Fortinet FortiSIEM vs Splunk Enterprise Security comparison

Fortinet FortiSIEM vs. Splunk Enterprise Security

Download the complete report

Helped 859,687 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiSIEM

Ranking in Security Information and Event Management (SIEM)

7th

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Splunk Enterprise Security

Ranking in Security Information and Event Management (SIEM)

1st

Average Rating

8.4

Reviews Sentiment

7.6

Number of Reviews

315

Ranking in other categories

Log Management (2nd), IT Operations Analytics (1st)

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 3.0% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.4%, down from 12.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Oliver Jackson

Network Engineer at Laminar Communications Pty Ltd

Systems monitoring enhanced by firewall and intrusion detection features

My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification. My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Read full review

ROBERT-CHRISTIAN

CTO at kyndryl

Has many predefined correlation rules and is brilliant for investigation and log analysis

It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most fascinating aspect of FortiSIEM is its integration with the MITRE ATT&CK framework."

"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."

"The most valuable features of the solution is its integration with other technologies, especially its ability to collect logs from Cisco and Aruba devices along with Fortinet products."

"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."

"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."

"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."

"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."

"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."

More Fortinet FortiSIEM pros

"It follows MITRE ATT&CK and Cyber Kill Chain frameworks. There are certain notable events for which we can configure our security posture."

"The solution has plenty of features that are good."

"The technical support has been very good. They are very responsive and have been helpful."

"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."

"Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses."

"Overall, Splunk is among the top three SIEM tools due to its capabilities and agility in bridging business analytics with security needs."

"The most valuable aspect of the solution is the dashboard. It's very intuitive."

"I have found the installation can be of medium difficulty to very complex depending on the use case."

More Splunk Enterprise Security pros

Cons

"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."

"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."

"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."

"When our team tried configuring logs for Microsoft SQL, it did not work."

"The deployment of the platform took some time to set up and configure."

"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."

"The log collection and configuration management are not great."

"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."

More Fortinet FortiSIEM cons

"It needs more thoroughly tested releases. Every new big version (6, 7, etc.) has had so many bugs that it makes me wary of customers upgrading right away."

"The solution could improve by increasing the performance. We have run into problems when large amounts of data are processed."

"It can be tough to get a hold of somebody in technical support depending on the complexity of the issue."

"You do need a lot of training and certification with this product."

". Having a trial version or more training on Splunk would be helpful."

"Configuring a few apps is complex, not straightforward."

"Splunk has a steeper learning curve, making it feel less user-friendly."

"We'd like to see a more seamless cloud-based integration."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"The solution is available for both, perpetual and subscription licenses."

"The tool is really expensive. For what the tool does for our team, the price is fair."

"Fortinet's products are not expensive, it is less than the competition."

"There are additional features that cost more than the standard licensing fees."

"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."

"The price of Fortinet FortiSIEM was reasonable compared to other solutions."

"We pay for a license for FortiSIEM. We pay for the license and renewal."

"Manageable, however would be better as pay as you go versus CapEX."

More Fortinet FortiSIEM pricing and cost advice

"Splunk ES is quite expensive compared to some products on the market."

"Splunk differs from other SIEM solutions by using a gigabyte-based pricing model, rather than the agent-based licenses common with its competitors."

"This product could use better pricing in general."

"The price of this solution is expensive. However, it has great features. If you want a great solution you need to pay a price matching the features."

"From what I have seen so far, Splunk has multiple cost models. The one that we are using is pretty good when it comes to ingesting data into the environment. It has worked out pretty well."

"The subscription is monthly."

"The price of Splunk Enterprise Security fluctuates based on the customer, but I believe it's quite costly, especially for our clientele."

"Splunk Enterprise Security's pricing is pretty competitive."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

859,687 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Comms Service Provider

Government

Computer Software Company

15%

Financial Services Firm

14%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.

What needs improvement with Fortinet FortiSIEM?

Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

Wazuh vs Fortinet FortiSIEM

Comparisons

Compared 13% of the time

IBM Security QRadar vs Fortinet FortiSIEM

Compared 12% of the time

LogRhythm SIEM vs Fortinet FortiSIEM

Compared 7% of the time

Microsoft Sentinel vs Fortinet FortiSIEM

Compared 6% of the time

ThousandEyes vs Fortinet FortiSIEM

Compared 5% of the time

More Fortinet FortiSIEM Competitors

IBM Security QRadar vs Splunk Enterprise Security

Compared 8% of the time

Wazuh vs Splunk Enterprise Security

Compared 8% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Datadog vs Splunk Enterprise Security

Compared 6% of the time

Microsoft Sentinel vs Splunk Enterprise Security

Compared 2% of the time

More Splunk Enterprise Security Competitors

Product Reports

Fortinet FortiSIEM

Download Fortinet FortiSIEM product report

Splunk Enterprise Security

Download Splunk Enterprise Security product report

Also Known As

FortiSIEM, AccelOps

No data available

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

Fortinet

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?

Comprehensive Dashboards: Provide a holistic view of security operations.
Flexible Data Ingestion: Supports various data sources for better analysis.
Robust Log Aggregation: Centralizes log management for easier monitoring.
Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
SIEM Capabilities: Integrates security information and event management.
Threat Intelligence: Utilizes external information to improve security measures.
Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
Correlation Searches: Identifies and correlates security events effectively.

What benefits or ROI should users look for?

Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
Faster Incident Response: Speeds up identification and resolution of security issues.
Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
Scalability: Adapts to growing and changing security needs.
Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Splunk

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Fortinet FortiSIEM vs. Splunk Enterprise Security