Splunk Cloud vs. Splunk Enterprise Security (ES)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Splunk Cloud
Score 8.3 out of 10
N/A
A data platform service thats help users search, analyze, visualize and act on data. The service can go live in as little as two days, and with an IT backend managed by Splunk experts, users can focus on acting on data. Search any kind of data in real-time to detect and prevent issues before they happen with access to streaming and machine learning capabilities. Search any kind of data in real-time to detect and prevent issues before they happen with access to the latest streaming and machine…N/A
Splunk Enterprise Security (ES)
Score 8.4 out of 10
N/A
Splunk Enterprise Security (SIEM) is the company's flagship SIEM product, offered as a premium service to subscribers of Splunk Cloud or Splunk Enterprise.N/A
Pricing
Splunk CloudSplunk Enterprise Security (ES)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Splunk CloudSplunk Enterprise Security (ES)
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Splunk CloudSplunk Enterprise Security (ES)
Considered Both Products
Splunk Cloud

No answer on this topic

Splunk Enterprise Security (ES)
Chose Splunk Enterprise Security (ES)
All Splunk products are easy to integrate, and they collaborate in the security of our organization.
Chose Splunk Enterprise Security (ES)
We have both of these instances in our organization.
Chose Splunk Enterprise Security (ES)
Splunk Enterprise Security is well designed and provide many comprehensive features which able to protect and monitor the organization. The features are well being used and does not cause any performance issue. Overall the solution is quite stable. Technical support from Splunk …
Chose Splunk Enterprise Security (ES)
Splunk Enterprise Security is overall a better choice due to multiple factors. It can be easily deployed in any type of environment, whether you are looking for On-Premise or Cloud hosting. It scales amazingly well and it is very intuitive to use. It has a strong community, …
Chose Splunk Enterprise Security (ES)
Using Splunk Enterprise Security allows the combination of security data sources from any number of services or products, giving analysts a single view of the entire security footprint throughout the organization and correlating events across services that may otherwise be …
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Features
Splunk CloudSplunk Enterprise Security (ES)
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Splunk Cloud
9.0
15 Ratings
14% above category average
Splunk Enterprise Security (ES)
8.5
103 Ratings
9% above category average
Centralized event and log data collection9.015 Ratings9.2101 Ratings
Correlation9.615 Ratings8.8100 Ratings
Event and log normalization/management9.715 Ratings8.5101 Ratings
Deployment flexibility9.015 Ratings8.2102 Ratings
Integration with Identity and Access Management Tools9.313 Ratings8.097 Ratings
Custom dashboards and workspaces9.715 Ratings9.0103 Ratings
Host and network-based intrusion detection8.713 Ratings8.397 Ratings
Data integration/API management8.75 Ratings8.499 Ratings
Behavioral analytics and baselining9.04 Ratings7.996 Ratings
Rules-based and algorithmic detection thresholds8.36 Ratings8.697 Ratings
Response orchestration and automation8.04 Ratings7.588 Ratings
Reporting and compliance management8.76 Ratings9.096 Ratings
Incident indexing/searching9.36 Ratings8.7102 Ratings
Best Alternatives
Splunk CloudSplunk Enterprise Security (ES)
Small Businesses
AlienVault USM
AlienVault USM
Score 8.0 out of 10
AlienVault USM
AlienVault USM
Score 8.0 out of 10
Medium-sized Companies
Splunk Enterprise
Splunk Enterprise
Score 8.3 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.3 out of 10
Enterprises
Microsoft Sentinel
Microsoft Sentinel
Score 8.4 out of 10
Splunk Enterprise
Splunk Enterprise
Score 8.3 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Splunk CloudSplunk Enterprise Security (ES)
Likelihood to Recommend
8.9
(15 ratings)
8.8
(103 ratings)
Likelihood to Renew
-
(0 ratings)
8.8
(3 ratings)
Usability
8.0
(1 ratings)
7.6
(2 ratings)
Availability
-
(0 ratings)
9.1
(1 ratings)
Performance
-
(0 ratings)
8.2
(1 ratings)
Support Rating
7.2
(4 ratings)
6.6
(6 ratings)
In-Person Training
-
(0 ratings)
9.1
(1 ratings)
Online Training
-
(0 ratings)
8.2
(1 ratings)
Implementation Rating
-
(0 ratings)
9.1
(1 ratings)
Configurability
-
(0 ratings)
7.3
(1 ratings)
Contract Terms and Pricing Model
-
(0 ratings)
7.3
(1 ratings)
Ease of integration
-
(0 ratings)
6.4
(1 ratings)
Product Scalability
-
(0 ratings)
9.3
(101 ratings)
Professional Services
-
(0 ratings)
9.1
(1 ratings)
Vendor post-sale
-
(0 ratings)
8.2
(1 ratings)
Vendor pre-sale
-
(0 ratings)
8.2
(1 ratings)
User Testimonials
Splunk CloudSplunk Enterprise Security (ES)
Likelihood to Recommend
Splunk
Splunk is excellent when all your data is in one location. Its ability to correlate all that data is intuitive (once the hurdle of learning the query language is overcome). It is also easy to standardize the presentation of information to the company. When data is siloed/standalone, other systems can be cheaper and faster to implement.
