Introducing G2.ai, the future of software buying.Try now
Compare Microsoft Sentinel and Splunk Enterprise 
Featured Products
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
ManageEngine EventLog Analyzer
Visit Website
At a Glance
Market Segments
Enterprise (41.4% of reviews)
Enterprise (64.9% of reviews)
Entry-Level Pricing
Pay As You Go
No pricing available
Microsoft Sentinel
Star Rating
(289)4.4 out of 5
Market Segments
Enterprise (41.4% of reviews)
Pros & Cons
Entry-Level Pricing
Pay As You Go
Browse all 11 pricing plansSplunk Enterprise
Star Rating
(422)4.3 out of 5
Market Segments
Enterprise (64.9% of reviews)
Pros & Cons
Entry-Level Pricing
No pricing available
Learn more about Splunk EnterpriseSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that Splunk Enterprise excels in "Real-Time Analytics" with a score of 9.1, allowing for immediate insights into data, while Microsoft Sentinel, although strong, has a slightly lower score in this area, indicating that Splunk may provide a more responsive experience for urgent data analysis.
- Reviewers mention that Splunk's "Dashboards and Visualizations" feature scores an impressive 9.4, which users find highly customizable and user-friendly, whereas Microsoft Sentinel's dashboard capabilities, while effective, do not reach the same level of user satisfaction, scoring 9.0.
- G2 users highlight that Splunk's "Diverse Systems Monitoring" feature is rated at 8.9, making it a preferred choice for organizations needing to monitor a wide range of systems, while Microsoft Sentinel's score of 8.4 suggests it may not cover as many systems as comprehensively.
- Users on G2 report that Microsoft Sentinel shines in "Threat Intelligence" with a score of 8.7, which reviewers say provides robust insights into potential security threats, while Splunk's score of 7.5 indicates it may not be as strong in this critical area.
- Reviewers mention that Splunk's "Automated Remediation" feature scores 8.6, which users find beneficial for reducing manual intervention in incident response, while Microsoft Sentinel's similar feature, although effective, scores slightly lower at 8.3, suggesting a less efficient automation process.
- Users say that Splunk's "Event Management" feature is rated at 9.1, providing a comprehensive view of events for better incident handling, while Microsoft Sentinel's score of 8.7 indicates it may not offer the same level of detail or ease of use in managing events.
Pricing
Entry-Level Pricing
Microsoft Sentinel
Pay-As-You-Go
Pay As You Go
Effective Per GB Price - $2.46
Savings Over Pay as You Go: N/A
- Pay-As-You-Go
Splunk Enterprise
No pricing availableFree Trial
Microsoft Sentinel
Free Trial is available
Splunk Enterprise
No trial information availableRatings
Meets Requirements
8.6
223
8.9
334
Ease of Use
8.5
229
8.1
337
Ease of Setup
8.3
129
7.9
139
Ease of Admin
8.3
124
8.1
124
Quality of Support
8.5
218
8.4
277
Has the product been a good partner in doing business?
