We performed a comparison between Security Onion and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Security Onion is the most mature solution in the market."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"We use Security Onion for internal vulnerability assessment."
"The log aggregation is great."
"You can use it to gather syslog messages from anything."
"It is very easy to use and integrate. There are connectors for every technology."
"The ability to manipulate data in Splunk is unparalleled. Splunk’s powerful, flexible query language can morph difficult to understand log formats into usable data."
"There are quite a lot of things that we find useful. Splunk agents are useful and good. Its UI is quite impressive."
"Visualizations are the best way to understand deviation techniques from the norm."
"The dashboard and reporting are very good... It provides very good visibility in a hybrid cloud environment, and you can build custom utilization APIs using Splunk."
"The solution has made us more secure."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
"The initial setup of the solution is a little bit difficult."
"There is improvement needed when importing from some types of data sources."
"Spam has different plugins but by default, the logs are not organized, it shows that there are roll-ups that are out of the box. I saw many plugins that can help improve or extend Splunk's functionality but I haven't tried any of them."
"Certain sections of the developer documentation could use some updating and clarification."
"There are new services which are coming up. If Splunk can catch up with the speed of Amazon, and with the integration, instead of us waiting for another year or so, that would be good."
"We'd like Splunk to reduce false positives."
"Make it easy to use and the cost cheaper. This will help all organisations to implement Splunk."
"The user access control could be much more granular, so that the admins can control r/w/x access for specific features of the product like dashboards, etc."
"The historical data extraction needs improvement. I would like the capability of taking data and having it trend longer."
Security Onion is ranked 33rd in Log Management with 3 reviews while Splunk Enterprise Security is ranked 1st in Log Management with 246 reviews. Security Onion is rated 7.6, while Splunk Enterprise Security is rated 8.4. The top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Graylog and Kali Linux, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel. See our Security Onion vs. Splunk Enterprise Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.