Read full review
Splunk
Well suited: Splunk ES is highly recommended in an environment with many data sources and experienced computer engineers. It has a steep learning curve, but once that hurdle is crossed, it is absolutely a beast. It is also very expensive, so a company putting a high amount of budget in Security is needed. Not well suited: Splunk ES is not recommended if a company has only a few sources and some non-technical IT users. The price won't justify the fewer data sources and scratching just the surface level. Moreover, non-technical IT users would be better off with something that has a query builder, unlike Splunk.
Read full review
Pros
Splunk
  • This SIEM consolidates multiple data points and offers several features and benefits, creating custom dashboards and managing alert workflows.
  • Splunk Cloud provides a simple way to have a central monitoring and security solution. Though it does not have a huge learning curve, you should spend some time learning the basics.
  • Splunk Cloud enables me to create and schedule statistical reports on network use for Management.
Read full review
Splunk
  • Advanced Threat Detection and Correlation: ES stands out in its ability to detect sophisticated threats by correlating data from multiple sources. For instance, it can identify unusual patterns in user behavior, cross-referencing with network logs to flag potential insider threats.
  • Real-time Monitoring and Alerting: ES offers robust real-time monitoring capabilities. It excels in promptly alerting us to critical security events, such as suspicious network traffic spikes or unauthorized access attempts, allowing for immediate response.
  • Comprehensive Log Analysis: ES ingests and analyzes an extensive range of log data. It's particularly adept at parsing and making sense of complex log formats, making it a versatile tool for understanding system activities and security events.
Read full review
Cons
Splunk
  • The SPL programming language that the queries are built in is not very intuitive.
  • There should be a better repository of pre-built queries for what I would think of as common Active Directory usage monitoring.
  • I would like to see more free training/familiarization information made available.
Read full review
Splunk
  • ES on the cloud (SaaS) has too many limitations with platform administration.
  • Supported integrations are not always on par with enterprise support especially when dependent on 3rd-party proprietary APIs.
  • In later versions, unforeseen glitches seem to show up that have no resolution except version upgrade. This used to not be the case in prior versions which were very stable.
Read full review
Likelihood to Renew
Splunk
No answers on this topic
Splunk
We are very happy with Splunk and would advise anyone to take a serious look at it. It might look pricey but the rewards Splunk offers seem endless.
Read full review
Usability
Splunk
Overall, it is very usable. I would like if recent searches were saved for longer because I always have to refer to my notes when I'm looking for something specific and it's been a few weeks. But that's a small issue, and the actual search and browsing interface is easy to use and powerful.
Read full review
Splunk
You definitely need to learn how to use Splunk to get the most of the tool. There are many courses available for free to get up to speed on the usability of the tool but it's not that simple. It will take time to digest all the data and to understand how to query for what you are looking for.
Read full review
Reliability and Availability
Splunk
No answers on this topic
Splunk
I'm not an ES user, but, in my implementation I usually try to prevent all service stops to guarantee High availability to the final customers.
