• Home
  • BigPanda vs. Splunk Enterprise Security

BigPanda vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
BigPanda Logo
BigPanda
Read 12 BigPanda reviews
2,488 views|1,347 comparisons
75% willing to recommend
Splunk Logo
Splunk Enterprise Security
Read 240 Splunk Enterprise Security reviews
24,689 views|20,244 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
IT Infrastructure Monitoring
May 2024
Executive Summary

We performed a comparison between BigPanda and Splunk Enterprise Security based on real PeerSpot user reviews.

Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring.
To learn more, read our detailed IT Infrastructure Monitoring Report (Updated: May 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Anonymous User
Bad AI with primitive visualization and not configurable
The solution has a hard install, poor customer support, primitive and non-configurable visualizations. The best of a bad lot was the error message... Read more →
Anonymous User
Improves our incident response time, has customizable dashboards, and speeds up our security investigations
We will be ingesting logs from various sources, including firewalls, databases, Windows devices, and Linux devices. These logs will be used to... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features of BigPanda are the API integration was good. It enables us to do faster onboarding.""The main thing that we like about BigPanda is the user interface.""The event correlation is really good and it is able to reduce the noise. It is a good tool for anomaly detection.""Alert aggregation was the primary requirement. BigPanda pulls all this together into a single UI for us, allowing us to see related alerts grouped together into an incident, and enables us to easily create a JIRA ticket and Slack channel to manage an issue.""One of the most valuable features of BigPanda is its user-friendly interface.""BigPanda integrates well with other solutions, such as WatchGuard,""Alert deduplication and correlation - In an environment like the NOC where you're ingesting hundreds and thousands of alerts from various monitoring sources, it's time consuming and difficult to go through individual alerts and also difficult to spot critical issues. It's been great to have BigPanda not only deduplicate alerts but also correlate alerts that are seemingly unrelated, to create a clearer picture.""Easy integration - We've had challenges in the past integrating all of our various monitoring sources and tools into one central system. BigPanda, with the integrations that it already has, as well as offering webhook/REST API, has made it very easy for us to plug everything in."

More BigPanda Pros →

"It gives us the liberty to do more in terms of use cases.""Splunk has machine learning which is a valuable feature.""Splunk is a user-friendly solution.""The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data.""The scalability is good.""The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time.""Splunk setup is easy and straightforward. ​""We can present to our management in real time the security of the batch management for the PCs, security regarding the network equipment. We're currently working in the Azure Cloud project, so we can send any logs from the cloud to Splunk. We can monitor them and we can present to the managers and customers. It's a very good solution for reporting. We use Splunk for reporting and monitoring of any solution in the company."

More Splunk Enterprise Security Pros →

Cons
"Our infrastructure is quite large - tens of thousands of servers, often with 30-plus checks running on each host with one minute intervals. This generates a lot of data often in bursts (when we have a large scale failure). This has caused some delay in the ingestion pipeline.""BigPanda attempts a little of everything and fails at most.""BigPanda could improve by syncing its threshold settings with Dynatrace to align with users' familiarity.""The UI for this solution could be improved. It is very hard to find what you are looking for.""Lacks sufficient dashboard features.""The observability can be enriched with regards to infrastructure and the application-integrated environment. The dashboard and reports could be improved.""The usability needs to improve, because it is a pure code environment.""The cost of this product is too high compared to New Relic."

More BigPanda Cons →

"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model.""It is a challenge to manage the environment in such a way, that one’s log, even with the bandwidth license, isn’t exceeded.""We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved.""Technical support needs to be more responsive.""Writing queries is a bit complicated sometimes.""The initial setup is complex, but this is necessary. We needed to take into consideration how to direct log files from thousands of machines to Splunk, and how to ingest those files.""I would like Splunk to add more integration. QRadar has many indications with more products than Splunk.""Some of the queries are difficult to run and have room for improvement."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "They were great to work with on pricing/licensing. Given we are a high-growth company, we needed a flexible site license."
  • "We pay $200,000 USD per year."
  • "The price of BigPanda is in the middle compared to other solutions."
  • "BigPanda is cheaper than the competitors."

