We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"It's easy to set up the product."
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"I would say that Fortinet's tech support is really good."
"The traffic log information we receive from Fortinet FortiAnalyzer is valuable."
"Technical reports clearly identify system checks, locations and areas, how many times things escape, which firewall is affected, and source IDs."
"We use the solution for enterprise firewalls, URL filtering, and SD-WAN."
"The product works well with other products."
"The most valuable feature of Fortinet FortiAnalyzer is its performance."
"The graph visualization is the most valuable feature."
"The integration is seamless with many devices and operating systems."
"Splunk Enterprise Security is able to process a huge amount of data without any issues."
"The tool helps with advanced reports and keeps the system scalable and flexible. It provides a clear picture of the current status of any incidents. As a CISO, I see a lot of potential for future innovation, which is interesting. I've noticed better performance, especially with the reports."
"The fact that Splunk is a platform and not just a SIEM solution is a key benefit."
"Splunk's interface is user-friendly, and it has apps and add-ons for most applications. We can easily normalize the data to make it readable and understand the logs. We easily get all the field extractions and enrichment done by using the apps and add-ons. This helps us understand the application logs because the raw data is useless unless we extract some useful information from it. These add-ons make it so much easier."
"It has a big user base, so the community is useful."
"Splunk is quite flexible for our customers. Splunk does not filter from a specific lock, you can define it later."
"The setup of the solution can be improved because it is currently complex."
"The reports are good, but they are over-summarized."
"In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports."
"We'd like to see more embedded features."
"Fortinet FortiAnalyzer needs to improve its pricing flexibility."
"Writing queries is a bit complicated sometimes."
"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."
"Splunk could improve its default machine-learning models. Also, Splunk Enterprise's native threat intelligence isn't that good. I prefer a custom threat intelligence model."
"The cluster environment should be improved. We have a cluster. In the Splunk cluster environment, in the case of heavy searches and heavy load, the Splunk cluster goes down, and we have to put it in the maintenance mode to get it back. We are not able to find the actual culprit for this issue. I know that cluster has RF and SF, but it has been down so many times. There should be something in Splunk to help users to find the reason and the solution for such issues."
"I feel as though a major focus of upcoming releases should be set on Machine Learning, Predictive Analytics, and I would enjoy to see more security focused add-ons and apps developed by the vendor."
"We will receive alerts only for the administrators and deployment servers, but not for all servers."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"The UI could be better. This is applicable to Splunk in general. I know that a lot of people who get their hands on Splunk are hesitant to use it just because they find it overwhelming. There are a lot of options."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 86 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 244 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and Datadog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.