Splunk Enterprise Security vs VMware Aria Operations for Logs comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Splunk Enterprise Security and VMware Aria Operations for Logs based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Splunk Enterprise Security vs. VMware Aria Operations for Logs Report (Updated: September 2023).
734,678 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The product provides visibility and enables us to correlate data and generate alerts.""Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later.""Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up.""It is very scalable.""What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis.""The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions.""I like Splunk's data aggregation and search capabilities.""We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."

More Splunk Enterprise Security Pros →

"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search.""It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly.""It is a very useful tool if you have a VMware environment.""vRealize Log Insight has been running without any issues.""The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize.""One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."

More VMware Aria Operations for Logs Pros →

"I have concerns about the architecture as well since I can see it is not very well defined.""Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model.""Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better.""I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.""We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that.""Writing queries is a bit complicated sometimes.""Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky.""If you monitor too much, you can lose performance on your systems."

More Splunk Enterprise Security Cons →

"Paid or free does not matter, but it is complex to find good training material for vRealize Log Insight.""Integration with other vendors is something that could be improved, they could add more vendors.""What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects.""I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up.""Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that.""In vRealize login files, we have limitations regarding log partitions."

More VMware Aria Operations for Logs Cons →

Pricing and Cost Advice
  • "The price of Splunk is reasonable."
  • "The subscription is monthly."
  • "It can be cost-prohibitive when you start to scale and have terabytes of data. Its cost model is based on how much data it processes a day. If they're able to create scaled-down niche or custom package offerings, it may help with the cost. Instead of the full-blown features, if they can narrow the scope where it can only be used for a specific purpose, it would kind of create that market for the product, and it may help with the costing. When you start using it as a central aggregator and you're pumping tons of logs at it, pretty soon, you'll start hitting your cap on what it can process a day. Once you've got that, you're kind of defeating the purpose because you're going to have to scale back."
  • "It's a yearly subscription."
  • "This product could use better pricing in general."
  • "The pricing modules could be improved."
  • "This solution is costly. Splunk is obviously a great product, but you should only choose this product if you need all the features provided. Otherwise, if you don't need all the features to meet your requirements, there are probably other products that will be more cost-effective. It's cost versus the functionality requirement."
  • "It is expensive. I used to buy it early on, but then they combined it into a higher-up organization. They buy it for multiple systems now. Last time, I paid around 60K for it. There is just the licensing fee. That's all."
  • More Splunk Enterprise Security Pricing and Cost Advice →

  • "Pricing is good because it is part of the suite package. It comes in a bundle for us."
  • "The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."
  • "I am not sure what the exact cost is. However, I believe the vRealize suite costs $2,500.00 per year."
  • More VMware Aria Operations for Logs Pricing and Cost Advice →

    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    734,678 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Top Answer:The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize.
    Top Answer:In vRealize login files, we have limitations regarding log partitions. We are limited to a maximum of five partitions, but in our case, we need more. Is it possible to provide more log partitions? I… more »
    out of 73 in Log Management
    Average Words per Review
    out of 73 in Log Management
    Average Words per Review
    Also Known As
    vRealize Log Insight
    Learn More
    Video Not Available

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Manage data at scale with centralized log management, deep operational visibility and intelligent analytics for troubleshooting and auditing across private, hybrid and multi-cloud environments.
    Learn more about Splunk Enterprise Security
    Learn more about VMware Aria Operations for Logs
    Sample Customers
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Wildlands Adventure Zoo, Medic Mobile, IBM, Seventy Seven Energy, Baystate Health, Osis, Oxford University, Columbia University, Siemens, Cardinal Health, Ashdod Port, Vasakronan, Sydney Adventist Hospital, University of Derby
    Top Industries
    Financial Services Firm16%
    Computer Software Company15%
    Energy/Utilities Company8%
    Financial Services Firm15%
    Computer Software Company15%
    Manufacturing Company7%
    Computer Software Company14%
    Financial Services Firm14%
    Manufacturing Company5%
    Company Size
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Small Business29%
    Midsize Enterprise41%
    Large Enterprise29%
    Small Business18%
    Midsize Enterprise15%
    Large Enterprise67%
    Buyer's Guide
    Splunk Enterprise Security vs. VMware Aria Operations for Logs
    September 2023
    Find out what your peers are saying about Splunk Enterprise Security vs. VMware Aria Operations for Logs and other solutions. Updated: September 2023.
    734,678 professionals have used our research since 2012.

    Splunk Enterprise Security is ranked 1st in Log Management with 71 reviews while VMware Aria Operations for Logs is ranked 14th in Log Management with 6 reviews. Splunk Enterprise Security is rated 8.4, while VMware Aria Operations for Logs is rated 8.4. The top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Splunk Enterprise Security is most compared with Wazuh, Microsoft Sentinel, Dynatrace, Elastic Security and Graylog, whereas VMware Aria Operations for Logs is most compared with Elastic Security, IBM Security QRadar, Graylog, LogRhythm SIEM and Fortinet FortiAnalyzer. See our Splunk Enterprise Security vs. VMware Aria Operations for Logs report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.