We performed a comparison between IBM Security QRadar and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The event collector, flow collector, PCAP and SOAR are valuable."
"QRadar has somewhat of a new structure recently from last gen. They have moved from the standard UI based infrastructure."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"Integration is very easy and the reporting is good."
"It is a pretty solid product for the type that it is representing. It is a CM solution as compared to Splunk or ArcSight from HP. It is also user friendly. It comes with some internal AI as well, in which it automatically maps multiple lots from unrelated devices and makes a smart decision to link them back and create an offense based on that. It is a smart tool."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"It is a scalable solution."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"The system's management and its alerts are the most valuable aspects of the solution."
"The most valuable feature is server virtualization. It's been very useful."
"The tool helps my company deal with security and log analysis, which are very important areas for us...It is a scalable solution."
"The interface of the solution is good."
"What I like is that you can have different storage locations for different applications."
"The implementation of the solution's technology needs to be simplified."
"Whenever we are upgrading or installing any type of patch, at that time we have some delays."
"I would like for Yara to be supported by all components."
"I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side."
"There are reports that I would like to generate that are either not included, or I cannot find."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"The dashboard is pathetic and it takes a long time to perform a search."
"This solution is on-premise and many customers are moving to the cloud base solution."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"The pricing of the solution could be improved."
"The tool is expensive."
"Integration with other vendors is something that could be improved, they could add more vendors."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
"Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that."
More VMware Aria Operations for Logs Pricing and Cost Advice →
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. IBM Security QRadar is rated 8.0, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and Wazuh. See our IBM Security QRadar vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.