Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
74
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Reviews Sentiment
7.6
Number of Reviews
315
Ranking in other categories
Log Management (2nd), IT Operations Analytics (1st)
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 3.0% compared to the previous year. The mindshare of Splunk Enterprise Security is 9.4%, down from 12.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"It's very easy for anyone to work with."
"It is used as an alerting platform."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"Both the collecting logs and duo correlation are valuable features for us."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The tool drastically reduces SOC overhead. Its integration with our tool suite is great and helps us correlate events. The solution is also a lot faster than our standalone instances."
"The initial setup is really straightforward. It's one of the easiest installations."
"My customer was integrated with many third-party credentials and other threat sources as well. The integration part was seamless and easy. The rates for allocating valuable information and IOCs from different sources are also good."
"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used."
"It has increased our business resilience. It's a top-of-the-line SIEM security product. It's the best tool for our security analysts which helps them do their job better. That then protects our company from adversary actors."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"Splunk helps us be more proactive. We can take predictive action to identify and block threats so that nothing harmful gets into the system."
"The two features I appreciate most in Splunk Enterprise Security are the content management system and the inter-incident review dashboard."
 

Cons

"Network detection and response is a separate product."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"They need to integrate better with Cisco and Palo Alto."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"Given the ever-increasing number of threats, I would like Splunk to update its threat signatures more frequently."
"Splunk should have more regional data centers in the Middle East."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"If you have to do your own stuff, such as customized charts, it is a little bit more work, but once you're familiar with the Splunk query language, you can pretty much do whatever you want. In terms of features, it should probably have the features that other competitors provide."
"The access and identity features could be improved. For example, let's say we have onboarded 65 logs. Now, we can identify the various processes, but we run into trouble when we're updating the processes for AWS CloudTrail, EDR, MDR, and XDR."
"It's missing some features that other solutions have, such as the ability to upgrade the endpoint and perform endpoint universal forwarders from a deployment server instead of using a third-party solution, such as Puppet or Ansible."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
 

Pricing and Cost Advice

"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
"Pricing is determined based on the customer's budget."
"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."
"The price of Fortinet FortiSIEM was reasonable compared to other solutions."
"The solution is available for both, perpetual and subscription licenses."
"Fortinet FortiSIEM is very cost-efficient compared to other SIEM solutions."
"Manageable, however would be better as pay as you go versus CapEX."
"Splunk is really expensive."
"I remember Splunk being relatively affordable. Kibana was more reasonable, but you get more with Splunk. If I was suggesting something, I would probably suggest Splunk because it is better to pay a little bit more and get a lot more."
"The variables and the flexibility that Splunk provides are helpful, especially in a hybrid and multi-cloud environment."
"While Splunk is more expensive than other solutions, we would still choose it because of its capabilities."
"My customers have found the price of the solution to be high."
"The license for Splunk Enterprise Security is expensive."
"Unlike other security tools, Splunk provides a fixed amount of gigabytes per day, and we are required to pay for any additional usage beyond that limit, in addition to our monthly cost."
"Splunk Enterprise Security is a bit expensive overall, but it provides good value."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
10%
Comms Service Provider
7%
Government
7%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Also Known As

FortiSIEM, AccelOps
No data available
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Fortinet FortiSIEM vs. Splunk Enterprise Security and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.