We performed a comparison between IBM SevOne Network Performance Management (NPM) and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Flexible architecture: You can extend the system and its capacity by attaching another cluster pair."
"In 90% of the cases, new devices are plug-and-play, so when a new version comes out then SevOne has support for it out of the box."
"The SMP and the xStats, which is for flat file integration, are both useful for integrating the various metrics that the device provides to monitor the performance of those systems."
"The most valuable feature as of late has been the API integration with ServiceNow."
"SevOne provides support for all universal connectors. They internally work with other data sources to get features implemented. We have an SD-WAN implementation and use other app data to monitor performance. If you pull that data into one centralized location, that is very useful for management."
"It's a great solution for highlighting and discovering useful information regarding our network's elements."
"Its ability to monitor practically any type of network device via SNMP is most valuable. This is the main functionality that we're using. If a network device exposes a metric, such as interface utilization, SevOne will monitor it for us."
"We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"It is the best tool if you have a complex environment or if data ingestion is too huge."
"The solution has proven to be quite stable."
"The most useful feature for me is the ability to create different kinds of alerts and set a different kind of denominator that will capture the real event. That is helpful for a power user like me."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"Splunk has machine learning which is a valuable feature."
"The tool needs improvement in non-Cisco SD-WAN."
"High-frequency polling is data-intensive because you're pulling more. If SevOne could figure out a way to manage the impact of high-frequency polling on the system, that would be very popular."
"We previously have had discussions on some reporting enhancements. So, we raised a feature request, which was delivered from SevOne."
"There are some tweaks and enhancements that I've already requested. One is to be able to make changes per device rather than as a global setting. That has to do with naming. It's minor."
"In terms of having a complete view of our network performance, I would rate it a nine out of 10. The reason for not giving it a 10 is that there is no packet capture associated with SevOne, but we do have other tools in place to do that."
"When I started using it, I tried adding one of the BroadWorks application servers into SevOne... it created thousands and thousands of objects from that one application server and we immediately ran out of license... It would help, when new objects are discovered, if there were a way to categorize those objects and to pick the part of the object you need..."
"There is no service mode setup in this monitoring tool if you want to snooze alerts for any specific amount of time, to account for any activity change or major incident."
"The one area with room for improvement is probably administration. They added data insights to make a better user experience, but I'd like to see some improvements in the way the system's administered."
"The configuration had a bit of a learning curve."
"It needs a better way to export dynamic views without requiring a ton of code and user/pw."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
"It's difficult to set up initially, and their billing model is also a bit complicated."
"Sometimes, there is latency in the logs."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
"Certain sections of the developer documentation could use some updating and clarification."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 32nd in Log Management with 52 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". IBM SevOne Network Performance Management (NPM) is most compared with LogicMonitor, Instana Infrastructure Monitoring, SolarWinds NPM, SolarWinds Network Device Monitor and NETSCOUT nGeniusONE, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security. See our IBM SevOne Network Performance Management (NPM) vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.