We performed a comparison between Splunk Enterprise Security and Tableau based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"Free ingestion for Azure logs (with E5 licence)"
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Support is quick and competent."
"I have not seen any outages in the product in the past two years that it has been running in our company, so I think it is good when it comes to the stability part."
"We are using Microsoft 365 and we're using the Exchange Mail Service. It's good for monitoring that in particular."
"Splunk is extremely flexible, which allows us to create custom visualizations along with other customizations."
"The scalability is good."
"The most valuable feature is that it's very good for log aggregation."
"Splunk setup is easy and straightforward. "
"We used it to create a custom anomaly detection data model to monitor the activity of our back-end services on an hourly basis relative to the past three months of activity."
"It is easy to use, and it can handle a large amount of data."
"It is a complete solution allowing a lot of integrations, different graphics, multiple operations and analyzes our date and gives us meaning from it."
"It is a very stable product. It doesn't break."
"The most valuable feature is the user experience."
"We found Tableau has the quickest learning time out of the few other BI reporting tools that we have used."
"It is very easy to implement and to use."
"Tableau is very good in the front-end visualization compared to Power BI."
"It's very easy to set everything up."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"On-premises scaling of the solution is a bit more limited than it is on the cloud."
"The use cases provided by Splunk are a good starting point, but could cover many additional topics to ensure that a smaller or less experienced shop might maximize the value of an ES deployment."
"It's difficult to set up initially, and their billing model is also a bit complicated."
"Splunk needs local technical support."
"Splunk Enterprise Security should provide a better and richer integration."
"It works as intended for us, and we are getting everything that we need out of it. If anything, its initial setup can be improved a bit."
"Writing queries is a bit complicated sometimes."
"I'd like to see more integration with more antivirus systems."
"The forecasting feature in Tableau in my view is too limited because it must have dates but I should be able to predict the outcome of an event without having a date as part of the input."
"When it comes to large datasets, the data should be extracted faster."
"The charts need to be improved. The drawings and the visualization need to be more accurate."
"Improvements can be made in template support. The workbook file structure is really hard to version control. If there was some sort of version control support offered particularly for workbooks, that would help big time."
"The ability to use it on MAC machines. As far as I know, this is not possible."
"The process of embedding the dashboards on external portals and websites could be improved."
"If they could add global filters in the stories, more chart types, and default colours, it would help."
"The user story model is the most deceptive part of Tableau. It is a big marketing option, however, the reality is that it is not enough."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 240 reviews while Tableau is ranked 2nd in BI (Business Intelligence) Tools with 293 reviews. Splunk Enterprise Security is rated 8.4, while Tableau is rated 8.4. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of Tableau writes "Provides fast data access with in-memory extracts, makes it easy to create visualizations, and saves time". Splunk Enterprise Security is most compared with Wazuh, Dynatrace, IBM Security QRadar, Elastic Security and Datadog, whereas Tableau is most compared with Microsoft Power BI, Amazon QuickSight, Domo, SAS Visual Analytics and Databricks.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.