We performed a comparison between Splunk Enterprise Security and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Integrity with many vendors: This simplifies the implementation and integration with different devices"
"I really like the user interface and how it works."
"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."
"The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening."
"The technical support is among the best in the market."
"The product has a good security posture."
"The ability to ingest different log types from many different products in our environment is most valuable."
"We solve issues that we previously could not since we now have the data."
"The solution is quite stable."
"Technical support is always great."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"When we do a rollout from the server or host or anything, we'd like to see more automation. It would save us time."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"The search could be improved. Now, it is a bit difficult to write search queries because they become quite long, then maintaining those long search queries is a quite challenging."
"I would like to see future development in terms of ML (Machine Learning)."
"The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system."
"We'd like Splunk to reduce false positives."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"We had an instance when Splunk failed and it took us a couple of days to recover."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"The solution should improve its UI."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"Sumo Logic Security is expensive, and its pricing could be improved."
"Sumo Logic needs to make sure integrating solutions are seamless."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 244 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. Splunk Enterprise Security is rated 8.4, while Sumo Logic Security is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel, whereas Sumo Logic Security is most compared with Wazuh, Microsoft Sentinel, Rapid7 InsightIDR, VMware Aria Operations for Logs and Grafana Loki. See our Splunk Enterprise Security vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.