We performed a comparison between Logsign Next-Gen SIEM and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The automation feature is valuable."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The most valuable features of Logsign SIEM are its cloud capabilities, alerting functionality, integration with Elastic Search, and configuration options."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"It offers built-in modules for file integrity and vulnerability management."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The product is easy to customize."
"Wazuh has very flexible and robust features."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"The product can be improved by reducing the cost to use AI machine learning."
"The reporting could be more structured."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Improvements needed in Logsign SIEM are providing specific security alerts that can be filtered and configured more effectively."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"Some features, like alerting, are complex with Wazuh."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
Logsign Next-Gen SIEM is ranked 44th in Log Management with 3 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Logsign Next-Gen SIEM is rated 7.6, while Wazuh is rated 7.4. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Logsign Next-Gen SIEM is most compared with Grafana Loki, IBM Security QRadar, Logpoint, ManageEngine EventLog Analyzer and Sematext Logs, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and CrowdStrike Falcon. See our Logsign Next-Gen SIEM vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.