We performed a comparison between Logsign Next-Gen SIEM and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The pricing of the product is excellent."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"The MITRE ATT&CK correlation is most valuable."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"The product’s interface is intuitive."
"The main thing I like about it is that it has an EDR."
"The product is easy to customize."
"The tool is stable."
"It offers built-in modules for file integrity and vulnerability management."
"There is room for improvement in entity behavior and the integration site."
"The on-prem log sources still require a lot of development."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Some features, like alerting, are complex with Wazuh."
"It would be great if there could be customization for the decoder portion."
"Its configuration process is time-consuming."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
Logsign Next-Gen SIEM is ranked 44th in Log Management with 2 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Logsign Next-Gen SIEM is rated 7.6, while Wazuh is rated 7.4. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Logsign Next-Gen SIEM is most compared with Grafana Loki, IBM Security QRadar, Logpoint, ManageEngine EventLog Analyzer and Sematext Logs, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our Logsign Next-Gen SIEM vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.