We performed a comparison between Google Cloud's operations suite (formerly Stackdriver), IBM Security QRadar, and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The cloud login enables us to get our logs from the different platforms that we currently use."
"Provides visibility into the performance uptime."
"The features that I have found most valuable are its graphs - if I need any statistics, in Kubernetes or Kong level or VPN level, I can quickly get the reports."
"The most valuable feature is the multi-cloud integration, where there is support for both GCP and AWS."
"It's easy to use."
"Our company has a corporate account for Google Cloud and so our systems and clusters integrate really well."
"We find the solution to be stable."
"Google's technical support is very good."
More Google Cloud's operations suite (formerly Stackdriver) Pros →
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"I like the graphical interface. It's so good and easy."
"The most valuable feature is the integration with the GRD, for banking."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"It's built around Red Hat Linux, which is highly robust."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"File integrity monitoring is a very important function."
"This is a very easy-to-use interface with a quick ramp-up time."
"The most valuable feature is the predefined reports for PCI compliance."
"The product provides minimal metrics that are insufficient."
"If I want to track any round-trip or breakdowns of my response times, I'm not able to get it. My request goes through various levels of the Google Cloud Platform (GCP) and comes back to my client machine. Suppose that my request has taken 10 seconds overall, so if I want to break it down, to see where the delay is happening within my architecture, I am not able to find that out using Stackdriver."
"This solution could be improved if it offered the ability to analyze charts, such as a solution like Kibana."
"Lacking sufficient operations documentation."
"It could be even more automated."
"It is difficult to estimate in advance how much something is going to cost."
"The logging functionality could be better."
"While we are satisfied with the overall performance, in certain cases we must add additional metrics and additional tools like Grafana and Dynatrace."
More Google Cloud's operations suite (formerly Stackdriver) Cons →
"There could be better integration with the solution."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"Some of the cloud apps need improvement."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"The usability of interfaces could be improved."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"QRadar needs to be more specialized, along the lines of what other SIEM solutions are."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"The correlation suite needs to be improved."
More Google Cloud's operations suite (formerly Stackdriver) Pricing and Cost Advice →