforward. I cannot think of any improvements needed. It's a very mature product. The only issue I can note is that it's Linux-based, and Linux documentation is not the...
 

Comparisons

 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
842,767 professionals have used our research since 2012.