• Home
  • Fortinet FortiAnalyzer vs. Splunk Enterprise Security

Fortinet FortiAnalyzer vs Splunk Enterprise Security comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiAnalyzer
Read 85 Fortinet FortiAnalyzer reviews
9,888 views|5,537 comparisons
90% willing to recommend
Splunk Logo
Splunk Enterprise Security
Read 240 Splunk Enterprise Security reviews
26,790 views|21,907 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Fortinet FortiAnalyzer vs. Splunk Enterprise Security
April 2024
Executive Summary
Updated on Sep 22, 2023

We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:

  • Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality. 

  • Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.

  • Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.

  • Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators. 

  • Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.

  • ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.

Conclusion: Users appreciate Splunk's superior log aggregation, data analytics, and dashboard functionalities but some bemoaned the lack of advanced AI capabilities and said Splunk could be more user-friendly. Fortinet excels in log collection and integration capabilities. However, it lags behind in areas such as pricing, technical support, and integration with other vendors and solutions. 
To learn more, read our detailed Fortinet FortiAnalyzer vs. Splunk Enterprise Security Report (Updated: April 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Featured Review
Daniel Coleman
It creates a central point of management and control, giving you real-time insight into what is going on.
FortiAnanalyzer ensures you have an accurate view of all your devices, so you don't need to check each one. The analyzer creates a central point of... Read more →
Anonymous User
Helps with the functioning of an organization's security operation center and to detect anomalies in data
My company has benefited from using Splunk Enterprise Security, which has helped us stay out of the headlines in newspapers. The tool helps detect... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of Fortinet FortiAnalyzer is its performance.""The product works well with other products.""We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network.""We use the solution for enterprise firewalls, URL filtering, and SD-WAN.""It is very stable and reliable.""The event handling solution in the platform is very good and useful.""Based on the logs of Fortinet FortiAnalyzer you can have it trigger actions. For example, if the log has a word or a sentence you specified it can send an alert or Syslog to an email address.""I would say that Fortinet's tech support is really good."

More Fortinet FortiAnalyzer Pros →

"Capability to expand the functionality through custom code for data inputs, commands, visualization, alerts, and machine learning.""We solve issues that we previously could not since we now have the data.""The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing.""The alerts are very effective.""I have found the installation can be of medium difficulty to very complex depending on the use case.""It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues.""Its integration is most valuable. Its UI is also pretty much easy.""It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."

More Splunk Enterprise Security Pros →

Cons
"Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking.""The technical support takes at least two days to reply on any ticket post raised on their website.""The FortiAnalyzer is not scalable.""The UI can be more user-friendly for new users.""We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution.""The solution can improve the incident response function to provide more detailed information on where the incident is originating.""From my point of view, at this time, the solution isn't lacking any features or functionalities.""They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports."

More Fortinet FortiAnalyzer Cons →

"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now.""The biggest problem is data compression. Splunk is an outstanding product, but it is a resource hog. There should be better data compression for being able to maintain our data repositories. We end up having to buy lots of additional storage just to house our Splunk data. This is my only complaint about it.""Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it.""I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part.""The complexity could be worked on so that it's even easier and faster.""The security can be improved.""My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it.""Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."

More Splunk Enterprise Security Cons →

Pricing and Cost Advice
  • "Its worth spending on FortiAnalyzer if you have multiple firewalls in your network."
  • "The hardware cost and services contract are fair."
  • "​It depends upon the company.​"
  • "The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis."
  • "All Fortinet programs come at a good price."
  • "We have several products including Fortinet Wireless, FortiGate Firewalls, and FortiAnalyzer, which are bundled together and cost approximately $50,000 USD annually."
  • "We have around 12 devices and yearly we spend approximately $14,000."
  • "The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users."

    • More Fortinet FortiAnalyzer Pricing and Cost Advice →

  • "Pricing and licensing is quite expensive. But for the value the product provides, it seems at par in the market."
  • "Although Splunk is an expensive product, it is designed to be utilized across your organization in order to maximize your ROI and lower your TCO."
  • "It is not cheap."
  • "Splunk Enterprise becomes extremely expensive after the 20GB/month license."
  • "You will eat up whatever you purchase quickly. The level of insights that Splunk empowers is addictive."
  • "Splunk licensing model might seem expensive but with all the gain in functionalities you will have compared to traditional SIEM solutions I think it’s worth the price."
  • "Pricing is pretty fair."
  • "While licensing can be a concern, there are ways to reduce the licensing costs including filtering some events."

    • More Splunk Enterprise Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about Fortinet FortiAnalyzer?
    Top Answer:The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects.
    Read all 49 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiAna...
    Top Answer:The pricing model is subscription-based. It involves payment for both the license and ongoing support. I would rate it seven out of ten.
    Read all 36 answers   →
    What needs improvement with Fortinet FortiAnalyzer?
    Top Answer:It would be beneficial to enhance the streamlining of the generation of automated reports related to compliance, such as PCI DSS or HIPAA, based on the logs collected. Automated reports focusing on… more »
    Read all 48 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    How does Splunk compare with Azure Monitor?
    Top Answer:Splunk handles a high amount of data very well. We use Splunk to capture information and as an aggregator for monitoring information from different sources. Splunk is very good at alerting us if we… more »
    Read all 2 answers   →
    Ranking
    8th
    out of 95 in Log Management
    Views
    9,888
    Comparisons
    5,537
    Reviews
    38
    Average Words per Review
    415
    Rating
    8.0
    1st
    out of 95 in Log Management
    Views
    26,790
    Comparisons
    21,907
    Reviews
    69
    Average Words per Review
    930
    Rating
    8.4
    Comparisons
    Learn More
    Fortinet
    Splunk
    Overview

    Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.

    Fortinet FortiAnalyzer Features

    Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:

    • Advanced threat detection capabilities
    • Centralized security analytics
    • End-to-end security posture awareness
    • Integration with FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, and FortiMail
    • Incident detection and response
    • Playbook automation
    • Event management
    • Security services
    • Analytics and reporting

    Fortinet FortiAnalyzer Benefits

    There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:

    • Flexible deployment options
    • Enterprise-grade high availability
    • Security automation to reduce complexity, leveraging REST API, scripts, connectors, and automation stitches
    • Multi-tenancy solution with quota management, leveraging (ADOMs) to separate customer data and manage domains for operational effectiveness and compliance

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.

    PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”

    Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”

    Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."

    Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”

    Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors. 

    Full visibility across your environment

    Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.

    Fast threat detection

    Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.

    Efficient investigations

    Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.

    Open and scalable

    Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.

    Sample Customers
    General Directorate of Information Technology
    Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
    Top Industries
    REVIEWERS
    Comms Service Provider19%
    Computer Software Company15%
    Manufacturing Company15%
    Financial Services Firm13%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government8%
    Comms Service Provider8%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm15%
    Government9%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business51%
    Midsize Enterprise22%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise51%
    REVIEWERS
    Small Business31%
    Midsize Enterprise11%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Fortinet FortiAnalyzer vs. Splunk Enterprise Security
    April 2024
    Free Report: Fortinet FortiAnalyzer vs. Splunk Enterprise Security
    Find out what your peers are saying about Fortinet FortiAnalyzer vs. Splunk Enterprise Security and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and Datadog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.