Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs Zabbix comparison

The compared Splunk and Zabbix solutions aren't in the same category. Splunk is ranked #1 in SIEM , with an average rating of 8.4, and holds a 11.3% mindshare in the category. Zabbix is ranked #1 in NMS , with an average rating of 8.4, and holds a 11.0% mindshare. Additionally, 93% of Splunk users are willing to recommend the solution, compared to 95% of Zabbix users who would recommend it.
Splunk Enterprise Security
Read 301 Splunk Enterprise Security reviews
  • 18,683 Views
  • 15,507 Comparison Views
93% willing to recommend
Zabbix
Read 103 Zabbix reviews
  • 19,113 Views
  • 14,876 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Splunk Enterprise Security and Zabbix are competitive solutions in IT monitoring and security analytics. Splunk Enterprise Security holds an advantage due to its expansive feature set and customer support, while Zabbix is preferred for affordability and efficient resource usage, appealing to cost-effective organizations.

Features: Splunk Enterprise Security is noted for its advanced search capabilities, real-time monitoring, and extensive integration support. Zabbix is recognized for real-time performance monitoring, straightforward scalability, and normal resource consumption.

Room for Improvement: Splunk Enterprise Security users suggest a simpler setup process, improved compatibility with non-standard systems, and better integration handling. Zabbix users seek more comprehensive documentation, enhanced alerting, and extended configuration options.

Ease of Deployment and Customer Service: Splunk Enterprise Security's deployment is complex but supported by proactive customer service. Zabbix offers straightforward deployment but experiences service delays.

Pricing and ROI: Splunk Enterprise Security has high setup costs but provides significant ROI for enterprises needing in-depth analytics. Zabbix is cost-effective, with lower setup costs, offering excellent ROI for robust monitoring without extensive operational costs.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: October 2024).
Buyer's Guide
Security Information and Event Management (SIEM)
October 2024
Download the complete report
Helped 813,418 peers since 2012
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Number of Reviews
301
Ranking in other categories
Log Management (1st), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
Zabbix
Average Rating
8.2
Number of Reviews
103
Ranking in other categories
Application Performance Monitoring (APM) and Observability (10th), Network Monitoring Software (1st), Server Monitoring (1st), IT Infrastructure Monitoring (1st), Cloud Monitoring Software (2nd)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 11.3%, down 14.6% compared to last year.
Zabbix, on the other hand, focuses on Network Monitoring Software, holds 11.0% mindshare, down 12.6% since last year.
Security Information and Event Management (SIEM)
Network Monitoring Software
 

Featured Reviews

Sameep Agarwal. - PeerSpot reviewer
Oct 23, 2023
It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query
The ingestion happens quickly, so you can run up the data costs if you use the default settings. It isn't a problem for government agencies in the Saudi market, but many of the corporations in India are small or medium-sized enterprises that cannot afford that kind of ingestion system. Splunk needs to be tweaked in JSON so you can limit what is coming from the endpoints, especially the events. One needs to filter that out so that only certain events are ingested, like login failures, Active Directory changes, password reset requests, privilege modifications, etc. Each Windows machine generates about 310 KB of information per event, but we can tweak that down to about 50 KB.
Read full review
ASM Naushad Alam - PeerSpot reviewer
Dec 16, 2022
Allows any number of customizations but lacks functionality for finding root causes
Our company is a financial organization and we use the solution to check connectivity, CPU utilization, and hard disk utilization for all of our servers. We monitor networks to learn traffic conditions. We use threshold features to compare servers or routers and find each server's size before it…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The indexing and data collection are valuable."
"We can ingest and correlate data from virtually any type of system."
"The initial setup isn't overly complex."
"You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do."
"I like Splunk's automated threat detection and orchestration capabilities. Splunk offers a single solution for analyzing, aggregating, correlating, monitoring, reporting, visualizing, etc. You can get all of these capabilities in one place. On top of that, it provides a cloud, testing, on-premise, and hybrid solution, giving customers more flexibility for their use cases."
"It helps streamline troubleshooting and log analysis."
"The flexibility of the solution is quite good."
"The solution's most valuable feature is the incident review, which gives a good overview of our security incidents."
More Splunk Enterprise Security pros
"Zabbix is an excellent performance monitoring tool."
"It has good graphs of what is going on within the operating system.​"
"We are able to do problem determination on runaway processes."
"The most valuable features are the monitoring and the ease with which we can set it up at customer sites with our custom Zabbix proxy and tools."
"The product is very stable."
"SNMP monitoring, source discovery, and alert triggering are most valuable."
"We use Zabbix to monitor our organization's IT infrastructure and workstations. We don't use Microsoft Intune since it's expensive. The tool's real-time alerting system has proved crucial for us, particularly when a new device joins a network that is not one of our own devices. It notifies us about the presence of this new device, allowing us to investigate further. Additionally, it alerts us about disk usage, memory usage, and the software installed on the machine."
"The solution is stable."
More Zabbix pros
 

