https://7f57629a.jeremiahwindle.pages.dev/tags/splunk/Recent content in Splunk on Jeremiah WindleHugoen-usWed, 18 Mar 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/siem-platforms-compared/Wed, 18 Mar 2026 00:00:00 +0000https://7f57629a.jeremiahwindle.pages.dev/blog/siem-platforms-compared/Most SIEM comparisons are written by vendors or analysts who’ve seen the demos. This one is written by someone who’s used these platforms in production — ingesting real logs, tuning real alerts, and investigating real incidents across dozens of client environments. Here’s what actually matters. The Three Platforms I’ve had meaningful production time with: Kibana (ELK Stack) — primary SIEM at my current MSP for security operations across municipal government clients Perch Security — co-managed SIEM platform purpose-built for MSPs, used across 40+ client organizations Splunk — exposure through client environments and hands-on study; included here for completeness against the standard that everyone measures against Kibana (ELK Stack) Kibana is the visualization layer on top of Elasticsearch and Logstash — the “K” in ELK.