We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"The most valuable feature of Fortinet FortiAnalyzer is its performance."
"We have the most data visibility."
"It is easy to integrate Fortinet FortiAnalyzer with other products. You have a better overview of what's going on."
"The ability to gather all gateway information and logs in a single location is the most valuable feature."
"Initial setup is ok."
"I would say that Fortinet's tech support is really good."
"Technical reports clearly identify system checks, locations and areas, how many times things escape, which firewall is affected, and source IDs."
"There are a lot of monitoring features available."
"The most valuable feature is the incident dashboard, and the extensive use of correlation searches, which isn't available with a standard Splunk search package. This feature is important to me because it enables SOC analysts to do their job more efficiently and be able to investigate or mediate incidents at a faster pace."
"I am satisfied with the support."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"Our clients use the solution to find any threats or vulnerabilities inside their environment."
"It's better than IBM, in my opinion, because it's an independent entity."
"The product is good, it satisfies our customers."
"The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk."
"The scalability is good."
"The integration with other vendors for log collection could be enhanced."
"We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution."
"When using this solution, you need a high-level expert to make it work as it should."
"The cost of FortiAnalyzer could be cheaper, especially when you are installing to a VM. For 90 percent of customers, the VM solution is enough."
"Software reports are good but should match the dashboard and include top-level output instead of just base or low-level devices."
"One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"It will be helpful for customers if they can create some real-world cases, and we can find a case study to align with. I know that Splunk has tremendous potential. We only include a tiny piece of it. There is a lot of stuff that we need to learn. If Splunk can provide more real-time examples, that will be helpful for customers."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"Splunk could be improved by reducing the cost. The cost is one of the biggest challenges for us in keeping to our production requirements."
"We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that."
"There can be a bit of complexity around some fields during the initial setup."
"Sometimes the communication with support happens with multiple staff. They should reduce the time to resolution."
"Splunk Enterprise Security can be improved by including backup network detection and response and safe management to the paid platform."
". Having a trial version or more training on Splunk would be helpful."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 51 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 71 reviews. Fortinet FortiAnalyzer is rated 8.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "It creates a central point of management and control, giving you real-time insight into what is going on. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Elastic Security, SolarWinds Kiwi Syslog Server and LogRhythm SIEM, whereas Splunk Enterprise Security is most compared with Wazuh, Microsoft Sentinel, Dynatrace and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.