We performed a comparison between SolarWinds Security Event Manager and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI of Sentinel is very good and easy to use, even for beginners."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The initial setup is very simple and straightforward."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"SolarWinds Security Event Manager has been generally working well."
"This tool is simple to use."
"SolarWinds is easy to configure, and it provides timely alerts."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The most valuable feature is the ease of use for the end user."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"The most valuable feature is the reporting."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Its cost-effectiveness is the most valuable aspect."
"The main thing I like about it is that it has an EDR."
"The tool is stable."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"There is room for improvement in entity behavior and the integration site."
"The solution could be more user-friendly; some query languages are required to operate it."
"I think the number one area of improvement for Sentinel would be the cost."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"We'd like to see more connectors."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"I would like to have a more customizable dashboard."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"Its configuration process is time-consuming."
"Some features, like alerting, are complex with Wazuh."
"There could be a hardware monitoring tool for the solution."
"The deployment is a bit complex."
"It would be great if there could be customization for the decoder portion."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. SolarWinds Security Event Manager is rated 7.8, while Wazuh is rated 7.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our SolarWinds Security Event Manager vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.