We changed our name from IT Central Station: Here's why

ELK Elasticsearch vs Splunk User Behavior Analytics comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about ELK Elasticsearch vs. Splunk User Behavior Analytics and other solutions. Updated: January 2022.
566,406 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The UI is very nice, and performance wise it's quite good too.""The initial setup is very easy for small environments.""Elasticsearch includes a graphical user interface (GUI) called Kibana. The GUI features are extremely beneficial to us.""The solution has good security features. I have been happy with the dashboards and interface.""The most valuable feature is the out of the box Kibana.""I really like the visualization that you can do within it. That's really handy. Product-wise, it is a very good and stable product.""It's a stable solution and we have not had any issues.""Dashboard is very customizable."

More ELK Elasticsearch Pros →

"The product is at the forefront of auto-remediation networking. It's great.""This is a good security product.""The solution appears to be stable, although we haven't used it heavily."

More Splunk User Behavior Analytics Pros →

Cons
"Could have more open source tools and testing.""The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view.""Something that could be improved is better integrations with Cortex and QRadar, for example.""It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement.""The reports could improve.""Improving machine learning capabilities would be beneficial.""There are a lot of manual steps on the operating system. It could be simplified in the user interface.""There is an index issue in which the data starts to crash as it increases."

More ELK Elasticsearch Cons →

"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.""The price of Splunk UBA is too high.""I'm not aware of any lacking features."

More Splunk User Behavior Analytics Cons →

Pricing and Cost Advice
  • "It can be expensive."
  • "This product is open-source and can be used free of charge."
  • "We are using the open-sourced version."
  • "The basic license is free, but it comes with a lot of features that aren't free. With a gold license, we get active directory integration. With a platinum license, we get alerting."
  • "The pricing model is questionable and needs to be addressed because when you would like to have the security they charge per machine."
  • "We are using the Community Edition because Elasticsearch's licensing model is not flexible or suitable for us. They ask for an annual subscription. We also got the development consultancy from Elasticsearch for 60 days or something like that, but they were just trying to do the same trick. That's why we didn't purchase it. We are just using the Community Edition."
  • "We are using the free open-sourced version of this solution."
  • "The price could be better."
  • More ELK Elasticsearch Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Anomaly Detection Tools solutions are best for your needs.
    566,406 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database.
    Top Answer: 
    There is a free version, and there is also a hosted version for which you have to pay. We're currently using the free version. If things go well, we might go for the paid version.
    Top Answer: 
    It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there. I have reported… more »
    Top Answer: 
    The solution appears to be stable, although we haven't used it heavily.
    Top Answer: 
    We simply use the free demo version of the product. We do not pay any licensing fees at this time.
    Ranking
    Views
    4,374
    Comparisons
    2,895
    Reviews
    18
    Average Words per Review
    570
    Rating
    7.9
    Views
    7,974
    Comparisons
    5,634
    Reviews
    3
    Average Words per Review
    389
    Rating
    8.7
    Comparisons
    Also Known As
    Caspida, Splunk UBA
    Learn More
    Overview
    Elasticsearch is a distributed, JSON-based search and analytics engine designed for horizontal scalability, maximum reliability, and easy management. Elasticsearch lets you perform and combine many types of searches — structured, unstructured, geo, metric — any way you want.
    Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
    Offer
    Learn more about ELK Elasticsearch
    Learn more about Splunk User Behavior Analytics
    Sample Customers
    HotelTonight, Perceivant, Docker, Green Man Gaming, Xoom, AutoScout24, TheLadders, Center for Open Science, Parleys, Tango
    8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
    Top Industries
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company29%
    Transportation Company7%
    University7%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider23%
    Media Company12%
    Financial Services Firm6%
    REVIEWERS
    Financial Services Firm50%
    Insurance Company13%
    Government13%
    Security Firm13%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider21%
    Financial Services Firm8%
    Government8%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise9%
    Large Enterprise48%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise11%
    Large Enterprise67%
    REVIEWERS
    Small Business25%
    Midsize Enterprise33%
    Large Enterprise42%
    Find out what your peers are saying about ELK Elasticsearch vs. Splunk User Behavior Analytics and other solutions. Updated: January 2022.
    566,406 professionals have used our research since 2012.

    ELK Elasticsearch is ranked 1st in Anomaly Detection Tools with 19 reviews while Splunk User Behavior Analytics is ranked 2nd in Anomaly Detection Tools with 3 reviews. ELK Elasticsearch is rated 8.0, while Splunk User Behavior Analytics is rated 8.6. The top reviewer of ELK Elasticsearch writes "Good processing power, very scalable, and able to handle all data formats". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Stable, with good automation capabilities, however, we want to be able to automate even more". ELK Elasticsearch is most compared with Amazon Athena, Azure Search, Amazon AWS CloudSearch, Loom Systems and Solr, whereas Splunk User Behavior Analytics is most compared with Darktrace, Cisco Stealthwatch, Exabeam Fusion SIEM, IBM QRadar User Behavior Analytics and Varonis Datalert. See our ELK Elasticsearch vs. Splunk User Behavior Analytics report.

    See our list of best Anomaly Detection Tools vendors.

    We monitor all Anomaly Detection Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.