• Home
  • Elastic Observability vs. Wazuh

Elastic Observability vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Elastic Logo
Elastic Observability
Read 22 Elastic Observability reviews
4,094 views|3,400 comparisons
90% willing to recommend
Wazuh Logo
Wazuh
Read 38 Wazuh reviews
38,600 views|20,925 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Observability vs. Wazuh
April 2024
Executive Summary

We performed a comparison between Elastic Observability and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Observability vs. Wazuh Report (Updated: April 2024).
Download the complete report
769,976 professionals have used our research since 2012.
Featured Review
Jherzon Nava
An affordable solution with the text search feature, but its retrieval of logs and metrics from all the instances...
Elastic Observability didn't help our organization because it was simpler for us to configure other tools, including Dynatrace and Grafana.
Usman Arif
Transforming security features with notable vulnerability reduction and comprehensive compliance
Before the deployment of Wazuh, we faced challenges related to vulnerability management and version change history. Vulnerabilities often went... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We can view and connect different sources to the dashboard using it.""It is a powerful tool that allows users to collect and transform logs as needed, enabling flexible visualization and analysis.""The product has connectors to many services.""The tool's most valuable feature is centralized logging. Elastic Common Search helps us to search for the logs across the organization.""Its diverse set of features available on the cloud is of significant importance.""It has always been a stable solution.""The solution allows us to dig deep into data.""We use AppDynamics and Elastic. The reason why we're using Elastic APM is because of the license count. It's very favorable compared to AppDynamics. It's inexpensive; it's economical."

More Elastic Observability Pros →

"It is a stable solution.""The configuration assessment and Pile integrity monitoring features are decent.""The product is easy to customize.""The most valuable features are the modules and metrics.""Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors.""The most valuable feature of Wazuh is the ELK for doing an investigation.""The MITRE ATT&CK correlation is most valuable.""Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."

More Wazuh Pros →

Cons
"The interface could be improved.""The price is the only issue in the solution. It can be made better and cheaper.""Elastic Observability is an excellent product for monitoring and visibility, but it lacks predictive analytics. Most solutions are aligned with the AIOps requirements, but this piece is missing in Elastic and should be included.""They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base.""The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages.""Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low.""In the future, Elastic APM needs a portfolio iTool. They can provide an easy way to develop the custom UI for Kibana.""The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration of hot, warm, and cold zones for data storage. Additionally, managing log retention policies adds further complexity. The solution's pricing also needs to be cheaper."

More Elastic Observability Cons →

"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality.""We would like to see more improvements on the cloud.""The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way.""The implementation is very complex.""Integration with Vyara could be better.""Its configuration process is time-consuming.""Since it's an open-source tool, scalability is the main issue.""Wazuh should come up with more in-built rules and integrations for the cloud."

More Wazuh Cons →

Pricing and Cost Advice
  • "So far, there are just the standard licensing fees. Several of the components are embedded in the license or are even open source. They're even free depending on what you use, which makes it even more appealing to someone that is discussing pricing of the solution."
  • "There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."
  • "Pricing is one of those situations where the more you use it, the more you pay."
  • "The price of Elastic Observability is expensive."
  • "Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."
  • "One needs to pay for the licenses, and it is an annual subscription model right now."
  • "Since we are a huge company, Elastic Observability is an affordable solution for us."
  • "We will buy a premium license after POC."

    • More Elastic Observability Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    769,976 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Elastic Observability?
    Top Answer:Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning… more »
    Read all 16 answers   →
    What is your experience regarding pricing and costs for Elastic Observabi...
    Top Answer:I rate the pricing a five out of ten. The product is not that cheap.
    Read all 12 answers   →
    What needs improvement with Elastic Observability?
    Top Answer:The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration… more »
    Read all 16 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
    Read all 26 answers   →
    Ranking
    14th
    out of 95 in Log Management
    Views
    4,094
    Comparisons
    3,400
    Reviews
    16
    Average Words per Review
    445
    Rating
    7.9
    2nd
    out of 95 in Log Management
    Views
    38,600
    Comparisons
    20,925
    Reviews
    31
    Average Words per Review
    479
    Rating
    7.6
    Comparisons
    Learn More
    Elastic
    Wazuh
    Overview
    To effectively monitor and gain insights across your distributed systems, you need to have all your observability data in one stack. Break down silos by bringing together application, infrastructure, and user data into a unified solution for end-to-end observability and alerting.
    Rely on the most widely deployed observability platform available, built on the proven Elastic Stack (also known as the ELK Stack) to converge silos, delivering unified visibility and actionable insights.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Manufacturing Company18%
    Healthcare Company9%
    Insurance Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company8%
    Healthcare Company6%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider9%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise67%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise20%
    Large Enterprise48%
    Buyer's Guide
    Elastic Observability vs. Wazuh
    April 2024
    Free Report: Elastic Observability vs. Wazuh
    Find out what your peers are saying about Elastic Observability vs. Wazuh and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    769,976 professionals have used our research since 2012.

    Elastic Observability is ranked 14th in Log Management with 22 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Elastic Observability is rated 7.8, while Wazuh is rated 7.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Datadog, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our Elastic Observability vs. Wazuh report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.