Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Zabbix comparison

The compared Splunk and Zabbix solutions aren't in the same category. Splunk is ranked #1 in SIEM , with an average rating of 8.4, and holds a 10.8% mindshare in the category. Zabbix is ranked #1 in NMS , with an average rating of 8.4, and holds a 11.5% mindshare. Additionally, 93% of Splunk users are willing to recommend the solution, compared to 95% of Zabbix users who would recommend it.
Splunk Enterprise Security
Read 303 Splunk Enterprise Security reviews
  • 15,261 Views
  • 12,770 Comparison Views
93% willing to recommend
Zabbix
Read 103 Zabbix reviews
  • 17,584 Views
  • 13,556 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Splunk Enterprise Security and Zabbix are competitive solutions in IT monitoring and security analytics. Splunk Enterprise Security holds an advantage due to its expansive feature set and customer support, while Zabbix is preferred for affordability and efficient resource usage, appealing to cost-effective organizations.

Features: Splunk Enterprise Security is noted for its advanced search capabilities, real-time monitoring, and extensive integration support. Zabbix is recognized for real-time performance monitoring, straightforward scalability, and normal resource consumption.

Room for Improvement: Splunk Enterprise Security users suggest a simpler setup process, improved compatibility with non-standard systems, and better integration handling. Zabbix users seek more comprehensive documentation, enhanced alerting, and extended configuration options.

Ease of Deployment and Customer Service: Splunk Enterprise Security's deployment is complex but supported by proactive customer service. Zabbix offers straightforward deployment but experiences service delays.

Pricing and ROI: Splunk Enterprise Security has high setup costs but provides significant ROI for enterprises needing in-depth analytics. Zabbix is cost-effective, with lower setup costs, offering excellent ROI for robust monitoring without extensive operational costs.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: December 2024).
Buyer's Guide
Security Information and Event Management (SIEM)
December 2024
Download the complete report
Helped 825,399 peers since 2012
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
303
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
Zabbix
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
103
Ranking in other categories
Application Performance Monitoring (APM) and Observability (9th), Network Monitoring Software (1st), Server Monitoring (1st), IT Infrastructure Monitoring (1st), Cloud Monitoring Software (2nd)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 10.8%, down 14.6% compared to last year.
Zabbix, on the other hand, focuses on Network Monitoring Software, holds 11.5% mindshare, down 11.8% since last year.
Security Information and Event Management (SIEM)
Network Monitoring Software
 

Featured Reviews

Avinash Gopu. - PeerSpot reviewer
Offers good visibility into multiple environments, significantly reduces our alert volume, and speeds up our security investigations
There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices. This is because Splunk relies on agents, which cannot access certain workstations. In these cases, we have to rely on application data. For example, with mainframes, manual reports are generated and sent to Splunk, limiting visibility to what's manually reported. This lack of automation for specific platforms needs improvement from Splunk. Additionally, API access is limited for other applications that rely on API calls and requests. This requires heavy customization on Splunk's end. These are the main challenges we've encountered. Monitoring multiple cloud platforms, like Azure, GCP, and AWS, with Splunk Enterprise Security presents some challenges. While Splunk provides different connectors for each provider, consolidating data from two domains across distinct cloud environments can be complex. However, leveraging pre-built templates and Splunk's data collation capabilities can help overcome these hurdles. Despite initial difficulties, I believe Splunk can effectively address this task, earning it an eight out of ten rating for its multi-cloud monitoring capabilities. While Splunk Enterprise Security offers insider threat detection capabilities, its effectiveness could be enhanced by integrating with additional tools, such as endpoint security solutions. This integrated approach is particularly crucial for financial institutions, which often require dedicated endpoint security teams. While using multiple tools is valuable, further improvements within Splunk itself are also necessary. Considering both external integration and internal development, I would rate its current insider threat detection capabilities as three out of ten. Threat detection is where Splunk falls behind. While it offers tools, other use cases require additional work. PAM is an enterprise tool that centralizes information about users, servers, and everything else. It needs real-time monitoring, which I haven't seen in any of the companies I've worked for. They only rely on Splunk for alerting, but real-time monitoring should be handled by the endpoint security team's tools. This means there's no detection or analysis at the machine or endpoint level. Additionally, threat analysis reporting is also absent.
Read full review
ASM Naushad Alam - PeerSpot reviewer
Allows any number of customizations but lacks functionality for finding root causes
We have not yet purchased the commercial version so have a lack of technical ability. We do not yet fully know the key points or key features of the solution. We just use what we use along with WhatsUp Gold. Based on our use only, stability is rated a seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Visualizations are the best way to understand deviation techniques from the norm."
"To get visibility from your network devices, servers, and security devices is a great feature."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"The compatibility with the add-ons helps us add more data in the same compatible format and use data models to elaborate and make it faster."
"I like the search feature and the indexing. It's very fast and comprehensive."
"You can integrate Splunk with third-party security automation solutions and set rules for automatic response."
"The data representation options in the dashboards are excellent."
"Splunk has machine learning which is a valuable feature."
More Splunk Enterprise Security pros
"Every new asset placed in the environment can be automatically detected, predicting human failures."
"During my testing, the features that I like the most are that it can be integrated with my system, and it provides me with reports of all of my servers."
"The initial setup was very quick. The first time it was long because I didn't know it yet. I was only using Windows. The first time was very difficult because of the operating system."
"The template system in Zabbix is very beneficial as it saves time in configuration."
"Zabbix has a roadmap and they are continuously and frequently adding new features."
"The most valuable features of Zabbix are flexibility and a single interface for different types of monitoring."
"We use Zabbix to monitor our organization's IT infrastructure and workstations. We don't use Microsoft Intune since it's expensive. The tool's real-time alerting system has proved crucial for us, particularly when a new device joins a network that is not one of our own devices. It notifies us about the presence of this new device, allowing us to investigate further. Additionally, it alerts us about disk usage, memory usage, and the software installed on the machine."
"The best feature is that Zabbix can report everything, and everything in Zabbix is free."
More Zabbix pros
 

