Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Zenoss Cloud comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
Zenoss Cloud
Average Rating
8.4
Number of Reviews
8
Ranking in other categories
Application Infrastructure (32nd), Event Monitoring (14th), Network Monitoring Software (74th), Server Monitoring (24th), IT Infrastructure Monitoring (59th), Container Monitoring (11th), Cloud Monitoring Software (41st), AIOps (20th)
 

Mindshare comparison

While both are Systems Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 11.3%, down 14.6% compared to last year.
Zenoss Cloud, on the other hand, focuses on Application Infrastructure, holds 0.2% mindshare, down 0.2% since last year.
Security Information and Event Management (SIEM)
Application Infrastructure
 

Featured Reviews

Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.
ClaudiaChen - PeerSpot reviewer
Jul 7, 2022
Generates close to real-time alerts so users can resolve issues, but needs more integration and public cloud monitoring features
As Zenoss Service Dynamics is more for network-centric devices and you want to monitor, for example, a server, its services, IP addresses, and interfaces, if it's a network and you're going to monitor multiple items, you'll be charged multiple times. This is what Zenoss Service Dynamics needs to improve to make sure that customers pay just one fee to monitor the entire server. What I'd like to see in Zenoss Service Dynamics in the future is a public cloud monitoring feature, particularly for the Azure public cloud. Another additional feature I'd like to see in the next release of the solution is integration with the Azure public cloud because I know that there are some services from Azure that Zenoss Service Dynamics is currently unable to monitor.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the search feature and the indexing. It's very fast and comprehensive."
"The search function for spam is like a google search. You just enter and it will quickly show you the results."
"It gives us good visibility into multiple environments, including cloud, on-premises, and hybrid; irrespective of platform."
"The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk."
"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
"The ability to ingest different log types from many different products in our environment is most valuable."
"Its huge, versatile AppBase helped me to configure and bring data from different sources to a unified platform."
"Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats."
"It's easy to use."
"Its Docker Container concept is mind blowing. It is the first monitoring tool which comes with Docker features."
"The most valuable feature is the flexible discovery mechanism."
"What I like most about Zenoss Service Dynamics is that it monitors the devices and gives close to real-time alerts. For example, in case the device is not available, Zenoss Service Dynamics generates an alert so my team can resolve the issue."
"The product offers good documentation that helps with initial training."
"The custom built integration is one of the most valuable features because you can see all the especially critical items."
"They have also accommodated many state-of-the-art technologies like Docker and ZooKeeper."
 

Cons

"Splunk's reporting functionality would benefit from enhanced customization capabilities, allowing users to tailor reports to their specific needs for better data visualization and analysis."
"The integration with all our tool sets felt like we were reinventing the wheel, which was a pain point for us."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"Splunk is not very user-friendly. It has a complex architecture in comparison to other solutions on the market."
"This is a costly solution."
"Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."
"The tool should include more real-world use case examples built out either through videos or in the community."
"I would like to get visibility into the data pipelines on heavy forwarders and indexers to see exactly their source and the cause of saturation when it occurs. This would help us learn even more about our high use applications."
"The inclusion of a feature to show a graphical view of the network would be a helpful improvement."
"It would be ideal if the product offered sound alerts."
"As Zenoss Service Dynamics is more for network-centric devices and you want to monitor, for example, a server, its services, IP addresses, and interfaces, if it's a network and you're going to monitor multiple items, you'll be charged multiple times. This is what Zenoss Service Dynamics needs to improve to make sure that customers pay just one fee to monitor the entire server. What I'd like to see in Zenoss Service Dynamics in the future is a public cloud monitoring feature, particularly for the Azure public cloud. Another additional feature I'd like to see in the next release of the solution is integration with the Azure public cloud because I know that there are some services from Azure that Zenoss Service Dynamics is currently unable to monitor."
"There is room for improvement with the administrative part. They introduced Control Center to manage things in Zenoss 5. The services that Zenoss provides remained the same, but the administrative part, since they introduced Docker, etc., has become a little complex"
"Now it is stable, but they should design threshold parameters in percentage instead of raw values."
"There was a problem with Zenoss and storage monitoring."
"The AI aspect needs to improve."
 

Pricing and Cost Advice

"Splunk ES is quite expensive compared to some products on the market."
"It is pretty straightforward and based on the sizing. If I compare it with other competitors, it makes sense."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
"Its price is fair. Like with anything else, if you go into the cloud, different providers cost more, and you are able to throttle back or throttle up. The cost is comparable with anything else."
"Splunk is really expensive compared to all the other tools on the market, including Microsoft Sentinel."
"The price can always be lower, but it is fair at the moment. The cost efficiencies depend on the licensing and how much data we are bringing in. We have a fairly large footprint, so it is cost-effective."
"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."
"We have seen ROI and improvements as we have continued to use the product, but they are more reactive."
"There are additional costs you'll have to pay apart from the license fee for Zenoss Service Dynamics. I can't remember exactly how much my company is paying because I don't handle the finance part, but the cost is paid annually. On a scale of one to five, with one being the cheapest and five being the most expensive, I'm rating the solution three out of five."
"The pricing depends on the environment, the number of services, and the size of the data center. It can go from $100,000 to a million dollars."
"It is very cost-effective compared to the tools I worked with in the past. The company is gaining a lot with respect to the cost factor. It provides agentless monitoring and in a very cheap way."
"It depends on the customer, what he wants."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,528 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
Computer Software Company
21%
Financial Services Firm
13%
Manufacturing Company
9%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What is the best network monitoring software for large enterprises?
In my experience, I worked with many monitoring software, but the one that gave me the most functionalities of a large-scale company is Zenoss, due to its ability to monitor completely hybrid and a...
 

Also Known As

No data available
Cloud Monitoring, Zenoss Service Dynamics
 

Learn More

Video not available
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
2degrees, Rackspace, State of North Dakota, El Paso Independent School District, NWN Corporation
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: October 2024.
814,528 professionals have used our research since 2012.