Cons

"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"If possible, we would like to have not only a log monitoring system but a network monitoring feature in this solution as well."
"I feel the solution to be too slow."
"This is a costly solution."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"Being able to have a one-stop shop where you have the alert, but then you can generate the case right there from Splunk Enterprise Security instead of having to pivot to another tool such as Mission Control. You do not have to keep bouncing between them, so if you could do it all in one place, that would be great. The new release is supposed to start getting in that direction."
"I think the machine learning should be emphasized. Now, it's really important to analyze Big Data, data mining. A SIEM solution, like Splunk, needs an improved data mining solution, artificial intelligence."
"The support that is included with the standard licensing fee is very bad."
More Splunk Enterprise Security cons
"My company wanted to do an exercise command to access IT from Cameroon. They wanted to access an FSS to a second host with second equipment that was on another coast but it is not possible on Zabbix to do it. They want to directly access from the front-end of Zabbix to access a prompt in Zabbix to an access terminal. In the front-end, there is no way to do that. That would be an important improvement."
"Zabbix is powerful, but it is difficult to understand initially. There are many things that can be improved, but we might not be using Zabbix to its fullest extent. The software has more features than we need."
"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."
"Even though it’s such a powerful monitoring system, it would be more helpful if it had a flexible UI."
"The System Center Operations Manager can be improved."
"The APM monitoring has room for improvement, although I hear that the new 5.2 version has some improvements in that area, and I'd like to give that a go. I would like to see a few more templates out there for different styles of monitoring. I use the Grafana interface for reporting. I would also like it to have an out-of-the-box ability to email reports. You can create reports, but to be able to email those reports would be really helpful. I've got users who are not interested in logging in and generating a report. They want it all pre-canned and sent to an email address. It would also be really handy if we could pin certain reports up onto platforms such as Teams or SharePoint. A GUI for the proxy server would be cool to have for debugging purposes and for the support teams to have a look at, but I don't know whether that's really feasible to do. I get enough from the log files themselves."
"Correlation of events would be a wonderful addition."
"Zabbix technical support is sold separately."
More Zabbix cons
 

Pricing and Cost Advice

"We have had a reduction in the time it takes to resolve issues and correlate what has failed."
"The Splunk licensing is high."
"Splunk Enterprise Security incurs a significant cost because of the amount of data we send, but we are fine with the value we're getting for that price."
"Splunk Enterprise Security is expensive but the solution is equipped with a lot of features."
"Expensive compared to other options."
"The Splunk Enterprise Security license is expensive."
"Splunk Enterprise Security's pricing is pretty competitive."
"The tool's licensing is good and we haven't received any complaints from the team handling it."
More Splunk Enterprise Security pricing and cost advice
"There is no license but we need to pay for support."
"The tool's licensing costs are yearly."
"Its licensing is fair. It seems to be much cheaper than others."
"My manager is very happy because it doesn't cost anything."
"It's free software released under the GNU/GPL license."
"We purchased Zabbix for a good price, including support"
"I was using the free, Community Edition."
"This is an open-source solution that can be used free of charge."
More Zabbix pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
813,418 professionals have used our research since 2012.
 

