We performed a comparison between Google Cloud's operations suite (formerly Stackdriver) and Splunk Enterprise Security based on real PeerSpot user reviews.Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The cloud login enables us to get our logs from the different platforms that we currently use."
"We find the solution to be stable."
"Our company has a corporate account for Google Cloud and so our systems and clusters integrate really well."
"I like the monitoring feature."
"It's easy to use."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
"The alerts are very effective."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"I like the search feature and the indexing. It's very fast and comprehensive."
"You can use it to gather syslog messages from anything."
"I haven't had the chance to properly sink my teeth into Enterprise Security but so far I like that they added the MITRE ATT&CK features."
"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."
"The solution helped reduce our alert volume."
"The logging functionality could be better."
"This solution could be improved if it offered the ability to analyze charts, such as a solution like Kibana."
"It could be more stable."
"The product provides minimal metrics that are insufficient."
"It could be even more automated."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now."
"The pricing can be better."
"I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."
"My biggest struggle with Splunk in general is memorizing all the commands. If I want to know which users have logged in between certain hours, I cannot write that query out. It would be helpful to have AI so that I can explain in simple terms what I want and then the search gives that back to me. I am waiting for that."
"It would be great if I could have a certain dialogue box in Splunk that uses innovative AI tools like ChatGPT, which are available now in the tech department."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"Splunk can improve its third-party device application plugins."
Real-time log management and analysis
Cloud Logging is a fully managed service that performs at scale and can ingest application and platform log data, as well as custom log data from GKE environments, VMs, and other services inside and outside of Google Cloud. Get advanced performance, troubleshooting, security, and business insights with Log Analytics, integrating the power of BigQuery into Cloud Logging.
Built-in metrics observability at scale
Cloud Monitoring provides visibility into the performance, uptime, and overall health of cloud-powered applications. Collect metrics, events, and metadata from Google Cloud services, hosted uptime probes, application instrumentation, and a variety of common application components. Visualize this data on charts and dashboards and create alerts so you are notified when metrics are outside of expected ranges.
Stand-alone managed service for running and scaling Prometheus
Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring solution, built on top of the same globally scalable data store as Cloud Monitoring. Keep your existing visualization, analysis, and alerting services, as this data can be queried with PromQL or Cloud Monitoring.
Monitor and improve your application's performance
Application Performance Management (APM) combines the monitoring and troubleshooting capabilities of Cloud Logging and Cloud Monitoring with Cloud Trace and Cloud Profiler to help you reduce latency and cost so you can run more efficient applications.
Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.
Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.
Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.
Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.
Google Cloud's operations suite (formerly Stackdriver) is ranked 24th in Log Management with 5 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 76 reviews. Google Cloud's operations suite (formerly Stackdriver) is rated 7.8, while Splunk Enterprise Security is rated 8.6. The top reviewer of Google Cloud's operations suite (formerly Stackdriver) writes "Good logging and tracing but does need more profiling capabilities". On the other hand, the top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". Google Cloud's operations suite (formerly Stackdriver) is most compared with AWS X-Ray, Datadog, Azure Monitor, Grafana and Zabbix, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our Google Cloud's operations suite (formerly Stackdriver) vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.