Dynatrace vs Splunk Enterprise Security comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Sep 22, 2023

Categories and Ranking

Ranking in Log Management
Average Rating
Number of Reviews
Ranking in other categories
Application Performance Monitoring (APM) and Observability (2nd), Mobile APM (1st), Container Monitoring (1st), AIOps (2nd)
Splunk Enterprise Security
Ranking in Log Management
Average Rating
Number of Reviews
Ranking in other categories
Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)

Mindshare comparison

As of June 2024, in the Log Management category, the mindshare of Dynatrace is 5.9%, down from 8.0% compared to the previous year. The mindshare of Splunk Enterprise Security is 13.0%, down from 13.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
Unique Categories:
Application Performance Monitoring (APM) and Observability
Mobile APM
Security Information and Event Management (SIEM)
IT Operations Analytics

Q&A Highlights

Miriam Tover - PeerSpot reviewer
Mar 18, 2020

Featured Reviews

PrashanthShetty - PeerSpot reviewer
Nov 29, 2022
Great functionality and monitoring capabilities
We use Dynatrace for a number of internal applications that we track in addition to API calls associated with the API engine. We have a partnership with Dynatrace and I'm a project manager We monitor critical internal applications including some public-facing applications. Internal transactions…
Jun 12, 2024
Helps with quick analysis and helped improve our organization’s ability to ingest data
At Splunk .conf24, I saw a demo for Splunk Enterprise Security 8. All the things that they have done in Splunk Enterprise Security 8 are what it can be better at. They have put Mission Control as a part of the notable or finding itself. The investigation shows the findings, and the findings allow us to do everything that we are doing in Mission Control right there on that same screen. That is what we want now. They said it is going to be released in two to three months. We are hoping that we will be able to use it. I was hoping that I would be able to see version 8 when I am here at Splunk .conf24, and when I go back, I would be able to help them implement it, but it is still 7.3.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"Real-time alerts allow us to address issues as they happen."
"I would give Dynatrace's technical support a 100% rating. I feel like whenever I call or send an email that I get the right person automatically. For the most difficult answers, the most I have to wait is about three days and the answers have been relevant."
"We enabled UEM for all of our applications. This allows us to see exactly what the client is experiencing."
"End-to-end visibility of the applications, since we have them instrumented. Understanding where the hotspots are in the applications."
"The most valuable feature is the beautiful UI."
"No other provider gives us log ingestion, Kubernetes/Docker monitoring, and application monitoring for NodeJS."
"The way it shows a problem on the dashboard is pretty good."
"A feature that's one of the highlights of Dynatrace is the AI. The second most valuable feature is OneAgent. Between infrastructures, applications, operating systems, you can deploy with just a single agent and can practically install and forget about it."
"The solution helped reduce our alert volume."
"The most valuable features in Splunk Enterprise Security are the cluster capabilities."
"The Splunk user community and forum are most valuable."
"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."
"It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues."
"It has helped us look at modern technology, as well as penetrate our legacy systems, to see where the bottlenecks are."
"Splunk Enterprise Security offers valuable features like seamless integration and a SQL-standard Structured Query Language for easy searching."
"The most valuable feature is that it's very good for log aggregation."


"I am unable to use Synthetic to automate user login."
"Enterprise application monitoring for synthetic, as is, only captures http/https transactions."
"With Linux or Windows, it automatically takes care of everything, so there's no need for you to do any manual config changes. But when it comes to AIX - because I implemented it two weeks back - you have to go back to kind of an AppMon approach, where you instrument agents for .NET applications. So if Dynatrace could make those changes and make it automated, that would be one of the biggest action items."
"We have a couple of one page apps that it has a problem with because it doesn't call to the server all the time. I believe part of that is taken care of in the next version."
"Make the Web UI more robust. Last time I used the web interface, it was still pretty crude."
"I do know that for the size of our organization, we're talking thousands of agents and hundreds of applications, it does get to the point where the servers themselves that house Dynatrace are at a point where, in some cases, they are just too big for one machine, since you have to have an entire application ecosystem all funnel into a single system."
"The solution could improve by allowing more dashboards customization. This would allow us to monitor the metric better."
"The thread traceability is something that needs improvement."
"In terms of the interface, it could include some improvements for the look and feel."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"The complexity could be worked on so that it's even easier and faster."
"We will receive alerts only for the administrators and deployment servers, but not for all servers."
"From the commercial point of view, they have to bring down their costs."
"The product's price may be an area of concern where improvements are required."
"Its performance can be better. Sometimes, it takes longer when we do queries."
"The presence of multiple layers creates a significant challenge for monitoring across cloud environments."

