We performed a comparison between Security Onion and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"It scales better in the cloud than on-premise."
"Low barrier to start searching with the ability to normalize data on the fly."
"Its integration is most valuable. Its UI is also pretty much easy."
"It helps streamline troubleshooting and log analysis."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"From my experience, the visual aid that it provides is most valuable. There are charts and other means to provide information."
"The initial setup of the solution is a little bit difficult."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"Splunk can be an expensive solution. Technical support could be improved as well."
"In terms of the interface, it could include some improvements for the look and feel."
"Splunk could enhance its services by providing more comprehensive professional assistance aimed at optimizing our investment."
Security Onion is ranked 33rd in Log Management with 3 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews. Security Onion is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Graylog and Kali Linux, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel. See our Security Onion vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.