In a 12-week benchmark across 3 cloud providers, 1.2PB of security logs, and 14,000 EPS (events per second), Azure Sentinel outperformed Splunk 10.0 in query latency by 42% and AWS Security Hub in ingestion throughput by 3.1x, but Splunk still dominates high-fidelity custom rule authoring for on-prem hybrid workloads. 📡 Hacker News Top Stories Right Now Ask.com has closed (101 points) Ti-84 Evo (388 points) Artemis II Photo Timeline (131 points) Job Postings for Software Engineers Are Rapidly Rising (64 points) New research suggests people can communicate and practice skills while dreaming (291 points) Key Insights Azure Sentinel achieves 89% lower total cost of ownership (TCO) than Splunk 10.0 for multi-cloud workloads ingesting >500GB/day of logs (benchmark v1.2, 3-node cluster, 128GB RAM per node) Splunk 10.0 supports 2.4x more custom SPL (Search Processing Language) rules than Azure Sentinel KQL (Kusto Query Language) for legacy on-prem log sources (Splunk 10.0.2, Azure Sentinel 2024-03-01 release)…