Introducing G2.ai, the future of software buying.Try now
- Home
- ...
- Security Orchestration, Automation, and Response (SOAR) Software
- Microsoft Sentinel
- Splunk
- Microsoft Sentinel-vs-Splunk
Compare Microsoft Sentinel and Splunk Enterprise Security 
At a Glance
Market Segments
Enterprise (41.0% of reviews)
Enterprise (61.8% of reviews)
Entry-Level Pricing
Pay As You Go
No pricing available
Microsoft Sentinel
Star Rating
(289)4.4 out of 5
Market Segments
Enterprise (41.0% of reviews)
Entry-Level Pricing
Pay As You Go
Browse all 11 pricing plansSplunk Enterprise Security
Star Rating
(223)4.3 out of 5
Market Segments
Enterprise (61.8% of reviews)
Entry-Level Pricing
No pricing available
Learn more about Splunk Enterprise SecuritySummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that Splunk Enterprise Security excels in Log Management with a score of 9.4, which reviewers mention provides comprehensive capabilities for analyzing and managing logs effectively. In contrast, Microsoft Sentinel scores 8.8 in this area, indicating it may not be as robust in handling extensive log data.
- Reviewers mention that Microsoft Sentinel shines in Product Direction with a high score of 9.5, suggesting a strong commitment to evolving the product based on user feedback. Splunk Enterprise Security, while still positive, has a lower score of 7.8, indicating some users feel it may not be as forward-thinking.
- Users on G2 highlight that Splunk Enterprise Security offers superior Automated Remediation capabilities, scoring 8.6, which allows for proactive threat management. Microsoft Sentinel, however, matches this with an 8.7 in Automated Response, showing it also has strong features in this area.
- Reviewers say that Microsoft Sentinel provides a better user experience in terms of Ease of Use, scoring 8.5 compared to Splunk's 8.1. This suggests that users find Microsoft Sentinel more intuitive and easier to navigate.
- G2 users report that Splunk Enterprise Security has a strong focus on Incident Reporting, scoring 8.8, which users appreciate for its detailed and actionable insights. Microsoft Sentinel, while close with a score of 8.9, may not offer the same depth of reporting features.
- Users say that both products perform well in Activity Monitoring, with Splunk scoring 8.8 and Microsoft Sentinel at 8.9. However, reviewers mention that Microsoft Sentinel's integration with other Microsoft services enhances its monitoring capabilities, making it a more seamless choice for organizations already using Microsoft products.
Featured Products
Sponsored
EventSentry
(40)
Security Information and Event Management (SIEM)
Visit Website
Pricing
Entry-Level Pricing
Microsoft Sentinel
Pay-As-You-Go
Pay As You Go
Effective Per GB Price - $2.46
Savings Over Pay as You Go: N/A
- Pay-As-You-Go
Splunk Enterprise Security
No pricing availableFree Trial
Microsoft Sentinel
Free Trial is available
Splunk Enterprise Security
No trial information availableRatings
Meets Requirements
8.7
223
8.8
173
Ease of Use
8.5
229
8.1
177
Ease of Setup
8.3
128
7.7
94
Ease of Admin
8.3
124
8.2
89
Quality of Support
8.5
218
8.6
161
Has the product been a good partner in doing business?
8.8
119
8.9
87
Product Direction (% positive)
9.5
218
7.8
169
Features by Category
Network Management
8.9
167
8.8
92
|
Verified
8.4
159
8.1
82
|
Verified
8.8
163
9.4
29
|
Verified
Incident Management
8.7
166
8.7
89
|
Verified
8.7
162
8.4
85
|
Verified
8.9
163
8.8
88
|
Verified
Security Intelligence
8.7
165
8.2
80
|
Verified
8.3
158
7.9
80
|
Verified
8.5
159
8.5
86
|
Verified
8.5
159
8.5
87
|
Verified
Agentic AI - Security Information and Event Management (SIEM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security Orchestration, Automation, and Response (SOAR)Hide 11 FeaturesShow 11 Features
8.5
109
Not enough data
Automation
8.2
94
Not enough data
8.4
97
Not enough data
8.6
95
Not enough data
8.8
98
Not enough data
Orchestration
8.8
96
Not enough data
8.6
97
Not enough data
8.6
97
Not enough data
8.4
96
Not enough data
Response
8.6
99
Not enough data
8.1
93
Not enough data
8.5
89
Not enough data
Categories
Categories
Shared Categories
Microsoft Sentinel and Splunk Enterprise Security are categorized as Security Information and Event Management (SIEM)
Unique Categories
Microsoft Sentinel is categorized as Security Orchestration, Automation, and Response (SOAR)
Splunk Enterprise Security has no unique categories
Reviews
Reviewers' Company Size
Microsoft Sentinel
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Splunk Enterprise Security
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Information Technology and Services
26.3%
Computer & Network Security
14.7%
Computer Software
8.3%
Security and Investigations
3.8%
Banking
3.8%
Other
43.2%
Information Technology and Services
23.1%
Computer Software
10.1%
Financial Services
8.0%
Computer & Network Security
6.5%
Banking
5.0%
Other
47.2%
Most Helpful Reviews
Microsoft Sentinel
Most Helpful Favorable Review
Taha D.
Verified User in Information Technology and Services
Security Incident and Event Management Solution to rapidly analyze complete organizational traffic
Most Helpful Critical Review
Verified User in Financial Services
All products have some disadvantage but here we can say the for siem we can use multiple time but don't get any regrate about that product for our organization and even my team also going to be on regular basis used.
Splunk Enterprise Security
Most Helpful Favorable Review
Verified User in Computer & Network Security
Fast Response with automated actions and workflows
Most Helpful Critical Review
Matthew F.
Verified User in Primary/Secondary Education
It's simply too expensive. Their price (at the time of this writing) is based on data consumption. So the more you use it, the more it costs. At the end of the day, that cost benefit just wasn't there.
Taha D.
Verified User in Information Technology and Services
Security Incident and Event Management Solution to rapidly analyze complete organizational traffic
Verified User in Computer & Network Security
Fast Response with automated actions and workflows
Verified User in Financial Services
All products have some disadvantage but here we can say the for siem we can use multiple time but don't get any regrate about that product for our organization and even my team also going to be on regular basis used.
Matthew F.
Verified User in Primary/Secondary Education
It's simply too expensive. Their price (at the time of this writing) is based on data consumption. So the more you use it, the more it costs. At the end of the day, that cost benefit just wasn't there.
Alternatives
Discussions
What is Microsoft Sentinel used for?
3 comments
RS
It's for SIEM tool for real time incident responder and threat intelligence .Read more
If I had to have a question, I would ask if there were any plans to add linux support to this program.
2 comments
DY
need to ask Microsoft, but since dot.net core can be installed in Linux, I believe the agent will work as it uses the .net platform. please experiment Read more
How I able to install /integrated Azure Sentinel agents to collect data on IOT devices/ DLP/ Endpoint devices Computer / Laptops / Printers
1 comment
DY
So couple of point for IOT devices. You can leverage with IOT Hub in Azure. Most IOT devices uses C as their programming language you will probaly need to...Read more
What is the difference between Splunk Enterprise and Splunk Enterprise Security?
1 comment
AK
Splunk enterprise is a big data analysis platform (basic product needed for splunk enterprise security) that collects, stores and can analyze data (logs)...Read more
Splunk Enterprise Security has no more discussions with answers
Hunting for software insights?
With over 2.5 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