8.7
119
8.7
124
Product Direction (% positive)
9.5
218
7.8
325
Features by Category
Data Sourcing
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Intelligence
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality
Not enough data
7.0
9
Not enough data
6.5
9
Not enough data
7.9
12
Issue Resolution
Not enough data
7.1
11
Not enough data
6.8
10
Not enough data
6.8
10
Management
Not enough data
7.7
10
Not enough data
8.2
12
Not enough data
7.9
12
Generative AI
Not enough data
Not enough data
Not enough data
Not enough data
Agentic AI - AIOps Platforms
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Visibility
Not enough data
9.3
19
Not enough data
8.9
20
Not enough data
9.2
20
Monitoring and Management
Not enough data
8.9
17
Not enough data
8.7
15
Not enough data
8.4
19
Not enough data
9.1
20
Agentic AI - Hardware Monitoring
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality
Not enough data
8.8
62
Not enough data
8.8
62
Not enough data
9.0
62
Not enough data
7.8
54
Management
Not enough data
8.3
55
Not enough data
8.9
61
Not enough data
8.5
61
Not enough data
9.0
61
Agentic AI - Enterprise Monitoring
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
ServiceNow Apps
Not enough data
Not enough data
Not enough data
9.0
5
Agentic AI - ServiceNow Store Apps
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Data Preparation
Not enough data
9.0
67
|
Verified
Not enough data
8.8
66
|
Verified
Not enough data
8.0
61
|
Verified
Not enough data
8.3
61
|
Verified
Analysis
Not enough data
8.3
60
|
Verified
Not enough data
8.3
61
|
Verified
Not enough data
8.8
62
|
Verified
Not enough data
8.7
65
|
Verified
Not enough data
8.8
62
|
Verified
Not enough data
8.2
53
|
Verified
Visualization
Not enough data
8.7
66
|
Verified
Not enough data
8.7
63
|
Verified
Agentic AI - Log Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Network Management
8.9
169
9.1
26
8.4
161
7.3
23
8.8
165
9.2
26
Incident Management
8.7
168
8.8
26
8.7
164
7.8
26
8.9
165
8.5
26
Security Intelligence
8.7
167
7.3
24
8.3
160
6.5
22
8.5
161
8.5
24
8.4
161
8.3
24
Agentic AI - Security Information and Event Management (SIEM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security Orchestration, Automation, and Response (SOAR)Hide 11 FeaturesShow 11 Features
8.5
110
Not enough data
Automation
8.2
95
Not enough data
8.4
97
Not enough data
8.6
96
Not enough data
8.8
99
Not enough data
Orchestration
8.8
97
Not enough data
8.6
98
Not enough data
8.6
98
Not enough data
8.4
97
Not enough data
Response
8.6
100
Not enough data
8.1
94
Not enough data
8.5
90
Not enough data
Categories
Categories
Shared Categories
Microsoft Sentinel and Splunk Enterprise are categorized as Security Information and Event Management (SIEM)
Unique Categories
Microsoft Sentinel is categorized as Security Orchestration, Automation, and Response (SOAR)
Splunk Enterprise is categorized as Enterprise Monitoring, Hardware Monitoring, AIOps Platforms, ServiceNow Store Apps, Customer Data Platform (CDP), and Log Analysis
Reviews
Reviewers' Company Size
Microsoft Sentinel
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Splunk Enterprise
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Information Technology and Services
25.9%
Computer & Network Security
14.7%
Computer Software
8.3%
Banking
4.1%
Security and Investigations
3.8%
Other
43.2%
Information Technology and Services
26.5%
Computer Software
10.3%
Financial Services
6.8%
Internet
6.3%
Computer & Network Security
6.0%
Other
44.3%
Discussions
What is Microsoft Sentinel used for?
3 Comments
RS
It's for SIEM tool for real time incident responder and threat intelligence .Read more
If I had to have a question, I would ask if there were any plans to add linux support to this program.
2 Comments
DY
need to ask Microsoft, but since dot.net core can be installed in Linux, I believe the agent will work as it uses the .net platform. please experiment Read more
How I able to install /integrated Azure Sentinel agents to collect data on IOT devices/ DLP/ Endpoint devices Computer / Laptops / Printers
1 Comment
DY
So couple of point for IOT devices. You can leverage with IOT Hub in Azure. Most IOT devices uses C as their programming language you will probaly need to...Read more
What does Splunk Enterprise do?
1 Comment
SM
Splunk Enterprise is a powerful data analytics platform that allows organizations to collect, index, search, and analyze a wide variety of machine-generated...Read more
Which apps ship with Splunk Enterprise?
1 Comment
SM
Splunk Enterprise comes with a variety of built-in apps and add-ons that provide additional functionality, visualizations, and preconfigured dashboards for...Read more
What are Splunk Enterprise components?
1 Comment
IG
Splunk's 3 main components: Search Head (UI), Indexer (DB) and Forwarder (Endpoint Agent with Universal Forwarder or Aggregation Agent with...Read more
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