Read full review
Performance
Splunk
No answers on this topic
Splunk
ES requires a very performant infrastructure: if it has it's performant, otherwise not. I had situation with a very performant infrastructure and I didn't notized that it was a distributed architecture, it seemed that there ware few data on my PC, othewise I experienced less performant infrastructures with less performaces.
Read full review
Support Rating
Splunk
Splunk Cloud support is sorely lacking unfortunately. The portal where you submit tickets is not very good and is lacking polish. Tickets are left for days without any updates and when chased it is only sometimes you get a reply back. I get the feeling the support team are very understaffed and have far too much going on. From what I know, Splunk is aware of this and seem to be trying to remedy it.
Read full review
Splunk
It's good when it's responsive, but I've had times where I had to wait quite a while for a response. But these are typically the exceptions rather than the rule. When you do get a response it is always well-informed and appropriate. I would say they've been trending better over time with this.
Read full review
In-Person Training
Splunk
No answers on this topic
Splunk
I experienced only on-line training, but the trainers were very professional and competent. Maybe it could be more useful if they also have an experience in projects because sometimes they didn't have a real project experience to communicate to the students. Anyway, it was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself, aven if I have more than 10 years of Splunk activity experience.
Read full review
Online Training
Splunk
No answers on this topic
Splunk
It was very interesting and I learned many thing that's very difficoult (or maybe impossible!) to have by myself. The only problem was that, when I worked with the Splunk Professional Services, I found some difference between the training contents and the information from PS. In addition is required a long experience on Splunk Enterprise for the data ingestion part, in other words I'm able to work with ES because I'm worling on Splunk since 11 years, otherwise I'd some problem.
Read full review
Implementation Rating
Splunk
No answers on this topic
Splunk
It's a fantatic product and it was very useful the presence of Splunk Professional Services for the Design Phase and the final Health Check.
Read full review
Alternatives Considered
Splunk
Splunk Cloud blows Sumo Logic out of the water. The experience is night and day. We went from several highly stressed IT security professionals who were unsure if the data they were getting was valuable, to very happy IT security professionals who can now be more proactive and get all the information they need.
Read full review
Splunk
Splunk enterprise is the only solution that we’ve been able to identify that provides risk based alerting, which allows our SOC to reduce analyst fatigue which would be a huge problem without it. Before RBA, there were thousands of alerts a day and it was impossible to review all of them
Read full review
Contract Terms and Pricing Model
Splunk
No answers on this topic
Splunk
for my exterience, unit pricing and billing frequency are correct. As I already said, I hint to have more discount flexibility, expecially with new customers, because there are competitors less expensive and very aggressive that are dangerous. In addition the possibility to don't pay the license for the development period could be a very interesting feature for the final customers.
Read full review
Scalability
Splunk
No answers on this topic
Splunk
- 8 out of 10 and took 2 for the data pipeline and administration part. Even if you'd like to improve yourself or your team, you have to pay a lot of money and it could be more than GIAC education + cert. - Normalization for Data models and CPU-based searches can be a problem sometimes.
Read full review
Professional Services
Splunk
No answers on this topic
Splunk
I had a fantastic experience with Splunk Professional Services: they worked with us in our last SON project (a SOC migration for a very large customer) and helped to build a multi tenent environment even if ES isn't a multi tenant platform. Th Splunk PS was a very professional and competent people, he is italian and was able to speak with our italian customers.
Read full review
Return on Investment
Splunk
  • End-end visibility across your departmental silos
  • Strengthen the overall global monitoring posture
  • Move from Reactive to Proactive Monitoring
  • Highly secure environment at your finger-tips
  • Takes you away from managing infrastructure/administration, allows saving time & money. Reduce the overall TCO (Total Cost of Ownership)
Read full review
Splunk
  • ES has highly impacted ROI because as the customer of the ES the work we do for creating use cases for clients in terms of security-related aspects by their logs has given more return than investment.
  • The correlation searches we run to get detailed results from the Data models are very less time-consuming than Splunk Enterprise itself we can get quick responses to the use cases and dashboards populated because of ES.
  • The CIM compliance feature is ES has made more jobs easy in the terms of finding more Authentication related data we can get data onboarded in the Email data model from O365 and search is email data model instead of searching for particular indexes.
Read full review
ScreenShots