• Home
  • Graylog Security vs. Microsoft Sentinel

Graylog Security vs Microsoft Sentinel comparison

Cancel
You must select at least 2 products to compare!
Graylog Logo
Graylog Security
Read 2 Graylog Security reviews
214 views|179 comparisons
100% willing to recommend
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between Graylog Security and Microsoft Sentinel based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Featured Review
Tony Zafiropoulos
Aggregates logs in one place and helps to review data points
Sachin Paul
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The tool aggregates logs. We can see the logs in one place.""We use the solution to collect logs."

More Graylog Security Pros →

"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box.""It has a lot of great features.""The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities.""Free ingestion for Azure logs (with E5 licence)""Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""The Log analytics are useful.""What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part.""Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."

More Microsoft Sentinel Pros →

Cons
"Graylog Security needs to incorporate security scorecards."

More Graylog Security Cons →

"We are invoiced according to the amount of data generated within each log.""The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it.""If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies.""The troubleshooting has room for improvement.""The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to.""Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."

More Microsoft Sentinel Cons →

Pricing and Cost Advice
  • "I rate the tool's pricing a one out of ten."

    • More Graylog Security Pricing and Cost Advice →

  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Graylog Security?
    Top Answer:We use the solution to collect logs.
    What is your experience regarding pricing and costs for Graylog Security?
    Top Answer:I rate the tool's pricing a one out of ten.
    What needs improvement with Graylog Security?
    Top Answer:Graylog Security needs to incorporate security scorecards.
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized by… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    Ranking
    34th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    214
    Comparisons
    179
    Reviews
    1
    Average Words per Review
    118
    Rating
    9.0
    2nd
    out of 80 in Security Information and Event Management (SIEM)
    Views
    31,886
    Comparisons
    17,713
    Reviews
    59
    Average Words per Review
    1,638
    Rating
    8.4
    Comparisons
    Also Known As
    Azure Sentinel
    Learn More
    Graylog
    Microsoft
    Overview

    Graylog Security is built on the Graylog platform. It combines the key features and functionality that set us apart from the competition with SIEM, Security Analytics, & Anomaly Detection capabilities. IT security teams get a superior cybersecurity platform designed to overcome legacy SIEM challenges. Your job becomes easier. You can tackle critical activities faster. And you have the confidence and expertise to mitigate risks caused by insider threats and credential-based attacks.

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Sample Customers
    Information Not Available
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Top Industries
    No Data Available
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    Company Size
    No Data Available
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    Graylog Security is ranked 34th in Security Information and Event Management (SIEM) with 2 reviews while Microsoft Sentinel is ranked 2nd in Security Information and Event Management (SIEM) with 85 reviews. Graylog Security is rated 8.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Graylog Security writes "Helps to collect logs and pricing is cheap ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Graylog Security is most compared with Wazuh and Microsoft Defender XDR, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.