We performed a comparison between IBM Security QRadar and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI of Sentinel is very good and easy to use, even for beginners."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"We have no complaints about the features or functionality."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"It's built around Red Hat Linux, which is highly robust."
"There are a lot of great out-of-the-box features included."
"The tool's most valuable feature is log source management. It enables us to connect to various log sources, including content, authentications, or other customized integrations. These integrations can be tailored for use with other platforms that don’t already have built-in IBM add-ons."
"We run 65 servers globally with just two people: an engineering person and me."
"I like that it's easy to use and the performance is good."
"The rule engine is very easy to use — very flexible."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"The most valuable feature is the predefined reports for PCI compliance."
"File integrity monitoring is a very important function."
"This is a very easy-to-use interface with a quick ramp-up time."
"The troubleshooting has room for improvement."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"The solution should allow for a streamlined CI/CD procedure."
"I would like for Yara to be supported by all components."
"We need more features in order to create rules to detect or to meet some requirements for other areas, for example, catching the event from other authentication tools."
"There is a shortage of skilled individuals with knowledge about the solution. There is training required."
"The released patch quality is poor. IBM should test those patches on their side, not on the client's side."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"The IBM support can be better."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"The correlation suite needs to be improved."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while NNT Log Tracker Enterprise is ranked 47th in Log Management with 4 reviews. IBM Security QRadar is rated 8.0, while NNT Log Tracker Enterprise is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas NNT Log Tracker Enterprise is most compared with . See our IBM Security QRadar vs. NNT Log Tracker Enterprise report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.