We performed a comparison between Splunk Enterprise Security and syslog-ng based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has a rapid response search environment in the event of an incident."
"We solve issues that we previously could not since we now have the data."
"Splunk is stable, and this is why many customers want it."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"It is very stable. We have not had any problems."
"On the cloud, we are pushing through less than half a petabyte of data. So far, it has been fairly stable because it runs on all the underlying AWS infrastructures."
"Splunk provides immediate visibility into key business metrics and new business insights that deliver immediate value."
"The product provides visibility and enables us to correlate data and generate alerts."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"Not even Splunk's support guy, who came to our firm, could help with defining proper role management."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"It needs a better way to export dynamic views without requiring a ton of code and user/pw."
"We had an instance when Splunk failed and it took us a couple of days to recover."
"Its interface could be improved."
"There is improvement needed when importing from some types of data sources."
"Splunk has a steeper learning curve, making it feel less user-friendly."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
"The filtering has room for improvement."
"There is always the potential for additional integration and protocol extensions."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
Splunk Enterprise Security is ranked 1st in Log Management with 228 reviews while syslog-ng is ranked 17th in Log Management with 5 reviews. Splunk Enterprise Security is rated 8.4, while syslog-ng is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Microsoft Sentinel and Elastic Security, whereas syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Graylog, Grafana Loki, Logstash and Cribl Stream. See our Splunk Enterprise Security vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.