Splunk Enterprise Security is praised for its threat intelligence, analytics, and monitoring capabilities, as well as its customizable features. Users acknowledge the need for improvements in user interface, query language, alerting, and performance. The pricing is considered high but worth the investment, with positive feedback on operational efficiency and customer support. On the other hand, Honeycomb.io is appreciated for its advanced visualization, query support, and collaborative tools. Users cite challenges with integrations, interface complexity, pricing, and support resources. The ROI is positive, with users highlighting improved performance and productivity. Customer service is highly praised for its helpfulness and responsiveness.
Features: Splunk Enterprise Security excels in threat intelligence, analytics, and scalability. It offers real-time monitoring, user-friendly interface, and detailed reporting. Honeycomb.io stands out with advanced visualization, high cardinality query support, flexible querying, and collaborative features for real-time sharing and discussion.
Pricing and ROI: Splunk Enterprise Security typically has higher setup costs compared to Honeycomb.io, but users find the value justifies the investment. Honeycomb.io offers competitive pricing and straightforward setup, with flexible licensing options to suit different needs and budgets. Splunk Enterprise Security boasts enhanced operational efficiency, threat detection, incident response, and security event visibility. In comparison, Honeycomb.io focuses on valuable insights, troubleshooting efficiency, and cost savings.
Room for Improvement: Splunk Enterprise Security users desire a more user-friendly interface and simplified search queries. They also seek enhanced alerting/reporting features and improved performance. Conversely, Honeycomb.io users want better integrations, simpler UI, more affordable pricing, and improved support/documentation.
Deployment and customer support: Some users reported varying timelines for deployment and setup with Splunk, while users had mixed feedback on the timeframe for implementing Honeycomb.io, emphasizing the importance of considering the context in which these terms are used. Splunk Enterprise Security's customer service is commended for prompt responses, knowledgeable staff, and helpful solutions. In contrast, Honeycomb.io excels in clear communication, expert assistance, and responsiveness, enhancing the overall user experience.
The summary above is based on 140 interviews we conducted recently with Splunk Enterprise Security and Honeycomb.io users. To access the review's full transcripts, download our report.
"The solution's initial setup process was straightforward since we were getting enough support from Honeycomb.io's team."
"We can easily configure things as required in relation to our use cases."
"The solution helped reduce our alert volume."
"The Splunk user community and forum are most valuable."
"Three features stand out for me: the SDK for writing Python, the customizable and adaptable diagnostic dashboard, and the optimizer for collecting data."
"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."
"The most valuable feature is that it's very good for log aggregation."
"We can ingest and correlate data from virtually any type of system."
"It has helped us look at modern technology, as well as penetrate our legacy systems, to see where the bottlenecks are."
"The process of log scraping gets delayed on Honeycomb.io. At times, it gives false alerts to the application team."
"It would be nice if Splunk reduced the cost of training. Their training sessions are way too costly."
"Its pricing is extremely high. There are other tools out in the market that are competitive. They do not necessarily have all the functionality, but they are competitive. The professional services we have used have been high as well in comparison to the market."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"The use cases provided by Splunk are a good starting point, but could cover many additional topics to ensure that a smaller or less experienced shop might maximize the value of an ES deployment."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
"An area of improvement would be the licensing of the solution. They need a free license, which would allow faster lead times."
"We are waiting for Dashboard Studio to mature a little bit more. There are some things that we are using with Classic Dashboards which have not yet made it to Dashboard Studio. We are waiting for that."
"The configuration had a bit of a learning curve."
Honeycomb.io is ranked 37th in Application Performance Monitoring (APM) and Observability with 1 review while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews. Honeycomb.io is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Honeycomb.io writes "A valuable solution for application teams to identify downtime and SLO-related issues". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Honeycomb.io is most compared with Grafana, Sentry, Chronosphere, Azure Monitor and Prometheus, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Microsoft Sentinel.
We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
