How to Eliminate the 25% SIEM and Cloud Tax

LogZilla Shows You How to Eliminate Splunk's Log Management Fees Forever

Richard Piotrowski, Founder and COO

How to Eliminate the 25% SIEM and Cloud Tax

Tuesday, April 13, 2021

Splunk can be a very expensive log management and SIEM tool, and adding more data or utilizing a new feature add-on can increase your fees exponentially. Having a goal to ingest all your data shouldn’t be an unattainable dream or leave you vulnerable to cybercrime. Similar to when you purchase an automobile…the rates for tires, a steering wheel, and side mirrors shouldn’t break the bank and force you to not purchase.

As Splunk began reporting its cloud operation financials in 2020, the lackluster performance was revealed, highlighting that margins were averaging 54 percent, leaving many investors unimpressed.

Yes, you are seeing this correct
Yes, you are seeing this correct

When we look closer at the cloud operating margins of Elastic, DataDog, and Sumo Logic, we see that Splunk’s margins are low; very low. Further, cloud margins of 75% are not strong when money is being distributed to other cloud vendors AWS, Azure, etc.

Splunk's margins are low, low, low...
Splunk's margins are low, low, low...

THE CHALLENGE: Who Do You Think Pays for the Extra Fees?
HINT: It’s not Splunk, DataDog, Sumo Logic…you pay for it all

Rather than pivoting to improve internal operations, Splunk acquires companies to enable new feature sets and appear as a technical innovator. Unsurprisingly, the proportion of R&D expenses to total revenues dropped to 28% in Q4, vs. 44% in Q1. Splunk is trying to push the revenue needle via acquisitions to report 80% + ARR growth. Unfortunately, Cloud revenue growth (GAAP) in the most recent Q4 was 72%, a large decline from 81% reported in Q1.


Horizontal scaling means that all SIEM vendors horizontally shift the data load by adding more expensive resources to combat their respective outdated, inability to scale on a single instance, architectures.

How Can You Remove Those Taxes and Fees in 30 Seconds?

Deploying LogZilla NEO in front of your current SIEM log tool as the Manager of Managers reduces the volume of machine data being sent downstream by about 70%, without losing a single byte, and permanently eliminates the tax.

If Splunk margins are the one doubt
If Splunk margins are the one doubt

At 50% deduplication, Splunk would increase its cloud operating margins to the 75%-80% range. That would be equivalent to its primary competitors and eliminates the “add a new resource” ingestion tax. At 70% deduplication, Splunk’s cloud margins would increase by about 32%, and the customer could expect reduced prices.


LogZilla NEO’s Unlimited Pricing Plan achieves 10 TB/day on a single 1U server and ensures that you can send all your machine data, not just the data you can afford.

Ready to watch how LogZilla NEO generates an ROI of greater than 40% and payback in less than 90 days (that’s right… the more data you send per day, the higher is the ROI, and the faster is the payback)?

Schedule your 15-minute demo now to see if LogZilla is right for you.

Richard Piotrowski

Richard Piotrowski

Founder and COO

About Richard

Richard leverages two decades of helping companies grow. At LogZilla, he is focused on planning, execution, and financial acumen to develop compelling selling strategies. Richard spent over a decade working on Wall Street and Bay Street and earned a #1 ranking in Canada.
Tags: LogZilla , GAAP , IT architecture , log management , LogZilla NEO , Centralized Log Management Platform , Sumo Logic , Splunk , DataDog , Humio , SIEM , Data Management

Real-Time Threat Hunting using Zeek, LogZilla, and Axellio - A DCO_SOSSEC Cyber Talk

Did you miss our last webinar?