We performed a comparison between Splunk Enterprise Security and WhatsUp Gold based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"It has basic out-of-the-box integrations with multiple log sources."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The machine learning and artificial intelligence on offer are great."
"The UI of Splunk makes it easier for our analysts to move around and see what they need to see."
"It is very scalable."
"It has virtual visualization, and other products do not."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"It can log more logs than other solutions. It's a good way to troubleshoot problems."
"Positive features include replication capabilities, software development kits, and the architecture."
"Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"The solution effectively monitors network devices and servers."
"The threshold alerting is the most valuable feature."
"We no longer have to manually search for problems because we are alerted when something in the network goes down."
"The most valuable feature is the monitoring of resources."
"It handles the basics of monitoring."
"WhatsUp Gold is very easy to deploy."
"The most important features of WhatsUp Gold are the server health and uptime it provides. Additionally, WhatsUp Gold is a Windows-based solution which is a benefit."
"The installation and configuration process are easy."
"The only thing is sometimes you can have a false positive."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Search head clustering is often temperamental in its current state and should be improved, replaced by something better, or be reverted to search head pooling."
"Make it easier to include roles and user controls, as it is horrible now."
"They can incorporate the SOAR solution within the actual product so that we do not require two different products, two different installations, and two different pricing methods. In regards to UBA, I am familiar with the UBA that existed two years ago. I am not updated about it today, but two years ago, UBA required such an amount of data that from a cost perspective, it was not worth it. When you compare it to what you get out of the box with Microsoft Sentinel without additional costs, there is no match."
"The price has room for improvement."
"The glass table feature does not perform as expected."
"I find the graphical options really limited and you don't have enough control over how to display the data that you want to see."
"You do need a lot of training and certification with this product."
"The monitoring aspect of Splunk could be improved. We have to do some queries to get as much information as CrowdStrike or other solutions provide. If you run a big query, you will see a delay. That is the only concern we have because it will take some time if you query large data sets."
"The new release cadence needs to be improved. It takes a while for them to add new features and functionality. There should be a quicker turnaround with new versions."
"I would like to see better integration with switches so that you can see what is connected to each port, what the traffic is, and have a network map automatically generated."
"You have to invest a few days to become an expert in this solution."
"The interface needs some work."
"The initial setup of WhatsUp Gold is a medium range of difficulty levels. However, if it is your first time it could be difficult."
"Integrations with other devices. I want to have a product that has full integration with my active directory so I can track user activity. I want to track my complete user activity, so I'm looking for a product to implement in the near future, which will have full integration with my network and active directory users. It became very difficult to track user activity."
"Adding on services increases the cost and on the version we have there is no option for ATM monitoring."
"The pricing for this solution has gone up quite recently, which has led some of our customers to buy an alternative product."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 227 reviews while WhatsUp Gold is ranked 36th in Application Performance Monitoring (APM) and Observability with 21 reviews. Splunk Enterprise Security is rated 8.4, while WhatsUp Gold is rated 7.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of WhatsUp Gold writes "Accurate network monitoring, but tech support is lacking". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas WhatsUp Gold is most compared with SolarWinds NPM, Zabbix, Grafana, PRTG Network Monitor and Centreon. See our Splunk Enterprise Security vs. WhatsUp Gold report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.