• Home
  • BMC TrueSight Operations Management vs. Splunk Enterprise Security

BMC TrueSight Operations Management vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
BMC TrueSight Operations Management vs. Splunk Enterprise Security
May 2023
Executive Summary

We performed a comparison between BMC TrueSight Operations Management and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out in this report how the two IT Infrastructure Monitoring solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed BMC TrueSight Operations Management vs. Splunk Enterprise Security Report (Updated: May 2023).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
Prajakta Solanke
It improves VM load and has good documentation with easy-to-follow steps on how to set it up, but it has room for...
We get a lot of benefits from BMC TrueSight Operations Management as a bank, as we have nearly forty thousand servers that serve the bank. To... Read more →
SAURABHYADAV4
The solution speeds up our response by enabling us to automate some of the investigation steps
Splunk speeds up our incident response by enabling us to automate some of the investigation steps, such as finding information about the user or... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The event management part of TrueSight Operations Management, in my experience, is probably the best in the market. You have endless flexibility. You can build your own rules, you have the MRL language, and you can implement any kind of logic on the alerts. It may be correlation, abstraction, or executing something as a result of the alerts. You have almost the whole range of options available for event management using the available customization.""The most valuable feature of BMC TrueSight Operations Management is the dashboard presentation server.""The most valuable features of the solution are alert management, alert generation, and event management.""The tailoring of the knowledge modules has been particularly useful as I can streamline the agents to only report on critical events.""The initial setup of BMC TrueSight Operations Management was easy.""The solution has a very good business event manager tool.""I like the deep-dive detail and end-user metrics data. The synthetic monitor is the best one. The best point of the new one is that there's no need for configuration. You can inject the Java script and start to change major developments in the application. This is a good approach, and we received all the data using this.""The fact that they have a very integrated relationship with Sentry Software, the Knowledge Module, is valuable... The richest feature for us is the number of Knowledge Modules that we can load into the product to add breadth of service to the customer. It enables us to move up the operational stack from hardware, to operating system, to application, and to cloud... That enables us to provide one pane of glass over all those layers - hardware, OS, app, and cloud."

More BMC TrueSight Operations Management Pros →

"The speed of the search engine""It helps us uncover bottlenecks in the network.""We did not encounter any issues with scalability. It is almost seamless to add new index (storage) or search (used to analyze the data) nodes to the cluster.""The fact that Splunk is a platform and not just a SIEM solution is a key benefit.""The Splunk queries are valuable.""We can quickly search for almost anything across many log sources in seconds.""The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly.""It helps streamline troubleshooting and log analysis."

More Splunk Enterprise Security Pros →

Cons
"The graphs are extremely limited. We don't have a lot of dashboard options. To make reports and dashboards more useful, we usually need to integrate some dashboard solutions.""It would be better if the initial setup and deployment were more straightforward.""BMC's solutions for cloud monitoring (monitoring of AWS and Azure resources) are very poor in stability and customization.""One of the things that the TrueSight environment is missing is some of the HA abilities. The data collection server called the ISM doesn't really have the HA functionality or workload balancing. It was missing from the previous product as well. It's missing redundancy.""We have a unique use case because BMC typically sells this solution into enterprises that are deploying it within their IT, versus to a managed services provider like us where we're supporting thousands of customers. Multi-tenancy and the scalability have been challenges along the way, as we've grown... If anything could have gone better as we were ramping this up and adding a lot of volume to it, I would say it's the scalability. That would be one thing that could be improved.""The solution is a little obsolete.""More modules for less popular applications and better documentation.""It's too complex, too many servers are required, there are too many different components in the solution, and a lot of agents are required."

More BMC TrueSight Operations Management Cons →

"While Splunkbase (the app repository) has a lot of great content, some apps are terribly old and could stand to be updated or purged.""The GUI can be improved. Splunk has always suffered from having a kind of goofy UI, it needs some updating.""Deployment is not difficult but the lock sources and configurations can take time.""Free-floating panels in the dashboards are like a glass table.""While scheduled reports can be embedded, Splunk dashboard can not be embedded directly without enabling cross origin.""Sometimes, there is latency in the logs.""I would like to see future development in terms of ML (Machine Learning).""Splunk Enterprise Security has not helped reduce our alert volume."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "Use conservative figures. In terms of hardware, monitored servers and also effort. The product is not cheap. But as with other products, you get what you pay for."
  • "The solutions are not the cheapest but are robust and stable. License model is rather complex and BMC do often change the model."
  • "Pricing is very high."
  • "We pay license fees of between $150 and $200 per asset. There is an enterprise software license fee, and then you pay a percentage for your maintenance, and then Premier Support. For example, if you buy a two-year license for the product, then the maintenance fee is added to that for two years at X percent a year. Then there's a small fee on top of that for Premier Support..."
  • "Pricing is all volume-driven. I think we were paying between $80 and $85 per license. That's per unit, for a perpetual license. You pay it one time and then, every year, you pay 20 percent of that for annual maintenance and support. But now that we've grown, we've purchased tens of thousands of licenses and the cost per license has gone down to something like less than $30..."
  • "It is a large, complex product. So, there is a commitment of manpower to deploy it, as it is not a cheap product."
  • "There is a big upfront cost when you buy the license, then there is annual maintenance. We look at, if I bought a license and paid for maintenance for five years, then average it out, what would be my monthly cost. We have had some of the competing tools come in around four dollars. This is coming in as a premium, which is why I don't have it deployed as I would like it. Therefore, we're in negotiations right now. If I can get it down to the four dollar range, I will triple my deployment in a year and a half."
  • "The only possible additional cost that I can mention, that you might not be aware of, is that it uses Oracle partitioning, if you use Oracle. There are Oracle partitioning fees that go with that."

