We performed a comparison between Coralogix and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product can integrate with any device."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"Sentinel pricing is good"
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The machine learning and artificial intelligence on offer are great."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The solution is easy to use and to start with."
"A non-tech person can easily get used to it."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution offers very good convenience filtering."
"The initial setup is straightforward."
"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"It provides logs in one place, so they are easy to find. It collects the logs from multiple places, then you have just one place where you see the whole flow from the front-end to the back-end."
"The feature that we use the most is the correlation search engine within ES."
"It gives us the liberty to do more in terms of use cases."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"It allows the centralization of data and makes possible new sorts of correlations that were previously impossible using traditional SIEMs such as ArcSight or QRadar."
"The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"We'd like to see more connectors."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The solution could be more user-friendly; some query languages are required to operate it."
"The reporting could be more structured."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"Maybe they could make it more user-friendly."
"From my experience, Coralogix has horrible Terraform providers."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"The user interface could be more intuitive and explanatory."
"The documentation of the tool could be improved"
"While Splunk Enterprise Security offers valuable features, its cost is high and could be more competitive."
"The security can be improved."
"The integration with all our tool sets felt like we were reinventing the wheel, which was a pain point for us."
"Certain sections of the developer documentation could use some updating and clarification."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"I would like to see more SIEM functionality and a better ticket tool."
"The setup time is quite long."
"I think the tech support response time could be a bit better. Sometimes I need to wait more than 24 hours for a response to my tickets."
Coralogix is ranked 26th in Log Management with 7 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Coralogix is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Elastic Search, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Coralogix vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.