Splunk Enterprise Security vs VMware Aria Operations for Applications comparison

Splunk Enterprise Security

Read 258 Splunk Enterprise Security reviews

23,657 Views
19,419 Comparison Views

93% willing to recommend

VMware Aria Operations for ...

Read 9 VMware Aria Operations for Applications reviews

1,464 Views
1,303 Comparison Views

90% willing to recommend

Splunk Enterprise Security

VMware Aria Operations for ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Splunk Enterprise Security and VMware Aria Operations for Applications based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Splunk Enterprise Security vs. VMware Aria Operations for Applications Report (Updated: May 2023).

Buyer's Guide

Splunk Enterprise Security vs. VMware Aria Operations for Applications

May 2023

Download the complete report

Helped 787,779 peers since 2012

Categories and Ranking

Splunk Enterprise Security

Average Rating

8.4

Number of Reviews

258

Ranking in other categories

Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

VMware Aria Operations for ...

Average Rating

7.6

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (33rd), IT Infrastructure Monitoring (34th), Container Monitoring (9th), Cloud Monitoring Software (29th)

Mindshare comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Splunk Enterprise Security is 13.7%, down from 14.2% compared to the previous year. The mindshare of VMware Aria Operations for Applications is 0.1%, down from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Unique Categories:

Log Management

13.0%

IT Operations Analytics

28.2%

Application Performance Monitoring (APM) and Observability

0.9%

IT Infrastructure Monitoring

1.1%

Featured Reviews

Abdur Rashid

SOC Analyst at nust

May 20, 2024

Helps monitor multi-cloud environments, detect threats faster, and reduce alert volume

Monitoring our AWS and Azure cloud environments with Splunk Enterprise Security is easy. The visibility into multiple cloud environments is good. We have complete visibility because we integrate all our logs and sources into Splunk. Splunk Enterprise Security's insider threat detection capabilities module runs on the backend and provides complete visibility into anomalous behavior and zero-day attacks. The threat intelligence management feature is a necessary tool in our environment. The actionable intelligence provided by the threat intelligence management feature is helpful. We can see the IoC to help with our investigation. Splunk Enterprise Security does a good job analyzing malicious activities and detecting breaches. Splunk Enterprise Security helps us detect threats faster. Splunk Enterprise Security helps reduce our alert volume by whitelisting the false positives. Splunk Enterprise Security has helped speed up our security investigations. Splunk uses user-friendly language and visibility to speed up our investigation times. Splunk offers significant time savings for analysts compared to tools like Azure Sentinel, with analysts resolving alerts 30-40 percent faster. Additionally, Splunk's user-friendly dashboards simplify administration.

Read full review

reviewer2130444

Professional Services Expert at a tech services company with 1-10 employees

Mar 16, 2023

Useful technology with helpful support but it's hard to set up Tanzu clusters

I primarily use the solution for consulting. I help company DevOps teams. The companies are already using VMware technologies and Tanzu helps them be compatible with other technologies. The company is able to use native Kubernetes. It can support open-source technologies. If you have trouble…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"You can use it to gather syslog messages from anything."

"The most valuable features of the solution are it is straightforward to use and the documentation is good for finding out how to get the data you are looking for."

"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."

"Splunk Enterprise Security's value lies in its ability to collect and analyze security logs, providing insightful dashboards."

"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."

"It gives me notifications of notable events."

"Our clients are easily able to modify and evolve their implementations."

"Our clients use the solution to find any threats or vulnerabilities inside their environment."

More Splunk Enterprise Security pros

"No issues with stability."

"The most valuable aspects of the solution are its ease of use and its ease of implementation."

"The features I find most valuable is the querying and alerting capabilities."

"For us, the ease of deployment in combination with TMZ was the most important part because we don't have to manually deploy a complex monitoring solution. We can more or less do that with the click of a button, and we are not dependent on the developers to provide us with all the necessary features and functions to make that work. We can just deploy it on a workload cluster and monitor at least a good part of the workload. If we want to go into detail, we clearly need to make changes, but for a good part of application monitoring, it gives us good insights."

"VMware comes with a support team, and if you have trouble, you can easily create a ticket, and VMware will help you. Therefore, the best aspect is the support."

"This solution allows me to have true visibility for any metrics when it comes to my cloud, and private."

"Tanzu itself, integrated with multiple solutions, bestows support and security upon a container platform, especially when it comes to managing open-source container platforms such as Kubernetes."

"People are very pleased with the implementation."

More VMware Aria Operations for Applications pros

Cons

"Splunk can improve regex/asset analysis as we do not want to crawl until it is done."

"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."

"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."

"While Splunk Enterprise Security offers valuable features, its cost is high and could be more competitive."

"Licensing costs can be a barrier for those with limited budgets."

"Our two main complaints are about the difficulty of the initial setup and the licensing model."

"I find the graphical options really limited and you don't have enough control over how to display the data that you want to see."

"There is improvement needed when importing from some types of data sources."

More Splunk Enterprise Security cons

"The documentation and integration with Kubernetes could be improved."

"Its billing model is consumption-based. I understand the consumption-based model, but it is not necessarily easy to estimate and guess how many points or how much we are going to consume on a specific application up until we get to that point. So, for us, it would be helpful to have more insights or predictability into what we can expect from a cost perspective if we are starting to use specific features. This can potentially also drive our consumption a bit more."

