We performed a comparison between Splunk Enterprise Security and Tintri Global Center [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The initial setup isn't overly complex."
"It's the completeness of the solution that we like the most."
"You can integrate Splunk with third-party security automation solutions and set rules for automatic response."
"It's extremely scalable. It's a very robust solution and certainly has the capability of handling far bigger data requirements than a lot of the other tools. Generally what ends up happening with me is that my clients tend, for the most part, to be mid-tier organizations where the cost of that solutions would be accompanying requirements for people just becomes way too prohibitive. Especially considering the model that they use for costing, which is based on the volume of data. Of course, they're going to put everything including the Coke machine as the ability to collect data off of it, because of course the more they can put through the tool the more money they make."
"The most valuable aspect of the solution is the dashboard. It's very intuitive."
"The product is adept at log mining."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"The Tintri product line as a whole has freed up a lot of resources from constant administration of legacy enterprise storage."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"We are invoiced according to the amount of data generated within each log."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"I'd like to see more integration with more antivirus systems."
"It requires a significant amount of relatively complex architecture once you push past the single server instance."
"Splunk can improve regex/asset analysis as we do not want to crawl until it is done."
"The difficult part is related to integration with sources of data that are used to create the logs as this depends on the infrastructure of the client."
"AngularJS/ReactJS inclusion could be made easier in GUI."
"The Enterprise Security app could be improved. We have had trouble with it working from the first day."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"My biggest struggle with Splunk in general is memorizing all the commands. If I want to know which users have logged in between certain hours, I cannot write that query out. It would be helpful to have AI so that I can explain in simple terms what I want and then the search gives that back to me. I am waiting for that."
"A better Tintri would be a "cheaper" one to get things started again."
Earn 20 points
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 228 reviews while Tintri Global Center [EOL] doesn't meet the minimum requirements to be ranked in Security Information and Event Management (SIEM). Splunk Enterprise Security is rated 8.4, while Tintri Global Center [EOL] is rated 10.0. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tintri Global Center [EOL] writes "Provides VM protection with scheduled snapshots and replication". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog, whereas Tintri Global Center [EOL] is most compared with .
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.