We performed a comparison between IBM Security QRadar and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."It'll get you from point A to B."
"It showed us where weaknesses were in our environment, so we could actively target those patches first."
"The UBA feature is the most valuable because you can see everything about users' activities."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"It can analyze event logs, event security, and give a good consult."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"IBM Qradar's ability to simplify the number of events, not only on a technical level but by making that information easy to pan through the orchestration deduplication. It is very impressive given that we have hundreds of devices that send event logs through."
"Integration is very easy and the reporting is good."
"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software."
"We use it to monitor and manage our servers."
"It's a very reliable platform and we've never had any issues regarding the scalability or the stability of Zabbix."
"Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product."
"The most valuable features are the monitoring and the ease with which we can set it up at customer sites with our custom Zabbix proxy and tools."
"The level of discovery-based configuration that lets us auto-configure the monitoring for various systems is a valuable feature."
"The calculations part is the most valuable."
"It has an intuitive UI with beautiful graphs and customizable maps."
"There could be better integration with the solution."
"The only challenge with products like IBM is the EPS. You just have to be really on the events per second, as that's where the cost factor becomes a huge issue."
"The solution lacks vendor support."
"I would like to see a better GUI."
"I would like the rule creation interface to be much more user-friendly in the next release."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"IBM Qradar could improve the reporting. The tool is not designed to report. It's a great operational monitoring tool. You put it on a screen and you watch it. If you want to have analytics out of it, that's a whole different story. You're going to need more people and tools. What should be added is reporting and integration into Power BI, into some capability that produces analytical reports from the source data. IBM does not seem to care to add these features."
"I would like to see a more flexible mobile client, and better HA out of the box."
"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."
"The reports are not great and should be improved."
"Its UI should be improved. They did some improvements in version 5, but it could benefit from some more work. Its integrations should also be improved. They've been active for one year, and they seem to have noticed that. It has new integrations, but it could benefit from more integrations. As far as I know, there is no model to push statistics, metrics, or events towards Zabbix. This type of API isn't yet there, whereas some other tools provide an API for this."
"The stability could be better."
"It would be helpful if they translated the documentation to Cyrillic languages."
"The performance reporting could be improved."
"I think the reporting part of Zabbix can be improved in terms of more user-friendly graphics to display the collected data. Many simple users who don't know how to use Zabbix properly might get confused by the reporting, although at the same time it is very versatile for my company."
IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. IBM Security QRadar is rated 8.0, while Zabbix is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.