We performed a comparison between Elastic Security and Security Onion based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The performance is good and it is faster than IBM QRadar."
"The cost is reasonable. It's not overly pricey."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"It's open-source and free to use."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion is the most mature solution in the market."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"Better integration with third-party APMs would be really good."
"The tool should improve its scalability."
"The solution could offer better reporting features."
"This solution is very hard to implement."
"The initial setup of the solution is a little bit difficult."
"The product is not easy to learn."
"Security Onion's user interface could be improved."
Elastic Security is ranked 5th in Log Management with 59 reviews while Security Onion is ranked 33rd in Log Management with 3 reviews. Elastic Security is rated 7.6, while Security Onion is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Splunk Enterprise Security and Grafana Loki. See our Elastic Security vs. Security Onion report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.