Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace vs Splunk


Hello, I am trying to make a comparison between dynatrace and splunk. In my project we are already using Splunk and we will have dynatrace very soon.
But i want to understand is it really worth having both of them as licensing of these tools is quite expensive. What i want to understand is -

  1. Why we need dynatrace and what is that one factor which differentiate it from other tools?

  2. What does it do which cannot be done from Splunk?

  3. What does splunk do which cannot be done from dynatrace?

I have heavily read about it online but i am not able to make any conclusions. If anyone can help that would be much appreciated.



DynaMight Guru
DynaMight Guru

Splunk is just storage for logs and metrics collected in numerous ways. Dynatrace is way much bigger because you see single transactions with DB calls, MQ, WebRequests etc, and user perspective as well. But comparing Splunk to Dynatrace is not fair for each of those solutions. These are two totally different class of product and use cases.


Regards, Sebastian

Dynatrace Guru
Dynatrace Guru

Splunk is a data repository and analytics tool. You throw data into it and make some dashboards. It does not have any capabilities for instrumentation and generating the APM data such as our agents, synthetics, and network probe.

For Splunk to work, you must have the data you want to “capture” already easily available somewhere that it can grab it (such as a log file). For end-to-end application monitoring, end user monitoring, etc... this data is not magically exposed anywhere. You must instrument the application/environment in order to get at it (this is not easy).

This is the main difference between Splunk and Dynatrace. Dynatrace does the hard part... end-to-end instrumentation in-order-to produce high-value data such as PurePaths and Smartscape.

Splunk lacks the following:

  • Transaction following (PurePath)

  • Real user monitoring

  • Synthetic transactions

  • Environment/topology mapping and discovery (smartscape)

  • Application monitoring at code level

  • Database/SQL monitoring

  • Automatic problem identification

  • Automatic root cause determination

  • Packet-level network monitoring

Areas where Dynatrace and Splunk overlap:

  • Log monitoring

  • Dashboards

  • Splunk can do some basic server OS monitoring using

Definitely Splunk has different capabilities in terms of automation, analysis and monitoring of logs. Depends on your use cases you may need just Dynatrace or both.

Senior Product Manager,
Dynatrace Managed expert

Hi @Radoslaw S. thank you for your detailed response. I would see if we can use both because I have read some articles where it says they works best together. Also do you know about the licensing cost comparison.? Like how much Dynatrace cost if we get it installed for 2 of our applications.

Well, you can't compare costs as it brings different level of value - almost like comparing apples to mango. Keep in mind that at infrastructure monitoring level Dynatrace multiplies host unit by 0.3 with a cap of 1.0 host unit at max.

Senior Product Manager,
Dynatrace Managed expert

Moreover, you could use Splunk for log monitoring... but then you have the other tool for that and *no context* if that particular log entry is related to a problem.

And last but not least... with Dynatrace you don't need to change your application code to output proper log entries - as you compare it to Splunk.

Senior Product Manager,
Dynatrace Managed expert

Thanks @Radoslaw S.for your detailed explanation. Really appreciate it. Just one more quick thing - If i successfully integrate Dynatrace with Splunk or vice versa, what extra can i achieve?

I mean is it possible for you to list out the important scenarios/factors which we can achieve by integrating these wonderful tools. I know they compliment each other but just want to understand in what ways please?

Let me know if you can help me out here.

Three items that come to my mind are:

you can set up additional alerting based on your log entries. In Dynatrace you need to set up custom metrics based on logs.

You can set up some dashboards in Splunk that might be valuable to you.

You can push Dynatrace Problems to Splunk as an Incident platform. See

However none of these will bring you answers. Using both will create you two silo tools that is inconvenient, increase friction and additional TCO.

If I were you I’d decide on one.

PS also read thread here

Senior Product Manager,
Dynatrace Managed expert

Hi, after more than 3 years, Dynatrace is getting more bigger. Specifically in log monitoring. can you tell us more about the comparisons? because I think DT Log Monitoring Classic (V2) feature now can compete with Splunk. But I don't know what aspect the Log Monitoring is ahead from Splunk. Any information is appreciated. Thanks 🙂


I agree with all these comments but if they are using the Splunk ITSI component then they get closer to root cause detection and predictive analytics. Obviously s only as good as the data they are ingesting.

Featured Posts