What users are saying about
25 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100
374 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100

Feature Set Ratings

  • Splunk Enterprise ranks higher in 1 feature set: Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM)

7.8

AlienVault OSSIM

78%
9.0

Splunk Enterprise

90%
Splunk Enterprise ranks higher in 11/13 features

Centralized event and log data collection

9.3
93%
10 Ratings
9.4
94%
50 Ratings

Correlation

7.9
79%
11 Ratings
9.8
98%
49 Ratings

Event and log normalization/management

8.3
83%
18 Ratings
9.6
96%
98 Ratings

Deployment flexibility

8.6
86%
11 Ratings
9.4
94%
46 Ratings

Integration with Identity and Access Management Tools

9.0
90%
6 Ratings
9.2
92%
46 Ratings

Custom dashboards and workspaces

9.3
93%
16 Ratings
9.8
98%
100 Ratings

Host and network-based intrusion detection

9.4
94%
9 Ratings
8.0
80%
35 Ratings

Data integration/API management

5.4
54%
2 Ratings
9.0
90%
2 Ratings

Behavioral analytics and baselining

5.7
57%
2 Ratings
7.5
75%
2 Ratings

Rules-based and algorithmic detection thresholds

6.1
61%
3 Ratings
9.5
95%
2 Ratings

Response orchestration and automation

7.4
74%
2 Ratings
7.0
70%
2 Ratings

Reporting and compliance management

8.0
80%
4 Ratings
9.5
95%
2 Ratings

Incident indexing/searching

7.3
73%
3 Ratings
9.0
90%
2 Ratings

Attribute Ratings

  • Splunk Enterprise is rated higher in 3 areas: Likelihood to Recommend, Usability, Support Rating

Likelihood to Recommend

9.0

AlienVault OSSIM

90%
11 Ratings
9.3

Splunk Enterprise

93%
67 Ratings

Likelihood to Renew

AlienVault OSSIM

N/A
0 Ratings
10.0

Splunk Enterprise

100%
17 Ratings

Usability

8.0

AlienVault OSSIM

80%
1 Rating
9.0

Splunk Enterprise

90%
3 Ratings

Availability

AlienVault OSSIM

N/A
0 Ratings
10.0

Splunk Enterprise

100%
2 Ratings

Support Rating

7.9

AlienVault OSSIM

79%
6 Ratings
8.4

Splunk Enterprise

84%
33 Ratings

Implementation Rating

AlienVault OSSIM

N/A
0 Ratings
9.0

Splunk Enterprise

90%
4 Ratings

Product Scalability

AlienVault OSSIM

N/A
0 Ratings
9.1

Splunk Enterprise

91%
1 Rating

Likelihood to Recommend

AlienVault OSSIM

If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.
Ivan Montilla Miralles | TrustRadius Reviewer

Splunk Enterprise

Pros: Splunk is very well suited if you have multiple log sources of related data. All of them can be correlated and tasks can be automated based on the requirement. Other than alerts, Splunk can also run a specific script of your choice, based on some defined conditions. Cons: If you have a few logs but a large number of log sources, Splunk can be very expensive.
Kuntal Das | TrustRadius Reviewer

Pros

AlienVault OSSIM

  • Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
  • SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
  • Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
  • Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.
Jose Quintero | TrustRadius Reviewer

Splunk Enterprise

  • Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs
  • Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data.
  • Dashboards provide insights into historical data
  • Love how Splunk indexes all of the data and provides keys to search on
Pooja Gada | TrustRadius Reviewer

Cons

AlienVault OSSIM

  • The reports are clunky and a bit tedious to parse through.
  • Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.
John Keenan | TrustRadius Reviewer

Splunk Enterprise

  • At times some queries can run slowly if indices are not on a portion of the query you use.
  • Setup time initially can be difficult if your logs aren't stored in common locations or in a common way to write the log.
  • Ability to ingest logs from different locations without having to change code to put logs in a certain place (pro and con).
  • Searches can be a bit more difficult to look through if your log isn't pulled in a manner that is easy to read through splunk.
Anonymous | TrustRadius Reviewer

Pricing Details

AlienVault OSSIM

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Starting Price

Splunk Enterprise

General

Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Entry-level set up fee?
No

Starting Price

Likelihood to Renew

AlienVault OSSIM

No score
No answers yet
No answers on this topic

Splunk Enterprise

Splunk Enterprise 10.0
Based on 17 answers
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
Anonymous | TrustRadius Reviewer

Usability

AlienVault OSSIM

AlienVault OSSIM 8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero | TrustRadius Reviewer

Splunk Enterprise

Splunk Enterprise 9.0
Based on 3 answers
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
Kenneth Taitingfong | TrustRadius Reviewer

Reliability and Availability

AlienVault OSSIM

No score
No answers yet
No answers on this topic

Splunk Enterprise

Splunk Enterprise 10.0
Based on 2 answers
When properly setup and configured, Splunk is extremely reliable.
Anonymous | TrustRadius Reviewer

Support Rating

AlienVault OSSIM

AlienVault OSSIM 7.9
Based on 6 answers
AlienVault OSSIM support has been very good. I have not had an issue that they were not able to quickly identify and provide a fix for. They are very quick to respond to open cases and are very knowledgeable in the product, which makes troubleshooting issues fast and solutions are provided quickly.
Laurie Keith | TrustRadius Reviewer

Splunk Enterprise

Splunk Enterprise 8.4
Based on 33 answers
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Anonymous | TrustRadius Reviewer

Implementation Rating

AlienVault OSSIM

No score
No answers yet
No answers on this topic

Splunk Enterprise

Splunk Enterprise 9.0
Based on 4 answers
Smooth without too many major issues.
Anonymous | TrustRadius Reviewer

Alternatives Considered

AlienVault OSSIM

Originally my organization leveraged alien value due to the lower cost of entry and ability to manage it as a service provider. Unfortunately, after several years of working with this tool, it became unwieldy to use as it felt that almost every useful report had to be created by hand. As other tools have come out with the ability to do automated responses such as Stellar Data processor, we have begun to evaluate alternatives.
Anonymous | TrustRadius Reviewer

Splunk Enterprise

I wanted to learn a new language that I can quickly master and implement. Splunk is easy, fun to use and best of all, it can be developed in hours not days or weeks. Splunk is fundamentally a programming language that is minimal but yet powerful enough to collect, analyze and visualize data.
Anonymous | TrustRadius Reviewer

Scalability

AlienVault OSSIM

No score
No answers yet
No answers on this topic

Splunk Enterprise

Splunk Enterprise 9.1
Based on 1 answer
Splunk can scale in to the petabyte per day range which of course is awesome
Rick Yetter | TrustRadius Reviewer

Return on Investment

AlienVault OSSIM

  • It's difficult to put a monetary value on security, but with proper monitoring and alerting, incidents will be easier to avoid.
  • Helps with your compliancy, as it automatically alerts you for critical events.
  • Collects logs in the cloud, so protected from local issues, like SAN failures.
Anonymous | TrustRadius Reviewer

Splunk Enterprise

  • Overall very positive. It has provided visibility to what is going on within our network.
  • One drawback is the time it takes to get up to speed with the application, but this is up to the user, and Splunk education is excellent.
  • In my field, IT Security, there are few other friends to have in your back pocket better than Splunk. They are just that good.
Anonymous | TrustRadius Reviewer

Add comparison