We performed a comparison between Logsign Next-Gen SIEM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The connectivity and analytics are great."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"The speed of the search engine"
"Splunk Enterprise Security comes with 300 pre-deployed use cases that can be easily customized to meet the specific needs of our organization, without the need to purchase additional tools."
"Search language is easy to understand and teach to new users."
"What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis."
"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"Great platform with user-friendly interface and GUI."
"Splunk's schema on demand is incredibly useful. I do not have to worry about what my users will need when we onboard their data."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The reporting could be more structured."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The troubleshooting has room for improvement."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"The integration could be a bit better. They charge for certain integrations."
"If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"It is a challenge to manage the environment in such a way, that one’s log, even with the bandwidth license, isn’t exceeded."
"The GUI could be improved to include some of the capabilities that other BI solutions have. The layout is a little restrictive where you can’t resize all the panels to exactly how you would like them without tweaking some XML code."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
"We'd like Splunk to reduce false positives."
"Sometimes, there is latency in the logs."
Logsign Next-Gen SIEM is ranked 42nd in Log Management with 2 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 221 reviews. Logsign Next-Gen SIEM is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, Sematext Logs and ManageEngine EventLog Analyzer, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.