"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."
"FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it."
"The most important feature is to be able to get reports or information about the state of all firewalls."
"The most valuable features of Fortinet FortiAnalyzer are the dashboards and supporting services."
"Based on the logs of Fortinet FortiAnalyzer you can have it trigger actions. For example, if the log has a word or a sentence you specified it can send an alert or Syslog to an email address."
"The solution is very easy to deploy."
"FortiAnalyzer has a user-friendly interface with a quick response and good analytics. It's very secure because it's taking the log from the devices on a secure channel, so there is no problem with that in your network."
"I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it."
"The solution allows for a lot of customization."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
"What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"The flexibility of the search capability is most valuable. You can use it for more than just a basic log aggregator. It is powerful in that regard."
"Easy to deploy and simple to use."
"The indexing and data collection are valuable."
"It has quite extensive support in terms of integration. If you want to do anything, there are tools for that."
"The solution allows easy gathering and ingestion of the data."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"I would like to have the ability to create more complex dashboards."
"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"Technical support could be better."
"In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."
"They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports."
"The cost of FortiAnalyzer could be cheaper, especially when you are installing to a VM. For 90 percent of customers, the VM solution is enough."
"The support could be better for Fortinet FortiAnalyzer here in Mexico."
"The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"The pricing could be better. They could work to make it more competitive on the market."
"Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality."
"It could be more user friendly, in terms of the end-user experience."
"Technical support needs to be more responsive."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"The price of the solution could be cheaper."
"Its pricing model and integration with third-party services can be improved. We had faced an issue with integration. The alerting feature is currently not available with Splunk, but it is definitely available with Datadog and PagerDuty. They should include this feature. A few dashboards in Splunk look quite old and are not that modern. They aren't bad, but improving these dashboards will definitely make Splunk more attractive and usable. I read in a few blog posts that there were a few security incidents related to Splunk agents. So, it can be made more secure."
"There can be a bit of complexity around some fields during the initial setup."
"The product is relatively expensive."
"There are a lot of competitive products that are doing better than what Splunk is doing on the analytics side."
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Fortinet FortiAnalyzer is ranked 9th in Log Management with 26 reviews while Splunk is ranked 1st in Log Management with 69 reviews. Fortinet FortiAnalyzer is rated 8.2, while Splunk is rated 8.2. The top reviewer of Fortinet FortiAnalyzer writes "Great dashboard with customizable reporting and excellent logs". On the other hand, the top reviewer of Splunk writes "Very versatile for many use cases". Fortinet FortiAnalyzer is most compared with Elastic Security, Wazuh, Graylog, LogRhythm NextGen SIEM and ManageEngine EventLog Analyzer, whereas Splunk is most compared with Microsoft Sentinel, Elastic Security, Dynatrace, IBM QRadar and Exabeam Fusion SIEM. See our Fortinet FortiAnalyzer vs. Splunk report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.