    • More BigPanda Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which IT Infrastructure Monitoring solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Any advice about APM solutions?
    Top Answer:There are many factors and we know little about your requirements (size of org, technology stack, management systems, the scope of implementation). Our goal was to consolidate APM and infra… more »
    Read all 5 answers   →
    What do you like most about BigPanda?
    Top Answer:One of the most valuable features of BigPanda is its user-friendly interface.
    Read all 11 answers   →
    What is your experience regarding pricing and costs for BigPanda?
    Top Answer:BigPanda is cheaper than the competitors.
    Read all 7 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    43rd
    out of 108 in IT Infrastructure Monitoring
    Views
    2,488
    Comparisons
    1,347
    Reviews
    7
    Average Words per Review
    343
    Rating
    6.3
    1st
    out of 80 in Security Information and Event Management (SIEM)
    Views
    24,689
    Comparisons
    20,244
    Reviews
    69
    Average Words per Review
    930
    Rating
    8.4
    Comparisons
    Learn More
    BigPanda
    Splunk
    Overview

    BigPanda Autonomous Operations platform is a cutting-edge solution that helps IT Ops, NOC and DevOps teams detect, investigate, and resolve IT incidents faster and more easily than ever before. Powered by Open Box Machine Learning, BigPanda correlates IT noise into insights, automates incident management, and unifies fragmented IT operations.

    BigPanda’s Autonomous Operations platform increases the ease with which IT administrators are able to both manage their systems and respond to issues that arise. It combines machine learning and automation, which not only provide administrators with reliable suggestions concerning future issues that may arise, but also allows for certain tasks to be assigned to the system itself. These allow organizations to save both time and resources that can be dedicated to more critical tasks.

    BigPanda’s Autonomous Operations platform possesses a simplified and unified user interface, enabling users to manage the solution from one place. The UI allows users to view and manage all of the information and controls that IT teams need to be able to easily access, providing a level of visibility that ensures users will be able to view all of their system’s most up-to-date and critical information at any time that they wish.

    Benefits of BigPanda Autonomous Operations Platform

    Some the benefits of using BigPanda’s Autonomous Operations platform include:

    • The ability to autonomously detect and respond to IT issues. BigPanda’s Autonomous Operations software autonomously searches for and detects issues. When found, its level-zero feature can then handle elementary tasks such as threat prioritization, which would otherwise require a dedicated team to handle. The solution can be adapted to meet your organization’s specific requirements.
    • The ability to receive new threat suggestions based on historical data. Armed with this knowledge, BigPanda’s Autonomous Operations’s machine learning algorithm makes reliable predictions of issues that might come up in the future.
    • The ability to manage BigPanda’s Autonomous Operations platform and view both real-time and historical data from a single interface. BigPanda’s Autonomous Operations platform UI is a centralized location where all levels of your organization’s IT teams can view system data and manage situations that may arise. The data displayed on this interface is always up-to-date. IT teams have the latest relevant information available to them at all times without having to conduct a search.

    Reviews from Real Users

    BigPanda’s Autonomous Operations platform stands out among its competitors for a number of reasons. Two major ones are its centralized user interface and its ability to easily integrate with other security solutions. The centralized UI gives users the ability to clearly see all their alert data in a single location without having to search for it. Its easy integration allows administrators to augment their IT security capabilities when they find it necessary to do so.

    PeerSpot user Larry C., the principal engineer in charge of site operations for a tech vendor, notes this benefit when he writes, "Alert aggregation was the primary requirement. BigPanda pulls all this together into a single UI for us, allowing us to see related alerts grouped together into an incident, and enables us to easily create a JIRA ticket and Slack channel to manage an issue."

    Another PeerSpot user, who is an independent entrepreneur in the IT environment at a tech services company, notes the flexibility of this platform when they write “BigPanda integrates well with other solutions, such as WatchGuard.”


    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    Nagios, ServiceNow, ITSM, NOC, CMDB Evolved, RemedyIncident Management Process
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm25%
    Computer Software Company16%
    Manufacturing Company9%
    Insurance Company6%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm15%
    Government9%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business42%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise9%
    Large Enterprise76%
    REVIEWERS
    Small Business31%
    Midsize Enterprise11%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    IT Infrastructure Monitoring
    May 2024
    Download Free Report
    Find out what your peers are saying about Zabbix, Datadog, Auvik and others in IT Infrastructure Monitoring. Updated: May 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    BigPanda is ranked 43rd in IT Infrastructure Monitoring with 12 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. BigPanda is rated 7.2, while Splunk Enterprise Security is rated 8.4. The top reviewer of BigPanda writes "Offers comprehensive alert monitoring and a user-friendly interface but requires manual validation to provide accurate alerts". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". BigPanda is most compared with ServiceNow, Moogsoft, PagerDuty Operations Cloud, ServiceNow IT Operations Management and Dynatrace, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.

    We monitor all IT Infrastructure Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.