"It could use a URL document server. Everything in the market is moving towards automation and everybody's looking for the single click operations as well relational data locality."

"The initial setup should be easier and more seamless."

"In the new version, I would love to see more prediction capabilities. It would be great if one could see the alerts get a little more enriched with information and become more human-friendly instead of the technical stuff that they put in there. I think those would be really awesome outcomes to get."

"The implementation is a long process that should be improved."

"The main problem I have is that the license cost is very high."

"I would like to see integration with Kubernetes cluster and APIs so that you can manage the entire stack."

More VMware Aria Operations for Applications cons

Pricing and Cost Advice

"The pricing depends on the bandwidth of an organization and is good compared to some SIEM tools. IBM, for example, is quite costly. But Microsoft Sentinel is notably cheaper."

"The price can always be lower, but it is fair at the moment. The cost efficiencies depend on the licensing and how much data we are bringing in. We have a fairly large footprint, so it is cost-effective."

"ROI is estimated at saving my team roughly 10 to 12 man hours per week in troubleshooting for our company as well as what our profits had been from our services of installing, configuring, and supporting other clients with the product."

"The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution."

"Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."

"The pricing can be better. We are already considering Elastic because Splunk is too expensive. You have to pay based on per-day ingestion. There should be a more flexible model for the use cases where one day you have a huge amount, and on other days, it is quite less."

"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."

"I think that most of the monitoring solutions are expensive."

More Splunk Enterprise Security pricing and cost advice

"I would rate the pricing as three out of five."

"I don't have the details. In our case, there is a mixture in place. We have production usage, and we are also doing training for VMware. So, we also have a training instance. It is worth the money you would spend on it. That's because if you were to build all of this yourself by using some of the open source tools, then you would need a lot of time."

"The licensing costs are very high, particularly when you consider that we have to purchase a level 1 license for every integration, such as the load balancer, HAProxy, and the MSSP. And if you want to use vSAN, that's another license. Then, of course, Tanzu Observability has its own separate license."

"Different locations require different setups. In your terms, around 300 to around 400K USD."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

787,779 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

14%

Government

Manufacturing Company

Financial Services Firm

17%

Computer Software Company

17%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

What do you like most about VMware Tanzu Observability by Wavefront?

VMware comes with a support team, and if you have trouble, you can easily create a ticket, and VMware will help you. Therefore, the best aspect is the support.

See all answers

What is your experience regarding pricing and costs for VMware Tanzu Observability by Wavefront?

I would rate the pricing as three out of five.

See all answers

What needs improvement with VMware Tanzu Observability by Wavefront?

It's hard to set up Tanzu clusters. It's hard to do a POC. Once you set up a customer's environment, you easily see the problems. The initial setup should be easier and more seamless.

See all answers

Comparisons

Wazuh vs Splunk Enterprise Security

Compared 14% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 8% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Elastic Security vs Splunk Enterprise Security

Compared 4% of the time

Microsoft Sentinel vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Grafana vs VMware Aria Operations for Applications

Compared 13% of the time

Dynatrace vs VMware Aria Operations for Applications

Compared 11% of the time

Zabbix vs VMware Aria Operations for Applications

Compared 8% of the time

Datadog vs VMware Aria Operations for Applications

Compared 8% of the time

AppDynamics vs VMware Aria Operations for Applications

Compared 5% of the time

More VMware Aria Operations for Applications Competitors

Product Reports

Buyer's Guide

Splunk Enterprise Security

May 2024

Download Splunk Enterprise Security product report

Buyer's Guide

VMware Aria Operations for Applications

May 2024

VMware Aria Operations for Applications report

Download VMware Aria Operations for Applications product report

Also Known As

No data available

Tanzu Observability, Wavefront, Wavefront by VMware, VMware Tanzu Observability

Learn More

Splunk

VMware

Overview

Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.

Full visibility across your environment

Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

Fast threat detection

Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

Efficient investigations

Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

Open and scalable

Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

VMware Tanzu Observability by Wavefront is a powerful tool for monitoring and analyzing the performance and availability of applications and infrastructure in real-time.

With its comprehensive monitoring capabilities, visualizing and analyzing data becomes effortless. The real-time alerting system ensures timely issue resolution, while scalability and a user-friendly interface provide a seamless experience for smooth operations.

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

1. Atlassian 2. Cisco 3. Databricks 4. DigitalOcean 5. Equinix 6. Fidelity Investments 7. Google 8. Hewlett Packard Enterprise 9. Honeywell 10. IBM 11. Intel 12. JetBlue Airways 13. LinkedIn 14. Lyft 15. Mastercard 16. Microsoft 17. MongoDB 18. Netflix 19. Nvidia 20. Oracle 21. PayPal 22. Pinterest 23. Qualcomm 24. Red Hat 25. Salesforce 26. SAP 27. Spotify 28. Square 29. TMobile 30. Twitter 31. Uber 32. VMware

Buyer's Guide

Splunk Enterprise Security vs. VMware Aria Operations for Applications

May 2023

Free Report: Splunk Enterprise Security vs. VMware Aria Operations for Applications

Find out what your peers are saying about Splunk Enterprise Security vs. VMware Aria Operations for Applications and other solutions. Updated: May 2023.

DOWNLOAD NOW

787,779 professionals have used our research since 2012.

See our Splunk Enterprise Security vs. VMware Aria Operations for Applications report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.