We performed a comparison between Security Onion and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Its usability is the best part. It is easy for our developers to use if they want to search their logs, etc."
"The most valuable feature is the DSS, also known as SPL, because it allows users to script advanced queries with limited knowledge."
"Being able to track impossible travel logins and things of that nature is valuable. We can track user logins from various IPs, various countries, and at various times to see if everything adds up."
"Out-of-the-box, it seems very powerful."
"The speed of the search engine"
"I like the search feature and the indexing. It's very fast and comprehensive."
"Exporting is a good feature. It helps me out when I have to do reports. I do a lot of exporting and crunching of the numbers. Dashboards are okay for showing to the leadership, but for doing statistics and updating tickets, the export feature is very beneficial for me."
"The most valuable aspect of the solution is the dashboard. It's very intuitive."
"The product is not easy to learn."
"The initial setup of the solution is a little bit difficult."
"Security Onion's user interface could be improved."
"I'd like to see more integration with more antivirus systems."
"I would like the ability to view logs for specific instances and not have to pull the logs for the entire Cloud environment in Splunk."
"It requires a significant amount of relatively complex architecture once you push past the single server instance."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"Splunk Enterprise Security has not helped reduce our alert volume."
"We usually have to follow up with technical support on our open cases."
"I would like to get visibility into the data pipelines on heavy forwarders and indexers to see exactly their source and the cause of saturation when it occurs. This would help us learn even more about our high use applications."
"The price has room for improvement."
Security Onion is ranked 30th in Log Management with 3 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Security Onion is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Graylog and Kali Linux, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Security Onion vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.