We performed a comparison between Splunk and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Splunk easily wins out in this comparison. Compared with Wazuh, it is a mature and robust solution with a proven ROI.
"I am satisfied with the support."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"Integration with the cloud is pretty important and good for us. We found the integration with a lot of tools, not all tools yet, valuable. It does make the transfer of data, log files, and other things easier for us."
"The solution has proven to be quite stable."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"It is the best tool if you have a complex environment or if data ingestion is too huge."
"The most valuable aspect of the solution is the dashboard. It's very intuitive."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The deployment is easy and they provide very good documentation."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"The product is easy to customize."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh has very flexible and robust features."
"I have concerns about the architecture as well since I can see it is not very well defined."
"The only improvement I am expecting is the cost of the licensing. Clients are going to other solutions just because of the cost."
"Features related to content management must be improved."
"The threat detection system has room for improvement."
"The level of scalability depends on the license you have. You can expand or reduce it based on the environment. It does cost more money to scale, however."
"The documentation is in definite need of improvement."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating."
"Wazuh is missing many things that a typical SIEM should have."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"It would be great if there could be customization for the decoder portion."
"Since it's an open-source tool, scalability is the main issue."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"The computing resources are consuming and do not make sense."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
Splunk Enterprise Security is ranked 1st in Log Management with 244 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Splunk Enterprise Security is rated 8.4, while Wazuh is rated 7.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Splunk Enterprise Security is most compared with Dynatrace, IBM Security QRadar, Elastic Security, Microsoft Sentinel and Datadog, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Graylog and IBM Security QRadar. See our Splunk Enterprise Security vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.