Google Chronicle Suite vs Splunk Enterprise Security comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Google Chronicle Suite
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.8
Number of Reviews
8
Ranking in other categories
No ranking in other categories
Splunk Enterprise Security
Ranking in Security Information and Event Management (SIEM)
1st
Average Rating
8.4
Number of Reviews
258
Ranking in other categories
Log Management (1st), IT Operations Analytics (1st)
 

Featured Reviews

Shaik Shaheer - PeerSpot reviewer
Oct 30, 2023
Stable product with efficient data retrieval and security features
We use the product for search engine integration and its ability to monitor and address network attention or login issues 24/7 The product helps us with data retrieval and security features. The product's most valuable feature is threat hunting. We can detect the threats directly from the…
SathishKumar11 - PeerSpot reviewer
May 20, 2024
Helps reduce the alert volume, speeds up investigations, and detect threats faster
We use Splunk Enterprise Security to monitor our environment The threat intelligence and monitoring of Splunk are good.  We have integrated Splunk Enterprise Security with ServiceNow so whenever there is a detection it will automatically raise a ticket and send it to the appropriate team for…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"The log folder is fairly simple."
"Google Chronicle Suite provides useful APIs."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The support team is responsive."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"It's basically one of the best SIEM products on the market."
"Alerts when a server is malfunctioning, monitors external attacks, and takes action to stop spreading viruses."
"To get visibility from your network devices, servers, and security devices is a great feature."
"We evaluated several solutions and selected Splunk due to the functionality and cost."
"The initial setup is really straightforward. It's one of the easiest installations."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"The most valuable feature is the incident dashboard, and the extensive use of correlation searches, which isn't available with a standard Splunk search package. This feature is important to me because it enables SOC analysts to do their job more efficiently and be able to investigate or mediate incidents at a faster pace."
"The most valuable features in Splunk are the search function and the ability to run selected session reports. The session reports are important because I can use them to see what is going on in our environment weekly. Additionally, we can use the graph to see how often that particular event is happening."
 

Cons

"A few areas are difficult to understand for someone who has less experience using the product."
"The product's default dashboard feature has a few limitations regarding availability."
"The tool is complicated for a first-time user. It should also include newer APIs."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"The configuration is not optimal."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"While Splunk Enterprise Security offers valuable features, its cost is high and could be more competitive."
"Splunk Enterprise Security has not helped reduce our alert volume."
"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
"While Splunk offers SOAR as a separate product, integrating it into the next version of Splunk Enterprise Security as a unified solution would be beneficial."
"I feel as though a major focus of upcoming releases should be set on Machine Learning, Predictive Analytics, and I would enjoy to see more security focused add-ons and apps developed by the vendor."
"Spam has different plugins but by default, the logs are not organized, it shows that there are roll-ups that are out of the box. I saw many plugins that can help improve or extend Splunk's functionality but I haven't tried any of them."
"The threat detection system has room for improvement."
 

Pricing and Cost Advice

"The solution's pricing is dependent on the data amount."
"Compared to other solutions, Google Chronicle Suite's pricing is fine."
"The tool is cheaper than Microsoft Sentinel."
"We have to pay extra charges for the amount of data transfer and technical support services."
"The pricing is very complicated, and it is very pricey. You do require a lot of different licenses in order to get a comprehensive solution that is not just the SIEM solution."
"We had a yearly subscription."
"Its price is fair. Like with anything else, if you go into the cloud, different providers cost more, and you are able to throttle back or throttle up. The cost is comparable with anything else."
"There is an annual license required to use this solution."
"My customers have found the price of the solution to be high."
"It is expensive. I used to buy it early on, but then they combined it into a higher-up organization. They buy it for multiple systems now. Last time, I paid around 60K for it. There is just the licensing fee. That's all."
"It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
"ROI is estimated at saving my team roughly 10 to 12 man hours per week in troubleshooting for our company as well as what our profits had been from our services of installing, configuring, and supporting other clients with the product."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
789,291 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
12%
Retailer
11%
University
6%
Financial Services Firm
15%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Google Chronicle Suite?
Google Chronicle Suite is a highly scalable solution with good search capabilities.
What is your experience regarding pricing and costs for Google Chronicle Suite?
Compared to other solutions, Google Chronicle Suite's pricing is fine.
What needs improvement with Google Chronicle Suite?
The solution's graphical user interface (GUI) should be more user-friendly.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Find out what your peers are saying about Google Chronicle Suite vs. Splunk Enterprise Security and other solutions. Updated: June 2024.
789,291 professionals have used our research since 2012.