FortiSIEM vs. Splunk Enterprise

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
FortiSIEM
Score 8.6 out of 10
N/A
Fortinet offers security information and event management via FortiSIEM, their product line featuring asset discovery and rapid assessment for location of threat and their remediation.N/A
Splunk Enterprise
Score 8.8 out of 10
N/A
Splunk is software for searching, monitoring, and analyzing machine-generated big data, via a web-style interface. It captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.N/A
Pricing
FortiSIEMSplunk Enterprise
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FortiSIEMSplunk Enterprise
Free Trial
NoYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
More Pricing Information
Features
FortiSIEMSplunk Enterprise
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
FortiSIEM
5.3
1 Ratings
Splunk Enterprise
8.6
52 Ratings
Centralized event and log data collection6.01 Ratings9.251 Ratings
Correlation7.01 Ratings9.950 Ratings
Event and log normalization/management6.02 Ratings9.699 Ratings
Deployment flexibility3.01 Ratings9.647 Ratings
Custom dashboards and workspaces4.02 Ratings10.0101 Ratings
Host and network-based intrusion detection6.01 Ratings7.636 Ratings
Integration with Identity and Access Management Tools00 Ratings9.147 Ratings
Data integration/API management00 Ratings7.93 Ratings
Behavioral analytics and baselining00 Ratings7.03 Ratings
Rules-based and algorithmic detection thresholds00 Ratings8.23 Ratings
Response orchestration and automation00 Ratings6.73 Ratings
Reporting and compliance management00 Ratings8.63 Ratings
Incident indexing/searching00 Ratings8.63 Ratings
User Ratings
FortiSIEMSplunk Enterprise
Likelihood to Recommend
6.0
(1 ratings)
9.3
(68 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(17 ratings)
Usability
-
(0 ratings)
9.0
(3 ratings)
Availability
-
(0 ratings)
10.0
(2 ratings)
Support Rating
-
(0 ratings)
8.4
(33 ratings)
Implementation Rating
-
(0 ratings)
9.0
(4 ratings)
Product Scalability
-
(0 ratings)
9.1
(1 ratings)
User Testimonials
FortiSIEMSplunk Enterprise
Likelihood to Recommend
Fortinet
If budget is an issue then Fortisiem fits well, as it's more than a typical SIEM solution. It can integrate with environmental monitoring systems, UPS HVAC etc. It can be used as the CMDB solution etc. If fine-tuned and looked after it can actually bring a lot of value for less.
Read full review
Splunk
Pros: Splunk is very well suited if you have multiple log sources of related data. All of them can be correlated and tasks can be automated based on the requirement. Other than alerts, Splunk can also run a specific script of your choice, based on some defined conditions. Cons: If you have a few logs but a large number of log sources, Splunk can be very expensive.
Read full review
Pros
Fortinet
  • Log aggregation and analytics
  • CMDB
  • Device inventory and remote management .
  • It can be used by Managed Security Providers who have multiple customers as it offers multi organization support .
Read full review
Splunk
  • Real-time + Scheduled alerts - i-e you can set up alerts which are actively monitoring your logs
  • Pretty good response time for search results. With our key/value logging, Splunk makes it blazing fast to query the data.
  • Dashboards provide insights into historical data
  • Love how Splunk indexes all of the data and provides keys to search on
Read full review
Cons
Fortinet
  • Non-intuitive/unattractive user interface
  • Too many features that will usually remain unused
  • Very crowded (too many icons) portal
  • The reporting feature is confusing, e.g. you have to click on the "refresh" button to get the result of your inquiry. The report generation process can be much easier, as the user interaction is not pleasant.
Read full review
Splunk
  • At times some queries can run slowly if indices are not on a portion of the query you use.
  • Setup time initially can be difficult if your logs aren't stored in common locations or in a common way to write the log.
  • Ability to ingest logs from different locations without having to change code to put logs in a certain place (pro and con).
  • Searches can be a bit more difficult to look through if your log isn't pulled in a manner that is easy to read through splunk.
Read full review
Likelihood to Renew
Fortinet
No answers on this topic
Splunk
We are using Splunk extensively in our projects and we have recently upgraded to Splunk version 6.0 which is quite efficient and giving expected results. We keep track of updates and new features Splunk introduces periodically and try to introduce those features in our day to day activities for improvement in our reporting system and other tasks.
Read full review
Usability
Fortinet
No answers on this topic
Splunk
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
Read full review
Reliability and Availability
Fortinet
No answers on this topic
Splunk
When properly setup and configured, Splunk is extremely reliable.
Read full review
Support Rating
Fortinet
No answers on this topic
Splunk
Splunk maintains a well resourced support system that has been consistent since we purchased the product. They help out in a timely manner and provide expert level information as needed. We typically open cases online and communicate when possible via e-mail and are able to resolve most issues with that method.
Read full review
Implementation Rating
Fortinet
No answers on this topic
Splunk
Smooth without too many major issues.
Read full review
Alternatives Considered
Fortinet
No answers on this topic
Splunk
I wanted to learn a new language that I can quickly master and implement. Splunk is easy, fun to use and best of all, it can be developed in hours not days or weeks. Splunk is fundamentally a programming language that is minimal but yet powerful enough to collect, analyze and visualize data.
Read full review
Scalability
Fortinet
No answers on this topic
Splunk
Splunk can scale in to the petabyte per day range which of course is awesome
Read full review
Return on Investment
Fortinet
  • Other SIEM solutions were cost prohibitive at the time of purchase (2016).
  • Just like any other SIEM, it helped draw a better picture of our current security posture.
Read full review
Splunk
  • Overall very positive. It has provided visibility to what is going on within our network.
  • One drawback is the time it takes to get up to speed with the application, but this is up to the user, and Splunk education is excellent.
  • In my field, IT Security, there are few other friends to have in your back pocket better than Splunk. They are just that good.
Read full review