We performed a comparison between Elastic Observability and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's easy to deploy, and it's very flexible."
"Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning over a month from multiple data sources can be completed within seconds."
"Good design and easy to use once implemented."
"The solution allows us to dig deep into data."
"The solution has been stable in our usage."
"The most valuable feature of Elastic Observability is the text search."
"The tool's most valuable feature is centralized logging. Elastic Common Search helps us to search for the logs across the organization."
"Its diverse set of features available on the cloud is of significant importance."
"The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing."
"This solution helps us increase our productivity."
"it can explain to management about what kind of traffic is visiting the network. It can also explain other traffic coming in and out, along with protecting against malware."
"Splunk incorporates a lot of elements that help to reduce security risks. For it to reach certain compliance, we need to have some security insight. Splunk is a very good SIEM, it’s a top solution, but the best feature is its cost of visibility. We have all the most important features to detect vulnerabilities or risks."
"Splunk's visualizations make it easy for users to understand the data."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"The technical support is among the best in the market."
"The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"Elastic Observability needs to have better standardization, logging, and schema."
"They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base."
"Improving code insight related to infrastructure and network, particularly focusing on aspects such as firewalls, switches, routers, and testing would be beneficial."
"There is room for improvement regarding its APM capabilities."
"Elastic Observability is difficult to use. There are only three options for customization but this can be difficult for our use case. We do not have other options to choose the metrics shown, such as CPU or memory usage."
"The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages."
"It does not give us permission to implement on-premise so we implement them on the cloud."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect."
"The price has room for improvement."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"The product's price may be an area of concern where improvements are required."
Elastic Observability is ranked 14th in Log Management with 22 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Elastic Observability is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our Elastic Observability vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.