We performed a comparison between Exabeam Fusion SIEM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main benefit is the ease of integration."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The automation feature is valuable."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"It's a very user-friendly product and it's a very comprehensive technology."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The setup is not difficult. It was easy."
"The advanced analytics has a really great overview of user behavior."
"The solution's initial setup process is easy."
"Timeline based analysis; good platform support"
"The most valuable features are the logs, which allow us to identify what happened and who interacted with the web repository."
"The most valuable feature is the custom dashboard feature."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases."
"My favorite example of improving of organization is saving a $60k/mo in payroll fraud and $10k/mo in wasted API credits by using simple searches and clear reports."
"Good for log collection and log management."
"The stock analysts and security people use one single dashboard (one single location) to check our logs."
"Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The solution could be more user-friendly; some query languages are required to operate it."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"I would like to see more AI used in processes."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The reporting could be more structured."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"I believe if it were more flexible it would be a better product."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"We still have questions surrounding hardware deployment."
"The organzation is rigid and not flexible in the way they operate"
"If it could be made available as a service, this would be much better than as a product."
"Enterprise security: Splunk must work on clarifying the solution to customers and explain how to gain more from it."
"Its user interface for everything other than the charts can be improved. Some parts of it can be simplified a bit, such as when importing documents that have the network traffic. When you're going through the information about the network traffic, you have to have the expertise, but even if a program is supposed to be for IT support, it is good to make it user-friendly because it gets easier to train people. When something goes wrong, the more difficult a program is in terms of UI, the harder it is to fix the issue."
"The integration could be a bit better. They charge for certain integrations."
"I find that the learning curve for Splunk is relatively lengthy."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
"When we do a rollout from the server or host or anything, we'd like to see more automation. It would save us time."
"The product is relatively expensive."
Exabeam Fusion SIEM is ranked 31st in Log Management with 10 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Exabeam Fusion SIEM is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk User Behavior Analytics, Gurucul UEBA and Rapid7 InsightIDR, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor. See our Exabeam Fusion SIEM vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.