Comparison Review

it_user174738 - PeerSpot reviewer
May 31, 2015
Nagios vs. Zabbix vs. PRTG vs. Spiceworks vs. Solarwinds Network Performance Monitor
I have researched a quite a few network monitoring tools which can be used for various monitoring purposes of not only the servers, but the intermediate routers as well. There are majorly three types of these softwares. Ones which are completely open-source, you can do almost anything you want…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
14%
Government
9%
Manufacturing Company
8%
Educational Organization
39%
Computer Software Company
11%
Financial Services Firm
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
See all answers
What do you like most about Zabbix?
The template system in Zabbix is very beneficial as it saves time in configuration.
See all answers
What is your experience regarding pricing and costs for Zabbix?
I use the tool's free version.
See all answers
What needs improvement with Zabbix?
I'm using the free version of Zabbix, and I'd like to see more customization options, especially for setting trigger thresholds.
See all answers
 

Comparisons

Wazuh vs Splunk Enterprise Security Logo
Wazuh vs Splunk Enterprise Security
Compared 13% of the time
IBM Security QRadar vs Splunk Enterprise Security Logo
IBM Security QRadar vs Splunk Enterprise Security
Compared 9% of the time
Dynatrace vs Splunk Enterprise Security Logo
Dynatrace vs Splunk Enterprise Security
Compared 8% of the time
Datadog vs Splunk Enterprise Security Logo
Datadog vs Splunk Enterprise Security
Compared 4% of the time
Sentinel vs Splunk Enterprise Security Logo
Sentinel vs Splunk Enterprise Security
Compared 4% of the time
More Splunk Enterprise Security Competitors
LibreNMS vs Zabbix Logo
LibreNMS vs Zabbix
Compared 8% of the time
Icinga vs Zabbix Logo
Icinga vs Zabbix
Compared 7% of the time
Checkmk vs Zabbix Logo
Checkmk vs Zabbix
Compared 7% of the time
Centreon vs Zabbix Logo
Centreon vs Zabbix
Compared 5% of the time
Nagios XI vs Zabbix Logo
Nagios XI vs Zabbix
Compared 4% of the time
More Zabbix Competitors
 

Product Reports

Buyer's Guide
Splunk Enterprise Security
September 2024
Splunk Enterprise Security reportDownload Splunk Enterprise Security product report
Buyer's Guide
Zabbix
September 2024
Zabbix reportDownload Zabbix product report
 

Learn More

Splunk
Zabbix
 

Overview

Splunk Enterprise Security is widely used for security operations, including threat detection, incident response, and log monitoring. It centralizes log management, offers security analytics, and ensures compliance, enhancing the overall security posture of organizations.

Companies leverage Splunk Enterprise Security to monitor endpoints, networks, and users, detecting anomalies, brute force attacks, and unauthorized access. They use it for fraud detection, machine learning, and real-time alerts within their SOCs. The platform enhances visibility and correlates data from multiple sources to identify security threats efficiently. Key features include comprehensive dashboards, excellent reporting capabilities, robust log aggregation, and flexible data ingestion. Users appreciate its SIEM capabilities, threat intelligence, risk-based alerting, and correlation searches. Highly scalable and stable, it suits multi-cloud environments, reducing alert volumes and speeding up investigations.

What are the key features?
  • Comprehensive Dashboards: Provide a holistic view of security operations.
  • Flexible Data Ingestion: Supports various data sources for better analysis.
  • Robust Log Aggregation: Centralizes log management for easier monitoring.
  • Machine Learning Toolkit: Enhances threat detection and prediction capabilities.
  • SIEM Capabilities: Integrates security information and event management.
  • Threat Intelligence: Utilizes external information to improve security measures.
  • Risk-Based Alerting: Prioritizes alerts based on the risk they pose.
  • Correlation Searches: Identifies and correlates security events effectively.
What benefits or ROI should users look for?
  • Enhanced Visibility: Improves monitoring across endpoints, networks, and users.
  • Faster Incident Response: Speeds up identification and resolution of security issues.
  • Reduced Alert Volumes: Lowers false positives and enhances signal-to-noise ratio.
  • Scalability: Adapts to growing and changing security needs.
  • Improved Security Operations: Integrates multiple security facets into one platform.

Splunk Enterprise Security is implemented across industries like finance, healthcare, and retail. Financial institutions use it for fraud detection and compliance, while healthcare organizations leverage its capabilities to safeguard patient data. Retailers deploy it to protect customer information and ensure secure transactions.

Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services. 

It offers a wide range of features including data collection, visualization, and reporting. 

With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
Buyer's Guide
Security Information and Event Management (SIEM)
October 2024
Download Free Report
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: October 2024.
DOWNLOAD NOW
813,418 professionals have used our research since 2012.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.