We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The main benefit is the ease of integration."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The product can integrate with any device."
"The ability to analyze huge amounts of sales data and accurate prediction of sales forecasting is the most valuable feature."
"The product has a good security posture."
"The product provides visibility and enables us to correlate data and generate alerts."
"The solution has plenty of features that are good."
"It is quite extensible. It is a platform that we can build our use instead of each case instead of each case being limited or restricted to each capability. This is probably the best feature."
"We have a one stop dashboard for health of some of our services where you can click in and it takes you to other dashboards that have custom near real-time metrics that show the application's health."
"The most valuable features of the solution are it is straightforward to use and the documentation is good for finding out how to get the data you are looking for."
"You can run reports against multiple devices at the same time. You are able to troubleshoot a single application on a thousand servers. You can do this with a single query, since it is very easy to do."
"The most valuable features of the solution are the permission management and the user management."
"The data visualization piece is most valuable. We do ad-hoc analysis or one-time shot things, but there are things that we have to track every single day. When our management and our customers want to see how things are changing, the dashboarding provides that information. Tableau is key in providing that data on a refresh basis. We use a data blending tool that pumps the data into Tableau, and we just schedule it to run every single day. So, the automation of the data and being able to present it to people who are interested are the most valuable features."
"One of the most valuable features is that the solution allows users to build interactive dashboards. This allows the end user to modify the criteria or the filtering if need be. As far as for my personal use as a QA Engineer, I really value how extensive their API document support has been."
"There is a lot of APIs available, which means that Tableau can be customized to a large extent."
"The most valuable features are the visualizations, the way they show the combination charts."
"Tableau will automatically show charts for the related data that I choose making it very easy to use."
"It is a stable solution."
"Visualization attributes: Marks – Color, Size, Label, etc.. Easily Accessible and Intuitive."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The playbook is a bit difficult and could be improved."
"The solution could improve the playbooks."
"We'd like to see more connectors."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"It is a challenge to manage the environment in such a way, that one’s log, even with the bandwidth license, isn’t exceeded."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"Certain sections of the developer documentation could use some updating and clarification."
"Previously, they developed custom connectors or add-ons for a lot of applications. But that number can be upgraded still. There are a lot of applications in the world that are not supported."
"Its interface and usability can always be improved."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"I also work as an SME on the platform side. Tableau is very nice and jazzy for the end-users, but there are pain points for the admins. Performance is something about which we hear a lot of complaints, such as the dashboard doesn't open in time. It performs well on the desktop but not on the server. I know that there is always a limitation when it comes to a huge amount of data or the complexity of the calculations, but we often hear from end-users about the performance on the server side. It is easy to drag and drop all the columns and do what we want, but if it is not going to load better on the server, users are not going to like it."
"It would be nice if we could export more raw data. Currently, there is a limit as to how much data you can export."
"The Hyper Extract functionality is not as strong as that provided by Microsoft SQL."
"The customization in the front end is a bit difficult."
"When it comes to large datasets, the data should be extracted faster."
"Navigating through activities like cleansing, reshaping, and wrangling extensive or complicated datasets could prove challenging within the Tableau environment."
"The solution could improve the scalability, it is difficult to make changes."
"Lacks customization in some areas."
Splunk Enterprise Security is ranked 2nd in Security Information and Event Management (SIEM) with 65 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 18 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "Can be used to find any threats or vulnerabilities inside a user’s environment". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Azure Monitor, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and SAP Analytics Cloud.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.