We performed a comparison between IBM Security QRadar, Splunk Enterprise Security, and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."It has improved comprehensive visibility for what is going on in the perimeters, and on the inside, as well."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"We run 65 servers globally with just two people: an engineering person and me."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"The product provides a complete platform for ingesting the log, doing the correlations and handling the runtime."
"Senses, tracks, and links significant incidents and threats."
"The solution is easy to use, manage, and review all incidents."
"Splunk Enterprise Security helped us with faster detection of threats."
"The speed of the search engine"
"It scales better in the cloud than on-premise."
"The solution allows easy gathering and ingestion of the data."
"The most valuable feature is that it's very good for log aggregation."
"The product has a good security posture."
"The product is adept at log mining."
"The initial setup is pretty straightforward."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"What I like is that you can have different storage locations for different applications."
"I like the interface."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"The most valuable feature is server virtualization. It's been very useful."
"It allows us to gain a comprehensive overview of our infrastructure."
"It is very scalable and can handle a large workload."
"It is a highly stable solution...It is a highly scalable solution."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"The technical support can be improved a little bit, and the price could be cheaper."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"IBM QRadar could improve the plugins and threat detection."
"There should be an extension where we can get the reports. This could be an extension to the dashboard with the Guardian or another product with limited technology, for example IPS. Now, we only have IBM. Basically, it needs more and more integration models."
"You can scale IBM QRadar User Behavior Analytics, but it has room for improvement."
"The solution is expensive compared to other products."
"Their technical support is not good. We opened a lot of cases and from my experience, they are not complicated issues but it takes forever to get an answer."
"Sometimes, there is latency in the logs."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
"I would like to see more SIEM functionality and a better ticket tool."
"DMC should be a little more intuitive with better dashboarding. Seeing the cause of data flow can be tough to track down."
"The configuration could be better."
"This is a costly solution."
"An improved user interface along with multi-tenancy support would be beneficial."
"We do have to educate developers on how to not blow it up. It is a little to easy to write an expensive query and overly stress the system. This could be improved."
"In vRealize login files, we have limitations regarding log partitions."
"They should improve their web interface to make it more user-friendly."
"The solution isn't user-friendly for admins."
"The product's price falls on the higher end of the spectrum, making it an area of concern."
"The tool is expensive."
"The tool does not provide a centralized pane for monitoring."
"Log retention should have more options for user control."
"Integration with other vendors is something that could be improved, they could add more vendors."
More VMware Aria Operations for Logs Pricing and Cost Advice →