Try our new research platform with insights from 80,000+ expert users

Coralogix vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coralogix
Ranking in Log Management
19th
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
11
Ranking in other categories
Application Performance Monitoring (APM) and Observability (20th), API Management (16th), Streaming Analytics (12th), Anomaly Detection Tools (1st)
Splunk Enterprise Security
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
312
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Coralogix is 0.4%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.5%, down from 12.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer1915599 - PeerSpot reviewer
Good capabilities, has a helpful interface and is straightforward to set up
We have asked for a couple of features from the company already. What typically happens is a lot of people - and developers are one of the biggest consumers of this product - go to this product to optimize their investigation process and specific configurations. That increases our data flow at times, so the cost changes. And a lot of changes happen due to that. We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is easy to use and to start with."
"The most valuable feature of Coralogix is that it is a very good vendor for metrics."
"A non-tech person can easily get used to it."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution offers very good convenience filtering."
"The initial setup is straightforward."
"For now, we have not experienced any stability issues."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The features of Splunk Enterprise Security that I have found most valuable include the risk-based score and UBA/UEBA, user behavior analytics, or user and entity behavior analytics."
"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used."
"It has increased our business resilience. It's a top-of-the-line SIEM security product. It's the best tool for our security analysts which helps them do their job better. That then protects our company from adversary actors."
"The indexing and data collection are valuable."
"Internal tracking is helpful because we do not like to deal with multiple ticketing systems, and I am not a fan of ServiceNow. We are able to keep everything internal and utilize Enterprise Security."
"Splunk has significantly reduced the time in performing the task of aggregating logs, reviewing as well as time spent during investigations."
"The solution's most valuable features are the granularity and analysis of the logs."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
 

Cons

"The customizable dashboards haven't really helped with my company's efficiency at all, and I think there's room for improvement."
"The user interface is not intuitive, especially when first onboarding, and improvements could be made here."
"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions."
"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions. The increasing volume of data and the resulting bandwidth charges are concerns."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"From my experience, Coralogix has horrible Terraform providers."
"The documentation of the tool could be improved"
"The features we were missing in the past were related to the way we see our metrics and aggregate our data."
"The product must improve insider threat detection."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"Some of the queries are difficult to run and have room for improvement."
"It needs integration with a configuration management solution."
"The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files."
"The documentation and training resources available for knowledge and training can be expanded. We need to learn more about Splunk Enterprise Security and new security attacks."
"Its performance can be better. Sometimes, it takes longer when we do queries."
"Splunk's reporting functionality would benefit from enhanced customization capabilities, allowing users to tailor reports to their specific needs for better data visualization and analysis."
 

Pricing and Cost Advice

"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."
"We are paying roughly $5,000 a month."
"The cost of the solution is per volume of data ingested."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation."
"It is a pretty high cost solution, but if your organization has the funds, it can bring many benefits."
"We had a yearly subscription."
"Our ROI is high."
"Setup cost is cheap: It is free, it is user-friendly, and it is fast."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"Splunk Enterprise Security is not a cheap product, but I think it is worth every dollar that you pay."
"Splunk Enterprise Security's pricing is competitive."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
856,873 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
11%
Manufacturing Company
8%
Healthcare Company
8%
Financial Services Firm
15%
Computer Software Company
15%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Coralogix?
Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.
What is your experience regarding pricing and costs for Coralogix?
The pricing is expensive. We need to reduce logs to manage costs. Despite the expense, I believe it is worth the money to have Coralogix as a tool.
What needs improvement with Coralogix?
Change might not be the correct word, but with every service, there is always room to improve. They are improving their services daily and deploy new features. When we had missing features that we ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Coralogix vs. Splunk Enterprise Security and other solutions. Updated: June 2025.
856,873 professionals have used our research since 2012.