We performed a comparison between Splunk Enterprise Security and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product provides visibility and enables us to correlate data and generate alerts."
"Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"It is very scalable."
"What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"I like Splunk's data aggregation and search capabilities."
"We have found all the features useful. However, the dashboarding and logging have been very helpful. Additionally, the log analysis does a great job."
"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"It is a very useful tool if you have a VMware environment."
"vRealize Log Insight has been running without any issues."
"The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"I have concerns about the architecture as well since I can see it is not very well defined."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that."
"Writing queries is a bit complicated sometimes."
"Splunk could add more ways to manage archiving and storage. There isn't a web interface. You can do this on the SaaS version, but the on-premise platform doesn't have this option. It has other things but no option for remote NAS. I would like to have a personal web interface where I can specify how long logs should be stored. To have this readily available on the web, you need to adjust some settings on the backend. That is tricky."
"If you monitor too much, you can lose performance on your systems."
"Paid or free does not matter, but it is complex to find good training material for vRealize Log Insight."
"Integration with other vendors is something that could be improved, they could add more vendors."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
"Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that."
"In vRealize login files, we have limitations regarding log partitions."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Splunk Enterprise Security is ranked 1st in Log Management with 71 reviews while VMware Aria Operations for Logs is ranked 14th in Log Management with 6 reviews. Splunk Enterprise Security is rated 8.4, while VMware Aria Operations for Logs is rated 8.4. The top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Splunk Enterprise Security is most compared with Wazuh, Microsoft Sentinel, Dynatrace, Elastic Security and Graylog, whereas VMware Aria Operations for Logs is most compared with Elastic Security, IBM Security QRadar, Graylog, LogRhythm SIEM and Fortinet FortiAnalyzer. See our Splunk Enterprise Security vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
