We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The main benefit is the ease of integration."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"There are a lot of third-party applications that can be installed."
"Out-of-the-box, it seems very powerful."
"We solve issues that we previously could not since we now have the data."
"The solution has plenty of features that are good."
"The solution is stable and reliable."
"Splunk has machine learning which is a valuable feature."
"The number one thing was just the ease of getting something up quickly. The other thing that was good about it was that it was fairly fast for decent-sized data sets in terms of performance and run time."
"Tableau is highly scalable. Now that they've introduced Hyper, you can create an extract of more than 5 million rows in minutes and then do your analysis."
"The most valuable feature is that we can integrate with our own database, and it will displays the KPIs. This is highly required from the business side."
"The product has the best features for analytical views and filters."
"Its dashboarding is the most valuable. It is easy to create visualizations and dashboards and import Excel sheets and ESP files in Tableau as compared to other tools."
"The best use case for us is the solution's integration with Salesforce because we are also partners of Salesforce."
"Tableau is easy to use compared to some other solutions, such as Excel."
"Tableau will automatically show charts for the related data that I choose making it very easy to use."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"We'd like also a better ticketing system, which is older."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The only thing is sometimes you can have a false positive."
"Over time I will have more requirements and I can foresee the solution could improve the search algorithm to run and output the data faster."
"Some of the search functions can be better. There has been a lot of talk at the conference about the update of SPL before each iteration. That will be a lot of help."
"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
"Splunk could have more built-in use case presets that customers can build on and customize."
"It currently has limited default rules and customizations. If they can concentrate more on the compliance part and the security information part, it would be helpful. The platform part is good, but it requires many features from the security aspect."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"The support that is included with the standard licensing fee is very bad."
"Tableau's data modeling, mining, and AI library features need improvement."
"The integration with other program languages, like Python, needs to be better."
"Improvements in schema security and row/column security need to be made."
"Tableau support could be improved."
"Include forecasting on table calculation fields."
"An advanced type of visualization is a bit tricky to create. It has something called a Calculated field, and that sometimes gets a bit difficult to use when you want to create an advanced type of visualization."
"Navigating through activities like cleansing, reshaping, and wrangling extensive or complicated datasets could prove challenging within the Tableau environment."
"Its integration with Microsoft products such as Teams should be improved."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 293 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.