We compared Dynatrace and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Dynatrace is highly regarded for its advanced AI engine and ability to identify infrastructure automatically. It also offers session replay and impressive visualization features. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Some Dynatrace reviewers feel the learning curve is a little steep, and the documentation could be clearer. Users say that Dynatrace should offer more security options and improve integration with other tools. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Users generally found Dynatrace's customer service to be satisfactory, but some said that the response times and documentation have room for improvement. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: Dynatrace's setup is simple, efficient, and requires minimal technical configuration. It takes a few hours at most. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: Users say Dynatrace is expensive. Some noted that the licensing model is complicated and not transparent. Some said they struggled to accurately predict the number of units needed. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: Dynatrace users said the solutions saved them money and reduced downtime. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"Since we moved to OneAgent, we are much quicker to address live incidents and problems that occur in our systems."
"We can see all the degradation of services in real-time, then we know exactly what the root cause of degradation is."
"Helps in managing capacity planning, services performance, and tuning database performance and optimizing queries."
"Dynatrace provides visibility into the application and its performance from the user to back-end services."
"UEM (RUM): User Experience Management (real user monitoring) puts you in "user's seat" and gives you insight into how they experience the application. Often, this gives a totally different view than just watching the backend calls."
"The most valuable features are end user visibility, Smartscape, and the entire visibility of our data center, including SQL queries."
"Its ability to correlate a large source of information to pinpoint a root cause. This speeds up issue resolution and allow us to better reach our objectives."
"The ability to drill down from an alert into a problem and pinpoint the source of an issue saves my client teams hours of time."
"Splunk Enterprise Security's dashboards are a key asset."
"There are lots of free learning materials on their website."
"We saw the granularity that we could get from Splunk far exceeded what we already had. We had the ability to have our security team really focus on the platform and stay within the platform, but they could correlate with a variety of other stakeholders, and our stakeholders were growing."
"Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses."
"The solution has made us more secure."
"Splunk has machine learning which is a valuable feature."
"Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"The technical support is among the best in the market."
"When compared with other tools, the experience needs improvement. I would like them to build out the interactions and make them friendlier."
"It is not clear what are our long-term strategy should be to upgrade (Appmon vs Dynatrace)."
"Network monitoring is lacking and could be improved."
"We sometimes have to run plugins on docker containers."
"C language integration requires manual implementation through the SDK, which is rather difficult and time consuming."
"Sometimes we have issues with the code on their side. We like to get it fixed."
"Make it easier to define applications. E.g., provide an API for applications defined by REST services."
"I think scalability is what we're struggling with. I would say it's okay, but there's a little bit of room for improvement."
"It is a good product, but the Achilles heel for a lot of organizations is the cost model for it because it gets expensive. That's because the model is based on how much data it processes a day, which can be prohibitive, especially if you have a lot of data. A lot of customers may not be ready for the sticker shock on how to fully leverage the product. I realized that the reason for that is that when it was originally designed, it was kind of like a big data modeling application. If they want to have a bigger customer base, they can come out with subsets of their product that are focused on specific things and have different pricing models. It may help with the cost."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"Splunk needs to be able to hold more days of data. At the moment it only holds three months of data."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"The solution could use a different licensing model."
"The training was mostly sales-focused, like how to monitor your sales. It was hard to then come back from doing the training and try to switch it to a cybersecurity focus because all the training we did was sales oriented. The basic training didn't really touch on any kind of cybersecurity use cases or anything like that. That would have been great to see in the training."
"Licensing costs can be a barrier for those with limited budgets."
"If you monitor too much, you can lose performance on your systems."
Dynatrace is ranked 4th in Log Management with 340 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Dynatrace is rated 8.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Dynatrace writes "AI identifies all the components of a response-time issue or failure, hugely benefiting our triage efforts". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Dynatrace is most compared with Datadog, New Relic, AppDynamics, Azure Monitor and Elastic Observability, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Microsoft Sentinel, Elastic Security and Azure Monitor. See our Dynatrace vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
As far as I know, Splunk is used as a syslog system only and DynaTrace is an application monitoring system. So you will use Splunk to collect events/logs from servers and devices and you will use DynaTrace to monitor applications and send alerts to end users, provide dashboards etc.
Dynatrace is for APM / ITOM solution. Dynatrace trace can inspect the .net, Java, PHP Program. Splunk is for Log management and SIEM which Dynatrace does not focus on.
They are two different function products.
We use Dynatrace for deep dive transaction tracking to find performance issues of applications. We use Splunk various log analysis tasks mainly in the area of security.
It really depends on the use case. Dynatrace can actually enrich the data collected by Splunk and Dynatrace has an out of the box connection to Splunk. If the goal is application performance and end-user analytics then Dynatrace is the better solution. If the goal is security and threat analytics then Splunk is the right solution.
Splunk and Dynatrace are two different solutions. Most organizations use both of them. Splunk can aggregate logs from Dynatrace. It also depends on what is the purpose of the usage. If you intend to measure end to end application performance and the application logs are instrumenting the metrics, then Splunk alone can do the job. It also allows you to correlate other events like firewall, network and other dependent applications/services.
Dynatrace and Splunk are two different solutions that provide insight from different perspectives. Dynatrace is installed on servers/applications to provide APM and Splunk is more a log and data analytics solution that processes logs (traps/syslog/Windows Events/Firewall Logs/etc.).
Dynatrace provides application performance management (APM), artificial intelligence for operations (AIOps), cloud infrastructure monitoring, and digital experience management (DEM), with products for the information technology departments and digital business owners of medium and large businesses. The company's services include performance management software for programs running on-premises and in the cloud. This software manages the availability and performance of software applications and the impact on user experience in the form of deep transaction tracing, synthetic monitoring, real user monitoring, and network monitoring.
Splunk (the product) captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations.
Splunk makes machine data accessible across an organization by identifying data patterns, providing metrics, diagnosing problems, and providing intelligence for business operations. Splunk is a horizontal technology used for application management, security and compliance, as well as business and web analytics.
Ref - from experience, their own websites and other related sites.