Try our new research platform with insights from 80,000+ expert users

Splunk Enterprise Security vs VMware Aria Operations for Applications comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk Enterprise Security
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
318
Ranking in other categories
Log Management (2nd), Security Information and Event Management (SIEM) (1st), IT Operations Analytics (1st)
VMware Aria Operations for ...
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
12
Ranking in other categories
Application Performance Monitoring (APM) and Observability (29th), IT Infrastructure Monitoring (31st), Container Monitoring (6th), Cloud Monitoring Software (23rd)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. Splunk Enterprise Security is designed for Security Information and Event Management (SIEM) and holds a mindshare of 9.4%, down 12.1% compared to last year.
VMware Aria Operations for Applications, on the other hand, focuses on Cloud Monitoring Software, holds 1.7% mindshare, up 1.2% since last year.
Security Information and Event Management (SIEM)
Cloud Monitoring Software
 

Featured Reviews

ROBERT-CHRISTIAN - PeerSpot reviewer
Has many predefined correlation rules and is brilliant for investigation and log analysis
It is very complicated to write your own correlation rules without the help of Splunk support. What Splunk could do better is to create an API to the standard SIEM tools, such as Microsoft Sentinel. The idea would be to make it less painful. In ELK Stack, Kibana is the query language with which you can search log files. I believe Splunk has also a query language in which they search their log files, but once you have identified the log file that you want to use for further security correlation, you want to very quickly transport that into your SIEM tool, such as Microsoft Sentinel. That is something that Splunk could make a little bit less painful because it is a lot of effort to find that log file and forward it. An API with Microsoft Sentinel or a similar SIEM tool would be a good idea.
ToniLindberg - PeerSpot reviewer
Troubleshooting capabilities have improved application monitoring and support engagement
I can see what happens end to end, which is pretty beneficial. The solution has troubleshooting capabilities, providing a direct connection to knowledge base articles from VMware Broadcom. When I encounter an error, I can search directly within the system to see what solutions have been employed by others. It has a familiar interface, which makes it easy to get started.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The reporting aspect is good and it does what I need it to do."
"The community marketplace is useful; often, you do not need to rely on Splunk Enterprise Security support due to the wealth of online documentation available—Splunk docs are truly beneficial."
"Splunk Enterprise Security is a very useful application to collect all the logs and also to find out the problems. You can easily create whatever you want by using its features, and it also has the capability to collect from all kinds of different platforms. Splunk Enterprise Security provides me with all the alerts."
"It has been really good at consolidating a lot of data from different sources. It's really good at generating summaries."
"The solution's most valuable feature is the dashboard, which allows us to see everything on the same page and provides easy visibility into problems."
"The solution helped reduce our alert volume."
"It has increased our business resilience. It's a top-of-the-line SIEM security product. It's the best tool for our security analysts which helps them do their job better. That then protects our company from adversary actors."
"The solution's most valuable feature is the aggregation of all the logs in one place, using enterprise securities built-in or ESCU use cases to find them."
"The most valuable aspects of the solution are its ease of use and its ease of implementation."
"No issues with stability."
"The solution is great for virtualization and preparing the infrastructure in Tanzu to test products. It's very fast and has good visibility."
"People are very pleased with the implementation."
"For us, the ease of deployment in combination with TMZ was the most important part because we don't have to manually deploy a complex monitoring solution. We can more or less do that with the click of a button, and we are not dependent on the developers to provide us with all the necessary features and functions to make that work. We can just deploy it on a workload cluster and monitor at least a good part of the workload. If we want to go into detail, we clearly need to make changes, but for a good part of application monitoring, it gives us good insights."
"The stability of Aria Operations for Applications has improved significantly over the years."
"This solution allows me to have true visibility for any metrics when it comes to my cloud, and private."
"Tanzu itself, integrated with multiple solutions, bestows support and security upon a container platform, especially when it comes to managing open-source container platforms such as Kubernetes."
 

