We performed a comparison between Coralogix and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The Log analytics are useful."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The solution is easy to use and to start with."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution offers very good convenience filtering."
"A non-tech person can easily get used to it."
"The initial setup is straightforward."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"There are lots of free learning materials on their website."
"It allows for transparency into IT metrics for insightful business analytics."
"One key advantage of Splunk over competitors like IBM QRadar is its superior device integration capabilities."
"The technical support has been very good. They are very responsive and have been helpful."
"Speeds up root cause analysis and can help identify issues that your organization never realized were occurring."
"I am satisfied with the support."
"The most valuable feature of Splunk Enterprise Security is the comprehensive logging capabilities it provides."
"The fact that Splunk is a platform and not just a SIEM solution is a key benefit."
"I would like to see more AI used in processes."
"We'd like also a better ticketing system, which is older."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Maybe they could make it more user-friendly."
"The documentation of the tool could be improved"
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"The user interface could be more intuitive and explanatory."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"From my experience, Coralogix has horrible Terraform providers."
"Its interface and usability can always be improved."
"For on-premise, it's more about optimization. With such a heavy byte scale of data that we are operating on, the search for disparate data sometimes takes about a minute. This is understandable considering the amount of data that we are pumping into it. The only optimization that I recommend is better sharding, when it comes to Splunk, so that data retrieval can be faster."
"Splunk is not very user-friendly. It has a complex architecture in comparison to other solutions on the market."
"We had some connections issues with the solution at the beginning."
"We usually have to follow up with technical support on our open cases."
"The security can be improved."
"I would like to see more SIEM functionality and a better ticket tool."
"A problem that we had recently had was we licensed it based on how much data you upload to them every day. Something changed in one our applications, and it started generating three to four times as many logs and. So now, we are trying to assemble something with parts of the Splunk API to warn ourselves, then turn it off and throttle it back more. However it would be better if they had something systematically built into the product that if you're getting close to your license, then to shut things down."
Coralogix is ranked 23rd in Log Management with 7 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Coralogix is rated 8.4, while Splunk Enterprise Security is rated 8.4. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Elastic Search, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog. See our Coralogix vs. Splunk Enterprise Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.