• Home
  • Elastic Observability vs. Wazuh

Elastic Observability vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Elastic Logo
Elastic Observability
Read 22 Elastic Observability reviews
3,929 views|3,324 comparisons
90% willing to recommend
Wazuh Logo
Wazuh
Read 38 Wazuh reviews
38,691 views|21,066 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Observability vs. Wazuh
April 2024
Executive Summary

We performed a comparison between Elastic Observability and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Observability vs. Wazuh Report (Updated: April 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Jherzon Nava
An affordable solution with the text search feature, but its retrieval of logs and metrics from all the instances...
Elastic Observability didn't help our organization because it was simpler for us to configure other tools, including Dynatrace and Grafana.
Usman Arif
Transforming security features with notable vulnerability reduction and comprehensive compliance
Before the deployment of Wazuh, we faced challenges related to vulnerability management and version change history. Vulnerabilities often went... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have built a mini business intelligence system based on Elastic Observability.""It's easy to deploy, and it's very flexible.""The Elastic User Interface framework lets us do custom development when needed. You need to have some Javascript knowledge. We need that knowledge to develop new custom tests.""Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning over a month from multiple data sources can be completed within seconds.""It has always been a stable solution.""The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes.""We can view and connect different sources to the dashboard using it.""For full stack observability, Elastic is the best tool compared with any other tool ."

More Elastic Observability Pros →

"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.""It offers built-in modules for file integrity and vulnerability management.""Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source.""My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance.""The tool is stable.""The deployment is easy and they provide very good documentation.""One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.""Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."

More Wazuh Pros →

Cons
"There's a steep learning curve if you've never used this solution before.""Elastic Observability is difficult to use. There are only three options for customization but this can be difficult for our use case. We do not have other options to choose the metrics shown, such as CPU or memory usage.""They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base.""If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful.""The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration of hot, warm, and cold zones for data storage. Additionally, managing log retention policies adds further complexity. The solution's pricing also needs to be cheaper.""Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low.""The cost must be made more transparent.""The solution would be better if it was capable of more automation, especially in a monitoring capacity or for the response to abnormalities."

More Elastic Observability Cons →

"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh.""Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system.""Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality.""They need to go towards integrating with more cloud applications and not just OS like Windows and Linux.""Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc.""There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded.""The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement.""Wazuh is missing many things that a typical SIEM should have."

More Wazuh Cons →

Pricing and Cost Advice
  • "So far, there are just the standard licensing fees. Several of the components are embedded in the license or are even open source. They're even free depending on what you use, which makes it even more appealing to someone that is discussing pricing of the solution."
  • "There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."
  • "Pricing is one of those situations where the more you use it, the more you pay."
  • "The price of Elastic Observability is expensive."
  • "Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."
  • "One needs to pay for the licenses, and it is an annual subscription model right now."
  • "Since we are a huge company, Elastic Observability is an affordable solution for us."
  • "We will buy a premium license after POC."

    • More Elastic Observability Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Elastic Observability?
    Top Answer:Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning… more »
    Read all 16 answers   →
    What is your experience regarding pricing and costs for Elastic Observabi...
    Top Answer:I rate the pricing a five out of ten. The product is not that cheap.
    Read all 12 answers   →
    What needs improvement with Elastic Observability?
    Top Answer:The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration… more »
    Read all 16 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
    Read all 26 answers   →
    Ranking
    14th
    out of 95 in Log Management
    Views
    3,929
    Comparisons
    3,324
    Reviews
    16
    Average Words per Review
    445
    Rating
    7.9
    2nd
    out of 95 in Log Management
    Views
    38,691
    Comparisons
    21,066
    Reviews
    31
    Average Words per Review
    471
    Rating
    7.6
    Comparisons
    Learn More
    Elastic
    Wazuh
    Overview
    To effectively monitor and gain insights across your distributed systems, you need to have all your observability data in one stack. Break down silos by bringing together application, infrastructure, and user data into a unified solution for end-to-end observability and alerting.
    Rely on the most widely deployed observability platform available, built on the proven Elastic Stack (also known as the ELK Stack) to converge silos, delivering unified visibility and actionable insights.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Manufacturing Company18%
    Healthcare Company9%
    Insurance Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company8%
    Healthcare Company6%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise66%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    Buyer's Guide
    Elastic Observability vs. Wazuh
    April 2024
    Free Report: Elastic Observability vs. Wazuh
    Find out what your peers are saying about Elastic Observability vs. Wazuh and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Elastic Observability is ranked 14th in Log Management with 22 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Elastic Observability is rated 7.8, while Wazuh is rated 7.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Elastic Observability is most compared with Dynatrace, New Relic, Azure Monitor, Sentry and AppDynamics, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our Elastic Observability vs. Wazuh report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.