Try our new research platform with insights from 80,000+ expert users

ITRS Geneos vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ITRS Geneos
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
57
Ranking in other categories
Application Performance Monitoring (APM) and Observability (34th), Network Monitoring Software (69th), IT Infrastructure Monitoring (48th)
Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
315
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. ITRS Geneos is designed for Application Performance Monitoring (APM) and Observability and holds a mindshare of 1.3%, up 1.3% compared to last year.
Splunk Enterprise Security, on the other hand, focuses on Security Information and Event Management (SIEM), holds 9.4% mindshare, down 12.1% since last year.
Application Performance Monitoring (APM) and Observability
Security Information and Event Management (SIEM)
 

Featured Reviews

Sanket - PeerSpot reviewer
With the help of the solution, we can predict and prevent failures
Currently, the most valuable thing for an individual is a mobile device. Since that is where people are currently tracking everything, we have multiple applications or apps that are for various products. I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself. Using the ITRS Geneos app, we could see the error message during our travels or wherever we are. I would like to see the capacity of messages for forecasting increased. Since the NSE is the number one derivative stock exchange in the work for three consecutive years, the number of messages is important. We use the capacity planner in ITRS to forecast our data needs for the next two months. The planner is important because the volume of data we produce is becoming more and more volatile compared to when we first started using ITRS Geneos in 2014.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It enables us to monitor application processes, to do log-monitoring on a 24/7 basis, to do server-level monitoring - all the hardware parameters - as well as monitor connectivity across applications to the interfaces."
"The ability to completely tailor and customize what it's monitoring is one of its strongest points. A lot of other monitoring tools are good at certain things, but one of my colleagues described it as the “Swiss Army Knife” of monitoring tools. It can do anything you want."
"One of the best aspects of Geneos is that it has a broad scope and can cover a lot of use cases. You can write your own scripts to monitor really specific things. And the rules that you can put in place can be quite complex for the alerts."
"ITRS can define rules to alert when certain parameters that you monitor breach a threshold. Rules can be configured to fire recovery actions automatically to clear the alert"
"It's a very powerful application monitoring tool across the industry. Many free, open-source tools are available. There are also paid tools, but ITRS Geneos is a real-time application monitoring tool where the user can monitor, self-configure, and manage alerts through their console."
"The NetProbe carries over 100 samplers which are capable of monitoring hardware, OS, and the application layer."
"I always appreciate Geneos's stability and ease of use."
"The ability to logically normalize data gathered from multiple types of sources via pre-built plugins is extremely powerful. This functionality, coupled with the ability to import custom data via the Toolkit plugin allows Geneos to be leveraged to monitor every system in the enterprise."
"The stability of Splunk Enterprise Security is very impressive; it is a very stable product."
"The search engine and indexes are fast and optimized, and the report generation dashboard is user-friendly."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"Exporting is a good feature. It helps me out when I have to do reports. I do a lot of exporting and crunching of the numbers. Dashboards are okay for showing to the leadership, but for doing statistics and updating tickets, the export feature is very beneficial for me."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"We were able to create a catalog of dashboards and have a holistic view at all levels. We could understand our business much better. Real-time errors, which were buried in emails before now, surfaced up on dashboards."
"The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing."
 

Cons

"ITRS Geneos cloud monitoring is very weak and can use improvement."
"We all look at the same things - CPU, disk space, paging stats, service status with RAG status on each. That could be provided straight out, saving significant time."
"Much of the reporting outside of the user interface is very basic and requires much customization to be useful."
"Mobile phone integration is probably not as rich as it could be."
"I would also like to see suggested guidelines to accomplish a monitoring task. The issue is that ITRS is so flexible that there is more than one way to complete a task, each with benefits and disadvantages."
"Their cloud monitoring solution needs to be improved. I have already given them the feedback that it's not capable of meeting the latest technology needs."
"There is a part of the rules for monitoring alerts. I want to understand more about how to choose the samples and the requirements for the rules. That is the part that I want to understand better and get better training for."
"A lightweight version which could host more than 100 gateways, as we can see slowness while loading all our gateways."
"The product must improve insider threat detection."
"The solution's automation could be improved."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"We'd like Splunk to reduce false positives."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"Splunk Enterprise Security provides us with the relevant context to help guide our investigations, but it would be interesting to add even more context, for instance, in order to raise the level of risk."
"The solution could improve by making it more business analysis oriented. The way it is now is designed more for developers."
 

Pricing and Cost Advice

"The pricing is fairly market-related. They have been very lenient because we have been working with them for so long. An example is that we're currently migrating some of our services to AWS, and they've given us a grace period for some of the things to help with the migration and not to grow additional costs while we are migrating, but it's still on par with the market."
"When I first came in, their pricing was very high. ITRS had a high expectation of what their price should be based on perceived value. I think they have been realizing, more recently, that there are other competitors, so their pricing is a lot better. Licensing for on-premise is okay, however I feel there is quite some work to be done for cloud and containers. We're still working with them to try and work out what that pricing should look like."
"The market tools are on par with this solution, but if the solution included more features, then it would be well within the range for the cost."
"ITRS Geneos is not a cheap tool. It's a moderate price for the banking industry. The reason we are not able to add the ITRS monitoring tool for the non-banking industries, and non-finance industries, is that the pricing is too high."
"I can say it's not that cheap because the licensing is a little bit costly"
"Pricing is the touchy subject, even here. Upper management always wants us to find a cheaper solution. But we have so much integrated with ITRS... It's expensive, but it does its job very well. And you set it and go."
"Its price is reasonable. It isn't too expensive, and it isn't too cheap, but it also depends on a company's volume and negotiation."
"The licensing cost may seem expensive upfront. However, the service is outstanding, the tool does things that no other tools can do, and the customizability more than makes up for the cost of licensing."
"The pricing can be better. We are already considering Elastic because Splunk is too expensive. You have to pay based on per-day ingestion. There should be a more flexible model for the use cases where one day you have a huge amount, and on other days, it is quite less."
"The licensing is good, but the pricing absolutely needs some work. It is very high."
"We have had a reduction in the time it takes to resolve issues and correlate what has failed."
"My customers have found the price of the solution to be high."
"The price of Splunk Enterprise Security is reasonable, falling somewhere in the middle range."
"The price of Splunk Enterprise Security is high."
"The licensing model can be expensive, but the value it provides is significant."
"Splunk Enterprise Security is a worthwhile investment given the comprehensive range of features it offers."
report
Use our free recommendation engine to learn which Application Performance Monitoring (APM) and Observability solutions are best for your needs.
860,825 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
74%
Computer Software Company
7%
University
5%
Construction Company
2%
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ITRS Geneos?
I would say that it is an easy-to-use monitoring tool. Amongst the available monitoring tools, it is a really good option.
What is your experience regarding pricing and costs for ITRS Geneos?
The pricing is high. Licensing fees might be around 500$ per server monthly.
What needs improvement with ITRS Geneos?
ITRS Geneos is a legacy system. It predicts or provides proactive measures once an issue is resolved. It doesn't offer any predictive capabilities or root cause analysis. They throw a lot of data i...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

Geneos
No data available
 

Overview

 

Sample Customers

ITRS Geneos is used by over 170 financial institutions, including JPMorgan, HSBC, RBS, Deutsche Bank and Goldman Sachs. Clients range from investment banks to exchanges and brokers.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about ITRS Geneos vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
860,825 professionals have used our research since 2012.