We performed a comparison between Grafana Loki and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"The log collection feature is good and the solution is easily understandable. v"
"The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events."
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The tool can be used in multi-cluster environments."
"I appreciate the capability to process logs from microservices and seamlessly integrate them into Grafana."
"The best feature of Grafana Loki is that it integrates well with our other tool."
"It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"I think it's a very stable product that provides much more visibility than the other product."
"The event collector, flow collector, PCAP and SOAR are valuable."
"We've found the technical support to be very good."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"The Docker container partition feature needs improvement as they do not reuse the space and goes into a pending state."
"We encountered certain limitations when it came to alerting, particularly when dealing with specific data sources."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"Visualization-wise, Grafana Loki's dashboard looks a little outdated compared to other open-source visualization tools like Chronograf."
"The solution's scalability depends on the team managing the Grafana instance."
"The solution has shortcomings regarding security monitoring-oriented features that need improvement."
"My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption."
"The product must improve its UI."
"We sometimes get an error about the hard drive. Approximately once in two months, we can't find the logs, and they go missing, which is a terrible issue. We are getting support for this issue from our support company."
"For the common needs of clients to fulfill requirements, a real integration with Blueworks Live (BPA modeling tool also from IBM) and a more suitable BPM on cloud solution for midsize customers."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"Certain updates—especially when using Azure—don't apply directly. Our engineering team must invest additional effort to implement these updates. However, the tool's cloud-based version poses no issues. However, upgrading the product can sometimes be challenging for on-premises instances."
"The initial setup was complex, and it took six months."
"I think that the search speed of this solution could be improved."
"The solution can be improved by lowering the cost and bettering their technical support."
Grafana Loki is ranked 13th in Log Management with 12 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Grafana Loki is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Grafana Loki writes "Effective for Logging, recovery from node failures is fast and single UI supports metrics, logs, and even tracing". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Grafana Loki is most compared with Graylog, Wazuh, syslog-ng, Splunk Enterprise Security and Fortinet FortiAnalyzer, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our Grafana Loki vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
