We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The automation feature is valuable."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The Log analytics are useful."
"The machine learning and artificial intelligence on offer are great."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"It gives us the liberty to do more in terms of use cases."
"The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk."
"The best part of Splunk Enterprise Security is its customizable settings."
"You can integrate Splunk with third-party security automation solutions and set rules for automatic response."
"The most valuable feature is the custom dashboard feature."
"We can automatically suspend or terminate suspicious sessions."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"The ability of filtering and segmentation of the data makes it very flexible compared to other tools."
"The ability to deploy is the added ability to centralise the Tableau repository for all Tableau Developers."
"Tableau has comprehensive, insightful charts, which allow you to build stunning dashboards and enrich your support decision-making."
"Easy to create graphs and visualizations."
"The product’s performance is better than other tools."
"The most valuable feature is the ease of use."
"The most valuable part of the solution is the general dashboard features."
"Visualization attributes: Marks – Color, Size, Label, etc.. Easily Accessible and Intuitive."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"We would like more integrations with other cloud products, not just AWS, e.g., Azure."
"Its setup is a little bit complex for a distributed environment. Their support can also be better. If we miss the response for more than a week, they usually close the case. Sometimes, it can take us more than a week to reply."
"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."
"The security can be improved."
"I feel the solution to be too slow."
"The threat detection library needs to increase the frequency at which the playbooks are updated."
"It could be more user friendly, in terms of the end-user experience."
"Its interface and usability can always be improved."
"It needs a little bit more advanced modeling. I would like to see functionality like Cognos has in the Framework Manager."
"An area needing improvement involves the complexity of the product should you need to alter a lot of parameters. If you have technical servers, much interface, different providers and more serious processes, that will be time consuming."
"In the next release, there should be more information describing each chart because users have a difficult time telling them apart. They should also include the animations/videos, similar to Power BI."
"If you wanted to create something without making it an extra column in the data set, you can't just rename it to a more user-friendly short name."
"It's not an aesthetic platform at the moment."
"Reports should be downloadable as PDF files."
"I also work as an SME on the platform side. Tableau is very nice and jazzy for the end-users, but there are pain points for the admins. Performance is something about which we hear a lot of complaints, such as the dashboard doesn't open in time. It performs well on the desktop but not on the server. I know that there is always a limitation when it comes to a huge amount of data or the complexity of the calculations, but we often hear from end-users about the performance on the server side. It is easy to drag and drop all the columns and do what we want, but if it is not going to load better on the server, users are not going to like it."
"When compared to Power BI, it is less user-friendly."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 228 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 290 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.