Try our new research platform with insights from 80,000+ expert users

Coralogix vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coralogix
Ranking in Log Management
19th
Ranking in Security Information and Event Management (SIEM)
22nd
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
11
Ranking in other categories
Application Performance Monitoring (APM) and Observability (20th), API Management (16th), Streaming Analytics (12th), Anomaly Detection Tools (1st)
Splunk Enterprise Security
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
315
Ranking in other categories
IT Operations Analytics (1st)
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Coralogix is 0.4%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.5%, down from 12.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer1915599 - PeerSpot reviewer
Good capabilities, has a helpful interface and is straightforward to set up
We have asked for a couple of features from the company already. What typically happens is a lot of people - and developers are one of the biggest consumers of this product - go to this product to optimize their investigation process and specific configurations. That increases our data flow at times, so the cost changes. And a lot of changes happen due to that. We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change.
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature of this solution allows us to correlate logs, metrics and traces."
"The initial setup is straightforward."
"The solution is easy to use and to start with."
"The log monitoring is good, and the dashboards that we create are beneficial."
"The overall stability and reliability of Coralogix are excellent, and I rarely encounter issues."
"For now, we have not experienced any stability issues."
"Coralogix scales well, and I will rate it nine out of ten."
"A non-tech person can easily get used to it."
"The dashboards are the most valuable feature. We like the ability to drill in and see what queries are under the dashboard, build new visualizations, edit the querying, and see the reports."
"The benefits include the easy integration with other Splunk tools including Splunk UEBA, Splunk ITSI, and Splunk Core. The ease of integration and the organization's experience and familiarity with searching and passing logs through Splunk are the main benefits."
"It is lovely to have everything we need in one tool. Everything is quite centralized."
"I would definitely recommend Splunk Enterprise Security because if you are really concerned about security and want to follow compliance rules, this product is really helpful."
"There are lots of free learning materials on their website."
"The ability to rapidly diagnose problems in production and non-production, across hundreds of log files, is the most valuable feature."
"Overall, Splunk is among the top three SIEM tools due to its capabilities and agility in bridging business analytics with security needs."
"The solution's most valuable feature is the incident review, which gives a good overview of our security incidents."
 

Cons

"The customizable dashboards haven't really helped with my company's efficiency at all, and I think there's room for improvement."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"The user interface is not intuitive, especially when first onboarding, and improvements could be made here."
"Maybe they could make it more user-friendly."
"From my experience, Coralogix has horrible Terraform providers."
"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions. The increasing volume of data and the resulting bandwidth charges are concerns."
"The user interface could be more intuitive and explanatory."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
"It will be helpful for customers if they can create some real-world cases, and we can find a case study to align with. I know that Splunk has tremendous potential. We only include a tiny piece of it. There is a lot of stuff that we need to learn. If Splunk can provide more real-time examples, that will be helpful for customers."
"Splunk Enterprise Security would benefit from a more robust rule engine to reduce false positives."
"The tool should include more real-world use case examples built out either through videos or in the community."
"AngularJS/ReactJS inclusion could be made easier in GUI."
"The access and identity features could be improved. For example, let's say we have onboarded 65 logs. Now, we can identify the various processes, but we run into trouble when we're updating the processes for AWS CloudTrail, EDR, MDR, and XDR."
"The support that is included with the standard licensing fee is very bad."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
 

Pricing and Cost Advice

"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."
"The cost of the solution is per volume of data ingested."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"We are paying roughly $5,000 a month."
"Splunk Enterprise Security is cheaper than competitors, but I do not know whether it is just our contract."
"I believe that Splunk Enterprise Security is worth the price, but it is expensive."
"The licensing is good, but the pricing absolutely needs some work. It is very high."
"I think that most of the monitoring solutions are expensive."
"Splunk is really expensive."
"Splunk Enterprise Security is an expensive solution."
"There is an annual license required to use this solution."
"It is expensive, but it is a good tool. It is worth the cost."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
859,579 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
8%
Healthcare Company
7%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Coralogix?
Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.
What is your experience regarding pricing and costs for Coralogix?
The pricing is expensive. We need to reduce logs to manage costs. Despite the expense, I believe it is worth the money to have Coralogix as a tool.
What needs improvement with Coralogix?
Change might not be the correct word, but with every service, there is always room to improve. They are improving their services daily and deploy new features. When we had missing features that we ...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Coralogix vs. Splunk Enterprise Security and other solutions. Updated: June 2025.
859,579 professionals have used our research since 2012.