We compared Fortinet FortiAnalyzer and Splunk Enterprise Security across several parameters based on our users' reviews. After reading the collected data, you can find our conclusion below:
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real-time. Splunk Enterprise Security stands out for its efficiency, extensive integration options, and powerful search functionality.
Room for Improvement: Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Users say Splunk is a highly scalable and customizable solution. Splunk users recommended improvements in AI capabilities, user-friendliness, and analytics.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. While some users found Splunk support to be responsive and helpful, others reported slow response times and a lack of expertise.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some users thought Splunk Enterprise Security was easy to deploy, while others found it challenging and needed assistance from Splunk engineers or third-party integrators.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Some users consider Splunk Enterprise Security to be expensive, but others said the price is reasonable. A few users expressed concerns about the cost of scaling up the solution and managing large volumes of data.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Users said that it’s challenging to calculate an ROI for Splunk Enterprise Security, and the return varies depending on individual circumstances. While some users have observed a substantial ROI, others have not actively explored or been engaged in ROI conversations.
"The most valuable feature of Fortinet FortiAnalyzer is its performance."
"The product works well with other products."
"We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network."
"We use the solution for enterprise firewalls, URL filtering, and SD-WAN."
"It is very stable and reliable."
"The event handling solution in the platform is very good and useful."
"Based on the logs of Fortinet FortiAnalyzer you can have it trigger actions. For example, if the log has a word or a sentence you specified it can send an alert or Syslog to an email address."
"I would say that Fortinet's tech support is really good."
"Capability to expand the functionality through custom code for data inputs, commands, visualization, alerts, and machine learning."
"We solve issues that we previously could not since we now have the data."
"The metrics and trends that Splunk Enterprise Security generates using all the data points we send allow customers to understand better what their users are doing."
"The alerts are very effective."
"I have found the installation can be of medium difficulty to very complex depending on the use case."
"It has reduced the time to resolution, time to investigate, and time to troubleshoot for debugging issues."
"Its integration is most valuable. Its UI is also pretty much easy."
"It is user-friendly. It is more effective than other solutions. The support and help for troubleshooting and the documentation from Splunk make it very effective."
"Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking."
"The technical support takes at least two days to reply on any ticket post raised on their website."
"The FortiAnalyzer is not scalable."
"The UI can be more user-friendly for new users."
"We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution."
"The solution can improve the incident response function to provide more detailed information on where the incident is originating."
"From my point of view, at this time, the solution isn't lacking any features or functionalities."
"They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports."
"We were inundated with the amount of alerts and alarms that we could get out of it. It is also a resource hog and we didn't have the resources to support it on-prem so we're taking it offline now."
"The biggest problem is data compression. Splunk is an outstanding product, but it is a resource hog. There should be better data compression for being able to maintain our data repositories. We end up having to buy lots of additional storage just to house our Splunk data. This is my only complaint about it."
"Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."
"I haven't found a way for me to create my own plugins and integrate them into Splunk, but this isn't necessarily a limitation; it could simply be a lack of knowledge on my part."
"The complexity could be worked on so that it's even easier and faster."
"The security can be improved."
"My company could benefit from doing more Splunk training with Splunk consultants teaching us how to use it."
"Some of the terminology can be confusing, even for seasoned vets. Renaming components at this point would be a serious undertaking. However, it might be beneficial in the long run."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 240 reviews. Fortinet FortiAnalyzer is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Fortinet FortiAnalyzer is most compared with Wazuh, Graylog, Grafana Loki, LogRhythm SIEM and Datadog, whereas Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar and Elastic Security. See our Fortinet FortiAnalyzer vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.