We performed a comparison between Elastic Observability and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For full stack observability, Elastic is the best tool compared with any other tool ."
"The Elastic User Interface framework lets us do custom development when needed. You need to have some Javascript knowledge. We need that knowledge to develop new custom tests."
"The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes."
"We can view and connect different sources to the dashboard using it."
"The solution allows us to dig deep into data."
"Machine learning is the most valuable feature of this solution."
"I have built a mini business intelligence system based on Elastic Observability."
"It's easy to deploy, and it's very flexible."
"The feature that I have found most valuable with Splunk is the ability to sift through a bunch of data very quickly."
"The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations."
"The most valuable feature is that it's very good for log aggregation."
"The reporting aspect is good and it does what I need it to do."
"You can use it to gather syslog messages from anything."
"It has a big user base, so the community is useful."
"The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages."
"Elastic Observability is an excellent product for monitoring and visibility, but it lacks predictive analytics. Most solutions are aligned with the AIOps requirements, but this piece is missing in Elastic and should be included."
"There is room for improvement regarding its APM capabilities."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"There's a steep learning curve if you've never used this solution before."
"The auto-discovery isn't nearly as good. That's a big portion of it. When you drop the agent onto the JVM and you're trying to figure things out, having to go through and manually do all that is cumbersome."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"There could be more low-code features included in the product."
"Splunk does not provide any default threat intelligence like Microsoft Sentinel, but you can integrate any third-party threat intelligence with Splunk. By default, no threat intelligence suite is there, whereas, with IBM QRadar or Microsoft Sentinel, the default feature of threat intelligence is there. It is free. If Splunk can provide a default threat intelligence suite, it would be better."
"The documentation is in definite need of improvement."
"The tool itself is very difficult to configure. It's great for its number of inputs, for the different types of systems devices, and things that it could collect information from. To actually make good use of it, you need a fairly dedicated team of people that have some reasonably good programming or modeling skills to be able to do the things that you need to do with it. Whereas a lot of the other tools are better packaged for that, and so require a lot less training and a lot less dedication."
"A lot of people are averse to using new tools so if they make it even more user-friendly than it already is, I think that could go a long way."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"Splunk should have more regional data centers in the Middle East."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"Considering the contract thing and the whole legal area, it takes forever to get the contracts signed and to be able to agree to the terms and conditions for my company as well as for Splunk's team."
Elastic Observability is ranked 14th in Log Management with 22 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Elastic Observability is rated 7.8, while Splunk Enterprise Security is rated 8.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Elastic Observability is most compared with Dynatrace, New Relic, Azure Monitor, Sentry and AppDynamics, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Elastic Observability vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.