Cons

"It needs to improve the way to install third-party apps and enable installation without logging into splunk.com."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
"I would like some additional AI capabilities to provide additional information about things going wrong and things going well."
"Free-floating panels in the dashboards are like a glass table."
"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."
"I feel as though a major focus of upcoming releases should be set on Machine Learning, Predictive Analytics, and I would enjoy to see more security focused add-ons and apps developed by the vendor."
"The documentation is in definite need of improvement."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"I find that there could be improvements in the support service response time, as the urgency varies unless specified as Priority 2 or 1 cases."
"I would like to see integration with Kubernetes cluster and APIs so that you can manage the entire stack."
"The main problem I have is that the license cost is very high."
"The initial setup should be easier and more seamless."
"The solution could be expensive, which might be a limiting factor."
"I find that there could be improvements in the support service response time, as the urgency varies unless specified as Priority 2 or 1 cases."
"Its billing model is consumption-based. I understand the consumption-based model, but it is not necessarily easy to estimate and guess how many points or how much we are going to consume on a specific application up until we get to that point. So, for us, it would be helpful to have more insights or predictability into what we can expect from a cost perspective if we are starting to use specific features. This can potentially also drive our consumption a bit more."
"The return on investment is best suited for organizations that do not have the resources for a dedicated VM environment team. However, the cost of the product doesn't show significant benefits."
 

Pricing and Cost Advice

"The pricing could be made more competitive."
"Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
"While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."
"I think that most of the log analytics solutions are expensive and I'm not sure if it's worth it."
"As a team, we prefer the old pricing model with a perpetual license. We are still evaluating the whole subscription-based model."
"Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
"I believe there is room for improvement in reducing costs, particularly in the financial aspect, as Splunk tends to be pricier compared to other options."
"The price of this solution is expensive. However, it has great features. If you want a great solution you need to pay a price matching the features."
"The licensing costs are very high, particularly when you consider that we have to purchase a level 1 license for every integration, such as the load balancer, HAProxy, and the MSSP. And if you want to use vSAN, that's another license. Then, of course, Tanzu Observability has its own separate license."
"I don't have the details. In our case, there is a mixture in place. We have production usage, and we are also doing training for VMware. So, we also have a training instance. It is worth the money you would spend on it. That's because if you were to build all of this yourself by using some of the open source tools, then you would need a lot of time."
"I would rate the pricing as three out of five."
"Different locations require different setups. In your terms, around 300 to around 400K USD."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
8%
Government
7%
Financial Services Firm
14%
Manufacturing Company
11%
Computer Software Company
11%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
How does Splunk compare with Azure Monitor?
Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we...
What is your experience regarding pricing and costs for VMware Tanzu Observability by Wavefront?
The cost of VMware Aria Operations for Applications is fair and reasonable compared to what we receive in support and packages from VMware.
What needs improvement with VMware Tanzu Observability by Wavefront?
I find that there could be improvements in the support service response time, as the urgency varies unless specified as Priority 2 or 1 cases.
What is your primary use case for VMware Tanzu Observability by Wavefront?
Our primary use case for VMware Aria Operations for Applications is to enhance application monitoring tasks, allowing us to set up alerts for different components and send them via SMTP to a team d...
 

Also Known As

No data available
Tanzu Observability, Wavefront, Wavefront by VMware, VMware Tanzu Observability
 

Overview

 

Sample Customers

Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
1. Atlassian 2. Cisco 3. Databricks 4. DigitalOcean 5. Equinix 6. Fidelity Investments 7. Google 8. Hewlett Packard Enterprise 9. Honeywell 10. IBM 11. Intel 12. JetBlue Airways 13. LinkedIn 14. Lyft 15. Mastercard 16. Microsoft 17. MongoDB 18. Netflix 19. Nvidia 20. Oracle 21. PayPal 22. Pinterest 23. Qualcomm 24. Red Hat 25. Salesforce 26. SAP 27. Spotify 28. Square 29. TMobile 30. Twitter 31. Uber 32. VMware
Find out what your peers are saying about Splunk Enterprise Security vs. VMware Aria Operations for Applications and other solutions. Updated: May 2023.
861,481 professionals have used our research since 2012.