• Home
  • Splunk Enterprise Security vs. vRealize Network Insight

Splunk Enterprise Security vs vRealize Network Insight comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
Splunk Logo

Splunk Enterprise Security

Read 227 Splunk Enterprise Security reviews
25,711 views|20,955 comparisons
92% willing to recommend
VMware Logo

vRealize Network Insight

Read 44 vRealize Network Insight reviews
1,827 views|1,047 comparisons
89% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between Splunk Enterprise Security and vRealize Network Insight based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
767,667 professionals have used our research since 2012.
Featured Review
Sachin Paul
Researched Splunk Enterprise Security but chose Microsoft Sentinel: Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
MANISH CHOUDHARY.
We can easily identify users and devices, but the plugins have room for improvement
We use multiple cloud environments for our clients, including AWS, Azure, GCP, and private cloud. We can easily integrate Splunk Enterprise... Read more →
Paul Bryant
Provides deep analytical insights and makes migrations efficient with dependency mapping
All of its use cases helped a lot. If we're increasing network performance, we're cutting the risk down on our SLAs. We're increasing performance... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent.""Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible.""I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products.""There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive.""Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources.""There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection.""The solution offers a lot of data on events. It helps us create specific detection strategies.""The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."

More Microsoft Sentinel Pros →

"The level of robustness on offer is very good.""The SIEM is the most valuable feature of the product.""Splunk's strongest suit is its user interface. We can integrate multiple solutions and adjust settings in the Splunk interface.""Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc.""Capability to expand the functionality through custom code for data inputs, commands, visualization, alerts, and machine learning.""The most valuable feature of Splunk is the management and built-in workflows.""I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs.""It has virtual visualization, and other products do not."

More Splunk Enterprise Security Pros →

"I find it user-friendly and intuitive. With the GUI interface that we do use on a regular basis, it's easy to navigate, it's easy to see, easy to query. We get reports. It's easy to use.""It is user-friendly. It's pretty simple to deploy and to run. It gives you pretty easy-to-understand reports, very graphically intense, so you can visualize what's going on in your network.""It's very user-friendly in the sense that the querying is just regular language like you and I speak or write. You don't need to know any SQL-query type of language to be able to get what you want out of it.""It's a very powerful, very manageable product.""It gives the visibility that was either broken or there in pieces only. This solution provides a unified view of the whole system, back and forth. It has helped to reduce time to value, increase performance, more easily manage networks, and provide deep visibility.""compare-to-competition; I would recommend the product. I don't think there is any other product like this on the market right now.""The best feature of this application is its ability to capture everything within the same application, as well as capture all the traffic.""The tool's ease of configuration and use and the availability of information and artifacts through professional services and the web are key factors that customers find valuable."

More vRealize Network Insight Pros →

Cons
"I would like to be able to monitor applications outside of the Azure Cloud.""If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable.""They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results.""Microsoft Sentinel is relatively expensive, and its cost should be improved.""While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate.""The troubleshooting has room for improvement.""Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."

More Microsoft Sentinel Cons →

"AngularJS/ReactJS inclusion could be made easier in GUI.""The solution could use a different licensing model.""There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good.""​Not even Splunk's support guy, who came to our firm, could help with defining proper role management.​""Splunk Enterprise Security could improve in automation, flexibility, and providing more content out of the box.""The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer.""The support that is included with the standard licensing fee is very bad.""I love the solution, but I would like to see more accessibility to the machine-learning capabilities that are sprinkled around Splunk."

More Splunk Enterprise Security Cons →

"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern.""I would like to see more reporting features, more dashboards.""The only issue we have is that the solution does not always capture the host names.""While it's not exactly a feature, what normally happens when we are trying to look at the VM flow portion is - although Network Insight does have options to integrate a few physical switches into it - we can't really get an end-to-end flow of the network. We might be using a few switches that are not supported by Network Insight. That is where they can improve, in the support for more physical switches and network devices.""The compatibility with each and every component of the infrastructure is the main thing that I am looking for. I would like them to make sure that it's compatible with different kinds of storage systems, etc. I have seen the compatibility list. I feel it can be more compatible than it is right now.""I want to see more in terms of microsegmentation. As of now, I can see the rules, but they are not in a readable format that I can convert to microsegmentation and can fit into NSX Manager.""vRNI needs more remediation where it hooks into NSX.""If it were more application-aware, more descriptive; if it were able to determine the application that is actually doing the communication, that would be easier. More application information: which user or account it's accessing, is it accessing this application, doing these calls, if it is accessing a script, what script is it accessing. Things like that would provide deeper analytics so I can track what's going on. It would not just be, "These people shouldn't be talking," but who is actually doing these calls."

More vRealize Network Insight Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

  • "The solution has helped us to reduce time, increase performance, reduce costs, and even easily manage networks. We are probably seeing 10 to 20 percent labor savings because we are able to be very specific and focused on what we want to do. It ends up saving the customer money and makes us be more efficient on our cost deliveries."
  • "It reduces costs. It takes something that may be challenging and makes it more usable and visual by being able to bring in tools, seeing what their impact is, such as microsegmentation and application rationalization, and seeing it quickly."
  • "Cost always has room for improvement, you could always make it cheaper. But I think it's a good value for what you pay for it."
  • "It's an expensive product because we have a lot of nodes."
  • "They should include the product in NSX because it's important to have it for deployment."
  • "The solution has reduced the time that we spend on other products. For example, with NSX, we were able to quickly find things that we would normally spend days trying to figure out."
  • "We have spent less time investigating network flows, so it is absolutely cost-effective."
  • "It has brought more money into our company."

    • More vRealize Network Insight Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    767,667 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring… more »
    Read all 2 answers   →
    What do you like most about Splunk?
    Top Answer:The most valuable feature of Splunk Enterprise Security is website activity monitoring.
    Read all 128 answers   →
    What do you like most about vRealize Network Insight?
    Top Answer:The tool's ease of configuration and use and the availability of information and artifacts through professional services… more »
    Read all 36 answers   →
    What is your experience regarding pricing and costs for vRealize Network ...
    Top Answer:I rate vRealize Network Insight's pricing a seven point five out of ten.
    Read all 10 answers   →
    What needs improvement with vRealize Network Insight?
    Top Answer:The IT infrastructure industry is expected to evolve towards a hybrid cloud model in the next five to ten years. In this… more »
    Read all 37 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    Arkin
    Learn More
    Microsoft
    Splunk
    VMware
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    VMware vRealize Network Insight delivers intelligent operations for software-defined networking and security. It helps customers build an optimized, highly-available and secure network infrastructure across multi-cloud environments. It accelerates micro-segmentation planning and deployment, enables visibility across virtual and physical networks and provides operational views to manage and scale VMware NSX deployments.
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    NTTi3, VCIX-NV, VMware Networking and Security Business Unit, Illumio, CompuNet
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company18%
    Financial Services Firm15%
    Government10%
    Energy/Utilities Company7%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm21%
    Manufacturing Company15%
    Healthcare Company15%
    Computer Software Company12%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company13%
    Government12%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business31%
    Midsize Enterprise12%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    REVIEWERS
    Small Business13%
    Midsize Enterprise16%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise11%
    Large Enterprise70%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    767,667 professionals have used our research since 2012.

    Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews while vRealize Network Insight is ranked 24th in IT Infrastructure Monitoring with 44 reviews. Splunk Enterprise Security is rated 8.4, while vRealize Network Insight is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, VMware Aria Operations for Applications, Zabbix and Cisco Secure Network Analytics.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.