Pricing and Cost Advice

"Its license is a bit expensive. We renew it yearly."
"Dynatrace is still kind of an expensive solution compared to others. But I recognize that they are ahead of the competition when we do a feature by feature comparison."
"Pricing can be high, especially for Portuguese standards. But as one says, you get what you pay for."
"There are additional Professional Services costs which ensure the solution is configured with meaningful names so you're getting the most money for your investment."
"Setup cost is very low considering that it is an almost totally, automatic process."
"We found an issue within the first week of ownership that has been costing us more than the entire license cost."
"​I would recommend doing a PoC."
"The limitations I see are more to do - and maybe it's because of the nature of the job I have - but they have to do with pricing. It's a little bit pricey. It's a very good tool. It's worth the price, to a certain degree. But it's hard to justify when it's that costly."
"It is not cheap."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"Splunk Enterprise Security is affordable."
"It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation."
"Splunk is expensive based on our current requirements, but it's obviously worth what we pay."
"This product could use better pricing in general."
"This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
789,728 professionals have used our research since 2012.

Comparison Review

Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Answers from the Community

Miriam Tover - PeerSpot reviewer
Mar 18, 2020
Mar 18, 2020
The two things are entirely different. Splunk is primarily a log collection, analysis, and visualization solution. It can collect metrics now as well. Its purpose is after the fact forensics (what happened) as a part of a problem resolution process. That problem can span the entire gamut from security, to infrastructure operations to application operations. The primary competitors to Splunk ar...
2 out of 7 answers
Jun 25, 2019
The two things are entirely different. Splunk is primarily a log collection, analysis, and visualization solution. It can collect metrics now as well. Its purpose is after the fact forensics (what happened) as a part of a problem resolution process. That problem can span the entire gamut from security, to infrastructure operations to application operations. The primary competitors to Splunk are Elastic and Sumologic. Dynatrace is an Application Performance Management solution designed to automatically measure the performance of an application (or a micro-service), discover the topology and dependencies that the application relies upon, and determine if a problem is in the code or in the software and hardware infrastructure that supports the application. The key to Dynatrace's ability to do this is its real-time topology and dependency mapping engine called SmartScape. There is no similar capability in Splunk. The principal competitors to Dynatrace are AppDynamics, New Relic, and Instana. Rather than viewing these things as competitors, many companies use them together. In fact, Dynatrace has integration with Splunk, and Splunk has a Splunk App for Dynatrace up in Splunkbase. The most common use case for using them together is that Dynatrace finds the problem, determines if it is the code or not and if not determines where in the software and hardware infrastructure the problem resides. Splunk is then used to drill down into the part of the identified infrastructure to determine the exact nature of the problem (for example a security breach).
Jun 25, 2019
Splunk and Dynatrace are two different solutions. Most organizations use both of them. Splunk can aggregate logs from Dynatrace. It also depends on what is the purpose of the usage. If you intend to measure end to end application performance and the application logs are instrumenting the metrics, then Splunk alone can do the job. It also allows you to correlate other events like firewall, network and other dependent applications/services.

Top Industries

By visitors reading reviews
Educational Organization
Financial Services Firm
Computer Software Company
Manufacturing Company
Financial Services Firm
Computer Software Company
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

Any advice about APM solutions?
The key is to have a holistic view over the complete infrastructure, the ones you have listed are great for APM if you need to monitor applications end to end. I have tested them all and have not f...
What cloud monitoring software did you choose and why?
While the environment does matter in the selection of an APM tool, I prefer to use Dynatrace to manage the entire stack. Both production and Dev/Test. I find it to be quite superior to anything els...
Any advice about APM solutions?
There are many factors and we know little about your requirements (size of org, technology stack, management systems, the scope of implementation). Our goal was to consolidate APM and infra monitor...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

Learn More




Sample Customers

Audi, Best Buy, LinkedIn, CISCO, Intuit, KRONOS, Scottrade, Wells Fargo, ULTA Beauty, Lenovo, Swarovsk, Nike, Whirlpool, American Express
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Dynatrace vs. Splunk Enterprise Security and other solutions. Updated: June 2024.
789,728 professionals have used our research since 2012.