Try our new research platform with insights from 80,000+ expert users
it_user129642 - PeerSpot reviewer
Systems Administrator at a energy/utilities company with 10,001+ employees
Vendor
Download
Splunk vs LogLogic: Splunk stands out for its ability to consume almost any log type and it's ease of searching

What is most valuable?

Splunk – ease of searching large amounts of data. 

How has it helped my organization?

Splunk – real time alerts on critical indicators, compliance reports, troubleshooting and predictive abilities using trends. 

For how long have I used the solution?

Splunk – 3 years 

What was my experience with deployment of the solution?

Splunk – Had one issue requiring a support call regarding the configuration of the automated configuration deployment package. Quickly resolved. 
Buyer's Guide
Splunk Enterprise Security
September 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
868,787 professionals have used our research since 2012.

What do I think about the stability of the solution?

Splunk – None. 

What do I think about the scalability of the solution?

Splunk – Not needed yet. 

How are customer service and support?

Splunk – Splunk has a very knowledgeable support staff and the Splunk support website is outstanding. The message boards are very active and often using them will often prevent having to call support. 

How was the initial setup?

Splunk – Easy, but can get very complex depending on the type of logs to ingest. While Splunk, out of the box, handles most common types. The extraction of data from custom logs can be problematic. Although Splunk does provide tools for accomplishing this. 

What other advice do I have?

Both Splunk and LogLogic excel at their intended purpose. If you are looking for an appliance that you can stick in the rack, minimally configure and then forget about, you will like the LogLogic solution. If you need to regularly search different logs for different data you will like Splunk better.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user126639 - PeerSpot reviewer
Sr. Security Engineer at a university with 1,001-5,000 employees
Vendor
In additon to search and analytic capabilities, Splunk has under-the-cover capabilities for timestamp data.

Splunk is a pretty powerful piece of software. There is the obvious search and analytic capabilities it has but there is some robustness under the covers as well. One of those under-the-cover capabilities is detecting and understanding timestamp data. Its the sort of thing that as users of the software we simply accept and generally speaking don't spend a whole lot of time thinking about. 

From an admin perspective as you start to put some effort into understanding your deployment and making sure things are working correctly one of the items to look at is the DateParserVerbose logs. Why you ask? I've recently had to deal with some timstamp issues. These internal logs generally document problems related to timestamp extraction and can tell you if, for example, there are logs being dropped for a variety of timestamp related reasons. 

Dropped events are certainly worthy of some of your time! What about logs that aren't being dropped but for one reason or another Splunk is assigning a timestamp that isn't correct? 

Continue reading this post on my blog here.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Splunk Enterprise Security
September 2025
Free Report: Splunk Enterprise Security Reviews and More
Learn what your peers think about Splunk Enterprise Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
DOWNLOAD NOW
868,787 professionals have used our research since 2012.
PeerSpot user
Senior Manager of Network with 1,001-5,000 employees
Vendor
Splunk is great for Syslog capabilites. For normal device management, you can't go wrong with SolarWinds.

I'd go with Splunk for logging. For Syslog capabilities, Splunk wins outright from my experience. It's quick, very customizable, and there are many different modules some specific for vendors and devices. (Cisco Security Suite for one). 

If you are really into SolarWinds and want to use them for Syslog then I would go with Kiwi. SolarWinds NPM has a syslog collector but under heavy load (a few hundred devices) it will get bogged down real quick in my experience.

If you are looking for normal device management then NPM, NCM, NTA are the way to go. You can't go wrong with SolarWinds.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
it_user167895 - PeerSpot reviewer
it_user167895Project Manager and consultant enterprise IT tooling at a consultancy with 51-200 employees
Consultant
Report as inappropriate

Kiwi syslog for SolarWinds must be seen as a patch for SolarWinds Orion NPM. SolarWinds will release a LOG management module for the Orion NPM platform but this product is in an early state of log collecting, searching and filtering. Splunk can be a good tactical solution to filter out and forward important events to SolarWinds Orion NPM

Like(0)Reply
See all 2 comments
it_user121728 - PeerSpot reviewer
Head of Service Integrity with 1,001-5,000 employees
Vendor
It can probably do anything if you tweak it enough but it's not cheap.

Splunk is really good at log parsing events over time. It is quick to drill in and analyze and it is quick to build a presentation layer and automate reporting. I love it for problem analysis and event management however it is not a capacity management tool. 

It can be a cm tool but not a good tool for projections etc. There are many tools that claim to be cm tools but they are usually expensive and miss the basic day to day challenges of capacity management. Eg: excluding backups from day peaks, removing outliers, forward trending, accepting data from any source. Start by getting your key data extracted from reliable sources and other tools.

