Coralogix vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Coralogix
Ranking in Log Management
21st
Ranking in Security Information and Event Management (SIEM)
24th
Average Rating
8.4
Number of Reviews
7
Ranking in other categories
Application Performance Monitoring (APM) and Observability (27th), API Management (15th), Streaming Analytics (12th), Anomaly Detection Tools (1st)
Splunk Enterprise Security
Ranking in Log Management
1st
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
296
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of July 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Coralogix is 0.3%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.2%, down from 12.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
Unique Categories:
Application Performance Monitoring (APM) and Observability
0.6%
Log Management
0.6%
IT Operations Analytics
30.3%
 

Featured Reviews

PS
Apr 12, 2024
Provides real-time alerts and has efficient features for incident management
We have integrated Coralogix with Slack and other tools, which has helped us receive real-time alerts. We don't have to constantly monitor the tool because it generates alerts and pushes them to us, providing notifications on Slack. This enhancement has strengthened our security, fulfilling our need when searching for such a tool. Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams. This SaaS platform utilizes machine learning for behavioral analysis of logs, yielding the results we need. For instance, there was a scenario where we received extension logs that were difficult to interpret. However, we obtained the analysis with the help of the product.
SG
Jul 12, 2024
Brings all of the components necessary to identify, analyze, and respond together
The most valuable feature is that it brings all of the components necessary to identify, analyze, and respond together. It's pretty important that Splunk provides end-to-end visibility into your environment. As in any product that one purchases to fulfill a function, we want to recognize where it came in, who it affected, and what the challenges are that need to be met in order to resolve something, both immediately and also to make sure that it doesn't replicate in the future. Splunk does a good job of being able to do the former half. Dealing with issues requires tier-three support and above and it takes time. You can work through it with the help of your vendor team. I would rate them an eight out of ten. It's not so much the problem of the application itself, although there are always improvements that can be done. There are a lot of moving parts that need to be added in and if you don't have the information that you need, especially within identity and inventory, then that can be an added challenge when you have to start making imprints based on what you do know. Splunk Enterprise Security provides us with the relevant context to help guide our investigations. There are a number of different standards that can be presented, which is beneficial. Some customers like to have the information that they receive in one format. The driving factor is that when you work with federal customers, some of them want it in one format. The response will be in one format as opposed to another. Splunk has helped to improve my company's business resilience. It's an active component in ensuring that we are vigilant against intrusion and detecting it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"A non-tech person can easily get used to it."
"The solution is easy to use and to start with."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution offers very good convenience filtering."
"The initial setup is straightforward."
"We can ingest and correlate data from virtually any type of system."
"The additional vendors we've brought on board, particularly the elastic, have been quite beneficial."
"Splunk setup is easy and straightforward. ​"
"Low barrier to start searching with the ability to normalize data on the fly."
"Splunk works based on parsing log files."
"It helped us consolidate all our solutions into an easy tool to use for various employees."
"It has helped us look at modern technology, as well as penetrate our legacy systems, to see where the bottlenecks are."
"I like Splunk's data aggregation and search capabilities."
 

Cons

"Maybe they could make it more user-friendly."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"The user interface could be more intuitive and explanatory."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"The documentation of the tool could be improved"
"From my experience, Coralogix has horrible Terraform providers."
"I do not have any pain points for Splunk Enterprise Security. I am still trying to learn it, but there can be more information on the education side for Splunk Enterprise Security. It would be nice if the certification path was more specific to what I use instead of being so broad."
"Splunk Enterprise Security offers a vast amount of information to learn and comprehend, resulting in a challenging initial learning curve."
"The CIM model is the method Splunk uses to normalize data and categorize its important parts, but it is quite complex."
"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly."
"​On the technical side, it would be nice to see aspects of the recent acquisition of Phantom make it into the core Splunk Enterprise, not just become a part of the premium Enterprise Security.​"
"The only thing which can be improved is that they are too subjective on whom their Splunk4Good initiative can be applied. They market it as you only need to be a nonprofit, but there is more to it."
"Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box."
"The search could be improved. Now, it is a bit difficult to write search queries because they become quite long, then maintaining those long search queries is a quite challenging."
 

Pricing and Cost Advice

"The cost of the solution is per volume of data ingested."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"We are paying roughly $5,000 a month."
"The pricing is very complicated, and it is very pricey. You do require a lot of different licenses in order to get a comprehensive solution that is not just the SIEM solution."
"Splunk Enterprise Security is cheaper than competitors, but I do not know whether it is just our contract."
"Splunk Enterprise Security is not a cheap product, but I think it is worth every dollar that you pay."
"The pricing model is based on the number of gigabytes that you ingest into the Splunk system. So it can be an expensive solution."
"It's definitely worth it."
"Some of the insights that we have obtained as a part of using Splunk have greatly helped us in increasing our revenue in terms of selling our products."
"While Splunk offers generous developer licenses and obtaining annual licenses is straightforward, the cost is a major consideration."
"The licensing model can be expensive, but the value it provides is significant."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
791,948 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
12%
Media Company
6%
Healthcare Company
6%
Financial Services Firm
15%
Computer Software Company
15%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Coralogix?
Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.
What is your experience regarding pricing and costs for Coralogix?
The platform has a reasonable cost. I rate the pricing a three out of ten.
What needs improvement with Coralogix?
Nowadays, tools are often divided into modules. It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription. It would streamline the ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Coralogix vs. Splunk Enterprise Security and other solutions. Updated: June 2024.
791,948 professionals have used our research since 2012.