Cons

"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"The solution's automation could be improved."
"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now."
"The product was designed for security and IT with business intelligence needs, such as PDF exporting, but this has not been the highest priority. While the functionality is there, it could be developed more."
"My biggest struggle with Splunk in general is memorizing all the commands. If I want to know which users have logged in between certain hours, I cannot write that query out. It would be helpful to have AI so that I can explain in simple terms what I want and then the search gives that back to me. I am waiting for that."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"It requires a significant amount of relatively complex architecture once you push past the single server instance."
More Splunk Enterprise Security cons
"There are some features of Zabbix that are not good for reporting. The DX Spectrum solution has better reporting."
"The user interface could be a bit better. They could update it a bit."
"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."
"The product delivers false positives during reporting because of flapping. Other reasonably priced alternatives may have better performance."
"In terms of user-friendliness, large maps could be more interactive. We should be able to click on some areas and move some objects. It would make it simpler to see things while analyzing some dedicated parameters."
"The documentation could be improved."
"There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc."
"If you want to use all of the features then you have to pay a licensing fee."
More Zabbix cons
 

Pricing and Cost Advice

"Splunk is really expensive compared to all the other tools on the market, including Microsoft Sentinel."
"Its pricing model can be improved."
"Splunk Enterprise Security is an expensive solution."
"The pricing seems good relative to the other vendors that we have had here. However, they need to find ways to be more flexible with the licensing and be able to deal with situations where we start generating more logs. Maybe having some controls in the Splunk interface to turn it off, so we don't have to change anything in our application."
"While Splunk offers generous developer licenses and obtaining annual licenses is straightforward, the cost is a major consideration."
"Splunk is really expensive."
"I believe that Splunk Enterprise Security is worth the price, but it is expensive."
"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."
More Splunk Enterprise Security pricing and cost advice
"There is no license but we need to pay for support."
"We use the open-source version of Zabbix."
"The solution is free to use but they offer support as a paid service. If you can go read the manuals and do the fine-tuning based on your needs, you do not need to pay anything and you will have a full solution."
"Zabbix is open-source so if one wishes to implement it in-house, they must have qualified professionals to set up and optimize databases, Linux/Unix OS, PHP, Apache, and depending on what is monitored, a full-stack network and systems administrator may be needed."
"This solution is open-source and free to use."
"It is a true open-source solution, so there are no licensing costs."
"This is an open-source solution that can be used free of charge."
"We purchased Zabbix for a good price, including support"
More Zabbix pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
825,399 professionals have used our research since 2012.
 

Comparison Review

it_user174738 - PeerSpot reviewer
May 31, 2015
Nagios vs. Zabbix vs. PRTG vs. Spiceworks vs. Solarwinds Network Performance Monitor
I have researched a quite a few network monitoring tools which can be used for various monitoring purposes of not only the servers, but the intermediate routers as well. There are majorly three types of these softwares. Ones which are completely open-source, you can do almost anything you want…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
Educational Organization
39%
Computer Software Company
11%
Financial Services Firm
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
See all answers
What do you like most about Zabbix?
The template system in Zabbix is very beneficial as it saves time in configuration.
See all answers
What is your experience regarding pricing and costs for Zabbix?
I use the tool's free version.
See all answers
What needs improvement with Zabbix?
I'm using the free version of Zabbix, and I'd like to see more customization options, especially for setting trigger thresholds.
See all answers
 

Comparisons

Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Compared 10% of the time
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Compared 9% of the time
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Compared 8% of the time
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Compared 5% of the time
Sentinel vs Splunk Enterprise Security Logo
Sentinel vs Splunk Enterprise Security
Compared 4% of the time
More Splunk Enterprise Security Competitors
LibreNMS vs Zabbix Logo
LibreNMS vs Zabbix
Compared 10% of the time
Checkmk vs Zabbix Logo
Checkmk vs Zabbix
Compared 8% of the time
Icinga vs Zabbix Logo
Icinga vs Zabbix
Compared 7% of the time
Centreon vs Zabbix Logo
Centreon vs Zabbix
Compared 4% of the time
Nagios XI vs Zabbix Logo
Nagios XI vs Zabbix
Compared 3% of the time
More Zabbix Competitors
 

Product Reports

Buyer's Guide
Splunk Enterprise Security
December 2024
Splunk Enterprise Security reportDownload Splunk Enterprise Security product report
Buyer's Guide
Zabbix
December 2024
Zabbix reportDownload Zabbix product report
 

Learn More

Splunk
Zabbix
 

Overview

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?
  • Comprehensive Dashboards: Provide a holistic view of security operations.
  • Flexible Data Ingestion: Supports various data sources for better analysis.
  • Robust Log Aggregation: Centralizes log management for easier monitoring.
  • Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
  • SIEM Capabilities: Integrates security information and event management.
  • Threat Intelligence: Utilizes external information to improve security measures.
  • Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
  • Correlation Searches: Identifies and correlates security events effectively.
What benefits or ROI should users look for?
  • Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
  • Faster Incident Response: Speeds up identification and resolution of security issues.
  • Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
  • Scalability: Adapts to growing and changing security needs.
  • Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services. 

It offers a wide range of features including data collection, visualization, and reporting. 

With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
Buyer's Guide
Security Information and Event Management (SIEM)
December 2024
Download Free Report
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: December 2024.
DOWNLOAD NOW
825,399 professionals have used our research since 2012.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.