We performed a comparison between SolarWinds Security Event Manager and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"The most valuable feature is the ease of use for the end user."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"This tool is simple to use."
"The most valuable feature is the reporting."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"It's stable."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The deployment is easy and they provide very good documentation."
"It offers built-in modules for file integrity and vulnerability management."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"There is no correlation made between log entries, so no threat information is presented."
"We'd like more customization capabilities."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"There could be a hardware monitoring tool for the solution."
"The computing resources are consuming and do not make sense."
"The deployment is a bit complex."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"We would like to see more improvements on the cloud."
"The tool doesn't detect anomalies or new environments."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. SolarWinds Security Event Manager is rated 7.8, while Wazuh is rated 7.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender XDR, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our SolarWinds Security Event Manager vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.