    • More BMC TrueSight Operations Management Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about BMC TrueSight Operations Management?
    Top Answer:The tool is flexible enough to be customized based on customer requirements.
    Read all 29 answers   →
    What is your experience regarding pricing and costs for BMC TrueSight Ope...
    Top Answer:The cost depends on the usage.
    Read all 19 answers   →
    What needs improvement with BMC TrueSight Operations Management?
    Top Answer:The product must provide more AI capabilities. AI is already available but must play a deeper role in the solution.
    Read all 25 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    20th
    out of 108 in IT Infrastructure Monitoring
    Views
    2,865
    Comparisons
    1,955
    Reviews
    14
    Average Words per Review
    408
    Rating
    7.7
    2nd
    out of 80 in Security Information and Event Management (SIEM)
    Views
    25,711
    Comparisons
    20,955
    Reviews
    63
    Average Words per Review
    958
    Rating
    8.4
    Comparisons
    Also Known As
    ProactiveNet, TrueSight Operations Management
    Learn More
    BMC
    Splunk
    Overview

    BMC TrueSight Operations Management is a solution that delivers end-to-end performance monitoring and event management. It does so by using machine learning, analytics, and AIOps to identify, analyze, and resolve application and infrastructure problems quickly. BMC TrueSight Operations Management also offers automated remediation and ticketing.

    BMC TrueSight Operations Management Features

    BMC TrueSight Operations Management has many valuable key features. Some of the most useful ones include:

    • TrueSight Smart Reporting
    • Broad monitoring capabilities
    • Hundreds of integrations
    • Event grouping
    • Proactive alerts
    • Incident tickets
    • Cause analysis
    • Automated log analysis

    BMC TrueSight Operations Management Benefits

    Some of the benefits of using BMC TrueSight Operations Management include:

    • Detects performance issues: BMC TrueSight Operations Management helps you detect and address performance abnormalities before they impact your organization.
    • Beneficial for IT teams: Since BMC TrueSight Operations Management automatically learns the behavior of your infrastructure, it is able to alert you when specific behaviors require attention, helping IT departments focus on other pressing priorities.
    • Cost efficient: BMC TrueSight Operations Management will save your company money by eliminating the need to manage thousands of traditional, static thresholds for event generation.
    • Reduces manual tasks: BMC TrueSight Operations Management minimizes the need to manually define, configure, and maintain correlation rules and policies.
    • Fewer false alarms: With BMC TrueSight Operations Management, the number of false alarms and associated incidents decreases drastically.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by BMC TrueSight Operations Management users.

    Mudassir A., Sr. Technical Consultant at a tech services company, says, "The event management part of TrueSight Operations Management, in my experience, is probably the best in the market. You have endless flexibility. You can build your own rules, you have the MRL language, and you can implement any kind of logic on the alerts. It may be correlation, abstraction, or executing something as a result of the alerts. You have almost the whole range of options available for event management using the available customization."

    A General Manager - Sales at a tech services company explains, “There are many features that are most valuable in BMC TrueSight Operations Management. First, its proactive monitoring feature is highly developed. BMC TrueSight Operations Management is an intelligent tool that's able to understand day-to-day operations and consistently gives alerts. The alerts are not automatic for some activities, e.g. some alerts are given monthly, while some are given more frequently. The consolidated dashboard where you can enjoy a single pane of glass to look at the full infrastructure from the servers to the VMs, to the clouds, to the application, to the database, to the network devices, including having a topology, and having a tendency map of the topology of key offerings, is also a valuable feature of this solution.”

    An Information Systems Computer System Controller at an insurance company states, “The business event manager tool that consolidates detailed information from a single instance of equipment is the most valuable thing for me. It provides support for the business tools and the IT services which come from several systems.”


    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    Ensono, Transamerica, Boston Scientific, Park Place Technologies, inContact, TD Ameritrade, PNC Bank
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Financial Services Firm32%
    Comms Service Provider21%
    Healthcare Company11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company13%
    Government9%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company18%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise12%
    Large Enterprise48%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise9%
    Large Enterprise76%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    BMC TrueSight Operations Management vs. Splunk Enterprise Security
    May 2023
    Free Report: BMC TrueSight Operations Management vs. Splunk Enterprise Security
    Find out what your peers are saying about BMC TrueSight Operations Management vs. Splunk Enterprise Security and other solutions. Updated: May 2023.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    BMC TrueSight Operations Management is ranked 20th in IT Infrastructure Monitoring with 48 reviews while Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews. BMC TrueSight Operations Management is rated 8.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of BMC TrueSight Operations Management writes "The product is reasonably priced, but the solution is a little obsolete because it is deployed on-premise". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". BMC TrueSight Operations Management is most compared with BMC Helix Monitor, Dynatrace, ServiceNow IT Operations Management, Zabbix and AppDynamics, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our BMC TrueSight Operations Management vs. Splunk Enterprise Security report.

    We monitor all IT Infrastructure Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.