Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed NNT Log Tracker Enterprise vs. Splunk Enterprise Security Report (Updated: July 2024).

Buyer's Guide

NNT Log Tracker Enterprise vs. Splunk Enterprise Security

July 2024

Download the complete report

Helped 793,295 peers since 2012

Categories and Ranking

NNT Log Tracker Enterprise

Ranking in Log Management

61st

Ranking in Security Information and Event Management (SIEM)

47th

Average Rating

8.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Splunk Enterprise Security

Ranking in Log Management

1st

Ranking in Security Information and Event Management (SIEM)

1st

Average Rating

8.4

Number of Reviews

295

Ranking in other categories

IT Operations Analytics (1st)

Mindshare comparison

As of July 2024, in the Security Information and Event Management (SIEM) category, the mindshare of NNT Log Tracker Enterprise is 0.2%, up from 0.2% compared to the previous year. The mindshare of Splunk Enterprise Security is 10.1%, down from 12.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Unique Categories:

Log Management

0.1%

IT Operations Analytics

30.3%

Featured Reviews

Jagganath Tendle

Senior Infra Manager at Tech Mahindra Limited

Jan 7, 2020

Good file integrity monitoring and change tracking tools but the knowledge base needs to be available online

We use this solution primarily for real-time log analytics. We also use the NNT Log Tracker and Change Tracker for the FIM functionality The FIM features in the Change Tracker and the Log Tracker are the most valuable. With that, we analyze the log and differentiate between the planned and…

Read full review

reviewer2500056

Cyber security analyst at a manufacturing company with 10,001+ employees

Jun 13, 2024

Provides threat intelligence correlations and reduces lead time for identifying risks and threats

The solution's most valuable feature is threat intelligence correlations. It's too hard to stay up-to-date on all the different data feeds yourself. So, having a tool that does it for you is very beneficial. Splunk Enterprise Security has increased our alert volume because we now have new data to work with, and we're writing more alerts. We don't use the solution a lot for observability. Usually, our primary use case for Splunk Enterprise Security is cybersecurity. It is extremely important to our organization that Splunk Enterprise Security provides end-to-end visibility into our environment. That's the primary reason we use it. We want the ability to do everything from one tool without having to trash back and forth and take that precious time. Splunk Enterprise Security has helped reduce our mean time to resolve. We're at least twice as efficient with Splunk Enterprise Security at identifying risk, following up, tracing it throughout the chain, and resolving it. We still have various toolings, but over time, the goal is to nest everything into Splunk Enterprise Security to make it cohesive from end to end.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"File integrity monitoring is a very important function."

"The FIM features in the Change Tracker and the Log Tracker are the most valuable."

"This is a very easy-to-use interface with a quick ramp-up time."

"The most valuable feature is the predefined reports for PCI compliance."

"The initial setup is simple, not very complex. Initial deployment takes around 10 to 15 minutes to set up the entire base for Splunk including all three tiers."

"The most valuable features are how stable and easy to use Splunk is."

"If you want to understand how it can analyze or find out incidents, the visibility is good."

"It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query on Splunk. The resolution time is about the same, but it took longer to discover the issue with ArcSight. Our previous solution took about an hour or more, but Splunk can do it within a few minutes or an hour at most."

"The compatibility with the add-ons helps us add more data in the same compatible format and use data models to elaborate and make it faster."

"Visualizations helped the organisation with a better understanding of its KPIs."

"Splunk's advantage is its search capability. Its search is notably faster. With Splunk, I can search easily on keywords. That is great."

"It can log more logs than other solutions. It's a good way to troubleshoot problems."

More Splunk Enterprise Security pros

Cons

"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."

"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."

"The correlation suite needs to be improved."

"It is able to identify the vulnerability, however, they need an option to auto-mitigate."

"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."

"Endpoint access is the only issue I can think to mention, even though the endpoint access we have with Cisco is fine."

"For us, the area that Splunk Enterprise Security can improve is performance optimization."

"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."

"Their technical support sucks."

"This is a costly solution."

"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."

"Features related to content management must be improved."

More Splunk Enterprise Security cons

Pricing and Cost Advice

"Consider both their on-premises solution and their hosted solution. Both are reasonably priced."

"We have selected a perpetual license along with support."

"NNT's pricing is moderate - I would rate their pricing two-and-a-half out of ten."

"It's definitely worth it."

"It is expensive. I work for multiple clients. I am working for more than five clients, but most of the clients are switching from Splunk to Sentinel because of the cost. Even though Sentinel is very limited, clients are moving to Sentinel."

"The pricing model is expensive and a nightmare based on the amount of data."

"The Splunk Enterprise Security license is expensive."

"Splunk has always been on the expensive side."

"From what I have seen so far, Splunk has multiple cost models. The one that we are using is pretty good when it comes to ingesting data into the environment. It has worked out pretty well."

"Splunk's costing is a little more difficult. The pricing method is complicated, and the way that costing is calculated in Splunk is a little more difficult."

"In terms of pricing, I believe Splunk is unreasonably costly for the majority of mid and small-sized companies."

More Splunk Enterprise Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

793,295 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

No data available

Financial Services Firm

15%

Computer Software Company

15%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

How does Splunk compare with Azure Monitor?

Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...

See all answers

Comparisons

No data available

Wazuh vs Splunk Enterprise Security

Compared 14% of the time

IBM Security QRadar vs Splunk Enterprise Security

Compared 9% of the time

Dynatrace vs Splunk Enterprise Security

Compared 8% of the time

Elastic Security vs Splunk Enterprise Security

Compared 4% of the time

Datadog vs Splunk Enterprise Security

Compared 4% of the time

More Splunk Enterprise Security Competitors

Product Reports

Buyer's Guide

Log Management

July 2024

Download NNT Log Tracker Enterprise product report

Buyer's Guide

Splunk Enterprise Security

June 2024

Download Splunk Enterprise Security product report

Learn More

Video not available

NNT

Splunk

Overview

NNT Log Tracker Enterprise is a comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:

Enterprise-class SIEM capabilities.
Compliance Automation.
User and System Activity Audit trails.
Network Anomaly forensics.
Proactive Threat Detection.

Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.

Full visibility across your environment

Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

Fast threat detection

Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

Efficient investigations

Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

Open and scalable

Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

Sample Customers

Wonga, WHSmith

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.

Buyer's Guide

NNT Log Tracker Enterprise vs. Splunk Enterprise Security

July 2024

Free Report: NNT Log Tracker Enterprise vs. Splunk Enterprise Security

Find out what your peers are saying about NNT Log Tracker Enterprise vs. Splunk Enterprise Security and other solutions. Updated: July 2024.

DOWNLOAD NOW

793,295 professionals have used our research since 2012.

See our NNT Log Tracker Enterprise vs. Splunk Enterprise Security report.

See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.