TrustRadius

FortiSIEM vs. Splunk Enterprise

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
FortiSIEM
Score 7.8 out of 10
N/A
Fortinet offers security information and event management via FortiSIEM, their product line featuring asset discovery and rapid assessment for location of threat and their remediation.N/A
Splunk Enterprise
Score 8.4 out of 10
N/A
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.N/A
Pricing
FortiSIEMSplunk Enterprise
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FortiSIEMSplunk Enterprise
Free Trial
NoYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
FortiSIEMSplunk Enterprise
Features
FortiSIEMSplunk Enterprise
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
FortiSIEM
5.3
1 Ratings
39% below category average
Splunk Enterprise
8.0
68 Ratings
2% above category average
Centralized event and log data collection6.01 Ratings9.065 Ratings
Correlation7.01 Ratings8.266 Ratings
Event and log normalization/management6.01 Ratings9.067 Ratings
Deployment flexibility3.01 Ratings8.061 Ratings
Custom dashboards and workspaces4.01 Ratings8.167 Ratings
Host and network-based intrusion detection6.01 Ratings7.549 Ratings
Integration with Identity and Access Management Tools00 Ratings7.861 Ratings
Data integration/API management00 Ratings7.717 Ratings
Behavioral analytics and baselining00 Ratings7.414 Ratings
Rules-based and algorithmic detection thresholds00 Ratings8.014 Ratings
Response orchestration and automation00 Ratings7.515 Ratings
Reporting and compliance management00 Ratings8.017 Ratings
Incident indexing/searching00 Ratings8.318 Ratings
Best Alternatives
FortiSIEMSplunk Enterprise
Small Businesses
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 7.5 out of 10
Medium-sized Companies
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Enterprises
Sumo Logic
Sumo Logic
Score 8.8 out of 10
Sumo Logic
Sumo Logic
Score 8.8 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
FortiSIEMSplunk Enterprise
Likelihood to Recommend
6.0
(1 ratings)
8.2
(86 ratings)
Likelihood to Renew
-
(0 ratings)
7.0
(18 ratings)
Usability
-
(0 ratings)
7.9
(19 ratings)
Availability
-
(0 ratings)
10.0
(1 ratings)
Support Rating
-
(0 ratings)
8.0
(18 ratings)
Online Training
-
(0 ratings)
8.0
(1 ratings)
Implementation Rating
-
(0 ratings)
7.0
(3 ratings)
Product Scalability
-
(0 ratings)
9.1
(1 ratings)
User Testimonials
FortiSIEMSplunk Enterprise
Likelihood to Recommend
Fortinet
If budget is an issue then Fortisiem fits well, as it's more than a typical SIEM solution. It can integrate with environmental monitoring systems, UPS HVAC etc. It can be used as the CMDB solution etc. If fine-tuned and looked after it can actually bring a lot of value for less.
Eric V. Zarghami | TrustRadius Reviewer
Read full review
Cisco
It's well suited for what I do, which is network security operations. And that's for anything from troubleshooting incidents, troubleshooting performance, troubleshooting for the purpose of a compliance and auditing. It's not best suited for users who are new in terms of they're new to the product and they have expectations that probably Splunk cannot meet.
Verified User
Anonymous
Read full review
Pros
Fortinet
  • Log aggregation and analytics
  • CMDB
  • Device inventory and remote management .
  • It can be used by Managed Security Providers who have multiple customers as it offers multi organization support .
Eric V. Zarghami | TrustRadius Reviewer
Read full review
Cisco
  • It is very useful in creating custom rules for analyzing system logs and display relevant information. The query language is very easy to learn.
  • We can create custom UI to visualize the output of our data. The interface is very flexible. It also allows the sharing of rules among users.
  • There is an open online community to help others. Stackoverflow also has a splunk community. These resources make it more convenient to learn.
Kuntal Das | TrustRadius Reviewer
Kuntal Das
Security Analyst
Read full review
Cons
Fortinet
  • Non-intuitive/unattractive user interface
  • Too many features that will usually remain unused
  • Very crowded (too many icons) portal
  • The reporting feature is confusing, e.g. you have to click on the "refresh" button to get the result of your inquiry. The report generation process can be much easier, as the user interaction is not pleasant.
Eric V. Zarghami | TrustRadius Reviewer
Read full review
Cisco
  • Splunk light limits number of users to 5. Wish there was a flexible license, where one could add more users.
  • Splunk light does not let you add > few realtime alerts. Wish there was a flexible license, where one could add as many realtime alerts as wanted.
  • Better insight into daily ingestion values
Pooja Gada | TrustRadius Reviewer
Pooja Gada
Engineering Tech Lead
Read full review
Likelihood to Renew
Fortinet
No answers on this topic
Cisco
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
Verified User
Anonymous
Read full review
Usability
Fortinet
No answers on this topic
Cisco
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
Kenneth Taitingfong | TrustRadius Reviewer
Kenneth Taitingfong
Splunk Architect / Engineer
Read full review
Reliability and Availability
Fortinet
No answers on this topic
Cisco
When properly setup and configured, Splunk is extremely reliable.
Verified User
Anonymous
Read full review
Support Rating
Fortinet
No answers on this topic
Cisco
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Verified User
Anonymous
Read full review
Online Training
Fortinet
No answers on this topic
Cisco
The online course was simple clear and described the main capabilities of the solution. There is also an initial module that can be done for free so anyone can familiarize themselves with the functionality of this solution. On the other hand, however, there could be more free online courses. Maybe even with a certificate, this would broaden the group of people who are familiar with the platform while increasing familiarity with the solution itself.
Verified User
Anonymous
Read full review
Implementation Rating
Fortinet
No answers on this topic
Cisco
Smooth without too many major issues.
Verified User
Anonymous
Read full review
Alternatives Considered
Fortinet
No answers on this topic
Cisco
I didn't get to fully evaluate Logstash as our corporation was already using Logstash, but both seemed like viable solutions to the problem that we were having. I wanted to evaluate Logstash some more, both did seem like they would work for the business needs that we had, we went with splunk as many teams were already using it.
Verified User
Anonymous
Read full review
Scalability
Fortinet
No answers on this topic
Cisco
Splunk can scale in to the petabyte per day range which of course is awesome
Rick Yetter | TrustRadius Reviewer
Rick Yetter
Regional Director
Read full review
Return on Investment
Fortinet
  • Other SIEM solutions were cost prohibitive at the time of purchase (2016).
  • Just like any other SIEM, it helped draw a better picture of our current security posture.
Eric V. Zarghami | TrustRadius Reviewer
Read full review
Cisco
  • I don't have any numbers to share but Splunk has positively served as a 24/7 monitoring tool that has saved hours of work by self-detecting, saving statistics and alerting problems in the system or from external interfaces as soon as they happen.
  • Splunk dashboards does a solid job in collecting, analyzing data and creating reports that contain an entire day's activity and then automatically sent out to the business.
  • Splunk is very easy to learn and very useful to any program or business application.
Verified User
Anonymous
Read full review
ScreenShots