We performed a comparison between Splunk APM and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The product can integrate with any device."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The automation feature is valuable."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The volume it handles is very good, including the number of metrics, the volume number of traces, and more."
"The features are pretty much ready out of the box."
"It is a good tool. It allows you to set alerts for application and infrastructure monitoring, and it allows you to create dashboards."
"The features are pretty much ready out of the box."
"The solution is stable and reliable."
"Splunk's dashboards are great."
"Splunk APM has helped us to standardize logging and monitoring procedures."
"This solution is very quick to deploy as it is a SaaS solution and integrates with tools like ServiceNow."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"Technical support is always great."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"The solution is quite stable."
"We are able to diagnose problems before our customers."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"Sentinel's reporting is complex and can be more user-friendly."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The solution could be more user-friendly; some query languages are required to operate it."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Splunk APM should include a better correlation between resources and infrastructure monitoring."
"The UI enhancements could be a way to improve the solution in the future."
"The monitoring of workloads when using SignalFx could be improved."
"We currently lack log analysis capabilities in Splunk APM."
"They can improve the flow system and the keyword language. It has predefined keywords, but they can be improved."
"Splunk APM's performance could be improved - at the moment, it's very slow and takes forever to give me what I want."
"There are some predefined metrics.......we may want to create customized metrics."
"The cardinality is pretty low."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"There are some API gaps that are missing."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
Splunk APM is ranked 13th in Application Performance Monitoring (APM) and Observability with 12 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. Splunk APM is rated 8.2, while Sumo Logic Security is rated 8.6. The top reviewer of Splunk APM writes "Provides great visibility, analysis, and data telemetry". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Splunk APM is most compared with Splunk ITSI (IT Service Intelligence), Sentry, Elastic Observability, Monte Carlo and Dynatrace, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