The charting and presentation layer is impressive and quick. It can probably do anything if you tweak it enough. I would call it a very handy tool but probably not the tool. It is not that cheap either. I have used it personally to analyze big data as well as creating knowledge from some ordinary logging. I then created some pretty cool dashboards but they were more operational dashboards.

I don't think we could afford it as a capacity tool but we can use the data it simplified.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
reviewer1086690 - PeerSpot reviewer
Enterprise Client Executive at a tech services company with 11-50 employees
Reseller
Download
Good user community, good support, and very powerful
Pros and Cons
  • "The Splunk user community and forum are most valuable."
  • "Its interface could be improved."

What is our primary use case?

We use it for security operations and management.

What is most valuable?

The Splunk user community and forum are most valuable.

What needs improvement?

Its interface could be improved. 

For how long have I used the solution?

We have been a reseller for three years.

What do I think about the stability of the solution?

It is stable. It is very powerful.

How are customer service and support?

Their support is good.

How was the initial setup?

Its initial setup is complex. You're going to need deployment services from somebody who is an expert in the product. You would need at least two users. 

What other advice do I have?

It is hard to integrate because it can do so many things. A lot of people think it is a set-it-and-forget-it solution, but it is a full-time job for somebody. I would advise others to plan and prepare for ongoing management. It requires a dedicated person for management. 

Compared to other SIEMs, it is a 10 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
SA
CyberSecurity Consultant at Information Technology Solutions- ITS
Real User
Download
Fast and easy to use, but could be faster
Pros and Cons
  • "The solution is very fast and succinct."
  • "I feel the solution to be too slow."

What is most valuable?

The solution is very fast and succinct. 

What needs improvement?

When it comes to out of the box use cases, I feel the solution to be too slow. 

For how long have I used the solution?

I have not been working with Splunk for long. 

How was the initial setup?

The initial setup was simple. 

It took an hour. 

Which other solutions did I evaluate?

Curator is more scalable than certain other solutions. 

What other advice do I have?

We are partners of Splunk and provide the solution to customers. 

I feel Splunk is easy to utilize. 

My company has an app. on which the solution is deployed on-premises on a single server. 

There is another team in my company that works with Splunk products. 

I rate Splunk as a seven-point-five out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
reviewer1591122 - PeerSpot reviewer
Technical Architect, Cloud Operations at a computer software company with 5,001-10,000 employees
Real User
Download
Stable, good integrations, and works well
Pros and Cons
  • "It has quite extensive support in terms of integration. If you want to do anything, there are tools for that."
  • "Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it."

What is most valuable?

I am just a user, and from a user's perspective, it does the job.

It has quite extensive support in terms of integration. If you want to do anything, there are tools for that.

What needs improvement?

Its reporting can be improved. That's the only complaint I have heard. I don't need the reporting part, but I know that other people in the organization need it.

In terms of new features, I got everything that I needed from the tool. If they want to expand the capabilities to different things, they can cover topics besides log aggregation, etc.

For how long have I used the solution?

I have been using this solution for two years. I am not using it on a daily basis.

What do I think about the stability of the solution?

It is stable. We don't seem to have any problems related to bugs. We are very happy with it.

What about the implementation team?

We have our own internal team for its maintenance.

What other advice do I have?

I would recommend this solution. If you are a technical person, it does what you need. If you are not a technical person and you require graphs, that's a different story.

I would rate Splunk a ten out of ten because I have no problems with it.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
reviewer1584621 - PeerSpot reviewer
Cyber Security Consultant at a computer software company with 11-50 employees
MSP
Download
Customizable and has average installation difficulty
Pros and Cons
  • "I have found the installation can be of medium difficulty to very complex depending on the use case."
  • "There is improvement needed when importing from some types of data sources."

What needs improvement?

There is improvement needed when importing from some types of data sources. Most of the time you have to do some customization for the data because not everything is working the way it should. Additionally, in other solutions, it is easier to build use cases.

For how long have I used the solution?

I have been using this solution for approximately three years.

Which solution did I use previously and why did I switch?

I have previously used Curator and it was much easier to use than this solution.

How was the initial setup?

I have found the installation can be of medium difficulty to very complex depending on the use case. It is not easy for new customers. You need to have the experience to be able to do it.

What other advice do I have?

When using this solution for Security Information Management(SIM), I highly recommend importing data sources from the whole cycle for the service security chain. Some people only use main inputs and not all of the data sources they have. They might not have some data sources, in this case, you can purchase one or there are free open-source ones available. You will then have this data source that can enrich your life because many correlations are done with this data. 

I rate Splunk an eight out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Splunk Enterprise Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2025
DOWNLOAD NOW
Buyer's Guide
Download our free Splunk Enterprise Security Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
Splunk Enterprise Security
September 2025
DOWNLOAD NOW
Quick Links
Learn More: Questions: