We performed a comparison between Devo and Splunk Cloud Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"We haven't had any limitations or problems connecting to our network devices."
"It has definitely improved our organization by virtue of reducing the amount of overhead we would have had for those environments. Having to implement, maintain, or even update the existing stuff would have been extremely time-consuming. Splunk Cloud handles all of that for us. So it's definitely been helpful from that perspective. It's allowed them to maintain upgrades for far further than they are. Some of the hosts of that environment were still on version 7 so they could get upgraded feature parity."
"Not having to manage Splunk Cloud's infrastructure is valuable."
"The cloud is very fast."
"For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
"I can trace an event back to its root cause. I can find the root cause instead of just looking at the symptoms across different things."
"The log search capabilities are very good."
"The most valuable feature of Splunk Cloud is the quick setup."
"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"I would like to have the ability to create more complex dashboards."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."
"There is sometimes no documentation or updated documentation available."
"It needs to mature; it's just getting established in the industry on a wider scale."
"They can streamline the process of creating custom apps."
"Splunk Cloud Platform needs to be made more user-friendly because it's not user-friendly."
"The security connection should have a seamless integration. Other than that, the way we are using it, so far, it seems quite good."
"Splunk should increase the frequency of new feature releases, particularly those related to real-time operational flow monitoring and analytics reporting."
"The pricing model makes the product costly."
"Support could be improved."
Devo is ranked 16th in Log Management with 21 reviews while Splunk Cloud Platform is ranked 3rd in Data Visualization with 34 reviews. Devo is rated 8.4, while Splunk Cloud Platform is rated 8.0. The top reviewer of Devo writes "Keeps 400 days of hot data, covers our cloud products, and has a high ingestion rate and super easy log integrations". On the other hand, the top reviewer of Splunk Cloud Platform writes "Does not require backend maintenance, is easily integrated and utilized". Devo is most compared with Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar, Wazuh and LogRhythm SIEM, whereas Splunk Cloud Platform is most compared with Wazuh, Splunk Enterprise Security, Check Point Security Management, AppInsights and Fortinet FortiAnalyzer. See our Devo vs. Splunk Cloud Platform report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
