![splunk enterprise vs splunk light splunk enterprise vs splunk light](https://cdn.educba.com/academy/wp-content/uploads/2018/04/Hadoop-vs-Splunk.png)
- Splunk enterprise vs splunk light update#
- Splunk enterprise vs splunk light plus#
- Splunk enterprise vs splunk light professional#
- Splunk enterprise vs splunk light windows#
I didn't know anything about the history of it, and no updates for 4 years does sound pretty bad, but on the surface it looks pretty sharp. The reseller had some experience with GFI and said good things, and it was about half the price, so I decided to check it out. I had already settled on Alienvault, but the sales rep I was talking to was kind of pushy, and it made me reconsider.
![splunk enterprise vs splunk light splunk enterprise vs splunk light](https://slidetodoc.com/presentation_image/cae179c24e59a64f4c548d2b610bb251/image-20.jpg)
GFI Event manager was a late entry into the competition. I usually recommend EventSentry - it covers event logs and much more beyond that, and is regularly updated - not every 4 years :-). I don't know exactly what you are looking for, but almost any other product will be better than GFI. Please consider some of the other more updated and capable log monitoring products out there - there is more than just Alienvault and Splunk.
Splunk enterprise vs splunk light windows#
Literally, in 4 years of work all they added was support for Windows Server 2016 (if you don't believe me.
Splunk enterprise vs splunk light update#
I'm curious - how did you actually stumble across that one? GFI's product is probably one of the 3 worst log monitoring solutions on the market.The product was literally dead for 4(!) years without a single release, and the most "recent" update was in March where they added support for server 2016. I'm honestly not sure how you can compare Alienvault with GFI Events Manager - they're not even in the same league. Splunk really just priced themselves out of my budget. I'm currently looking at GFI Event Manager vs Alienvault.
![splunk enterprise vs splunk light splunk enterprise vs splunk light](https://www.splunk.com/content/dam/splunk-blogs/images/2015/03/Screen-Shot-2015-03-09-at-9.30.43-AM.png)
The last thing I will say is, if I had the budget and resources(prof services, training for staff, and more prof services) to deploy Splunk properly I would use that instead. Alien Vaults interface is very user-friendly and allows quick drill down for simple troubleshooting.ĥ. Needed to be able to get our network and helpdesk folk's on board with using it to troubleshoot. I downloaded OSSIM at home and played around with it and it was fairly easy.ģ. I had deployed Splunk before in a similar sized clients environment and it was brutal. Our InfoSec group is small and we needed something that could be effective out of the box. The last two contenders, oddly enough, at the end of the search where having Splunk or AlienVault on prem. In Q4 16 we decided to go with Alien Vault over everything else. I'm at a mid-sized hospital and last year (16) we decided to migrate away from our current MSSP to either another one or an on-prem solution. I would say get ArcSight Express in an appliance with a FlexConnector but don't deploy this yourself and yes - stay with AlienVault IF they can deliver your sources. Unless you have done a serious carver and oodl assessments you don't stand a chance. I mean Cisco, Checkpoint, F5, McAfee ePO and Web Gateway, Nexpose, other syslog data and the list goes on. I mean Windows audit logs are not enough. Personally, Splunk is good but you're going to need to feed it TA (technology add-on) from vendors that add up.
Splunk enterprise vs splunk light professional#
Don't let professional services implement anything though because they failed the health check by Optiv because they are sloppy (not Optiv). I will say that the more GB you ingest into Splunk the less it is. Splunk just listens to data and makes no correlation otherwise without it besides the rules you would be forced to create and same with reports a dashboards.
![splunk enterprise vs splunk light splunk enterprise vs splunk light](https://www.whizlabs.com/blog/wp-content/uploads/2020/07/splunk-tutorial.jpg)
Splunk enterprise vs splunk light plus#
Ignore that one user telling you to use Splunk Enterprise as a SIEM plus AlienVault. I have 41 connectors in HP ArcSight and in the painful move to Spunk Enterprise with Enterprise Security, PCI and possibly UBA.