Re: Why Splunk is better than Paid / Free edition ...

Glasses · ‎07-31-2019

I have some experience with ELK via SANS classes only.

My opinion is that Splunk has always been easier to admin and use, etc... than ELK, but ELK is not a bad choice if splunk is not an option.

Lately, I was visited by "The Good Idea Fairy" and I was requested to evaluate ELK vs. Splunk... because ELK is "open source" and "free" (and because time to learn, transition, etc. is not being considered).

If any one can help add to my evaluation criteria, it is much appreciated.
Splunk - Pros
1 Great Community Support
2 Great Paid Support
3 Splunk is more mature, more capabilities
4 Splunk has lots of integrations (SplunkBase)
5 Easy to use
6 Continued development with new versions and capabilities
7 Consistently works -reliable - easy to troubleshoot
8 Bugs are resolved quickly

Please provide any other thoughts as to why Splunk is a better choice.

Thank you!

jnudell_2 · ‎07-31-2019

From anecdotal evidence, I hear that the same configuration in ELK requires twice the hardware, and twice the administration costs (people to administer the product). Visualizations are easier to create in Splunk because they allow drag-and-drop for dashboards, where those have to be coded in ELK. ELK does not scale as well as Splunk does either from what I hear.

Glasses · ‎07-31-2019

Thank you!!

Why Splunk is better than Paid / Free edition of ELK?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!