"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"Good for log collection and log management."
"The most valuable feature is the log aggregation, being able to scan through all of the logs."
"The level of robustness on offer is very good."
"The connections to the database are very good and updating the data files is simple to do. The dashboards are useful and user-friendly."
"I am satisfied with the support."
"Its compatibility with other SIEMS is very useful."
"The data analysis part is good in Splunk, which is something that I like the most. It is also quite easy to use. Its dashboards, visualizations, and analytics are good."
"The Splunk user community and forum are most valuable."
"I like being able to use proxy servers for different locations. The agents are pretty cool. They're easy to roll out. The standard out-of-the-box templates are also pretty easy to use. The integration with other learning products is also good. I have, in the past, used Slack, but we've integrated it with Microsoft Teams. We also use it for SMS with a service called Redcoat. It is very flexible. It does what I need it to do, and my manager is very happy because it doesn't cost anything. We are nearing 4,000 hosts inside Zabbix, and we've got another 6,000 access points to add to it. We've thrown everything at it, and it has managed to keep going. I am very impressed with the tool, and I'd shake their hand very hard if I got to say the compliments to the Zabbix team. They keep improving it and doing refreshes, which is one good thing about it. There is also online information as well as books that you can purchase if you're willing to read enough. There is a lot to pick up, but it is a pretty complete solution."
"Its overall flexibility is most valuable. When our customers have some custom applications that are not necessarily covered by the community or a standard monitoring tool, we use Zabbix to build our own modules with our own templates. This feature has been useful in using Zabbix for infrastructure and IT monitoring. It has also been useful for industrial equipment monitoring. Zabbix is very lightweight. It is efficient in terms of performance because it doesn't use a lot of resources."
"The most valuable features in Zabbix are those that help us overcome bottlenecks in CPU usage, as well as reduce memory delay. I know that we have only reached the tip of the iceberg of what Zabbix's features can do for us, and we have not used all of them yet."
"The initial setup was not complex."
"The integration capabilities and APIs are the best part."
"The solution's design has recently changed and it is visually pleasing with more color, for example, there is blue, black, and white."
"It's a very reliable platform and we've never had any issues regarding the scalability or the stability of Zabbix."
"It has an intuitive UI with beautiful graphs and customizable maps."
"Technical support could be better."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"Being a SIEM solution with a centralized dashboard, we would like to have more options to customize it."
"I feel the solution to be too slow."
"I would like to see more SIEM functionality and a better ticket tool."
"There is improvement needed when importing from some types of data sources."
"The solution could improve by giving more email details."
"Its interface could be improved."
"Splunk is more expensive than other solutions."
"The complexity could be worked on so that it's even easier and faster."
"One of the things we don't like is that Zabbix has a license structure with a price that is high compared to the competition. It's very high, for example, compared to something like Microsoft Teams."
"It could be more stable."
"Zabbix isn't a great tool for cloud-specific monitoring - its connection to public clouds needs to be improved. Other areas for improvement would be the lack of dashboards and integrations."
"Outside of the normal standard monitoring, I would like to extend patching, importing patching, and supporting patching for Windows Servers."
"I think the reporting part of Zabbix can be improved in terms of more user-friendly graphics to display the collected data. Many simple users who don't know how to use Zabbix properly might get confused by the reporting, although at the same time it is very versatile for my company."
"Zabbix isn't very good at automation just yet."
"There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc."
"If you want to use all of the features then you have to pay a licensing fee."
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.
Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.
Zabbix is the ultimate enterprise-level software designed for real-time monitoring of millions of metrics collected from tens of thousands of servers, virtual machines and network devices. Zabbix is Open Source and comes at no cost.
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Splunk is ranked 1st in Security Information and Event Management (SIEM) with 55 reviews while Zabbix is ranked 1st in Network Monitoring Software with 44 reviews. Splunk is rated 8.0, while Zabbix is rated 8.0. The top reviewer of Splunk writes "Very versatile for many use cases". On the other hand, the top reviewer of Zabbix writes "Very mature, easy to scale, and free to use". Splunk is most compared with Dynatrace, Datadog, IBM QRadar, ELK Logstash and Fortinet FortiAnalyzer, whereas Zabbix is most compared with Nagios XI, Centreon, Nagios Core, SolarWinds NPM and PRTG Network Monitor.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.