We performed a comparison between IBM Security QRadar, Quest InTrust, and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."This solution provides me with various alarms, and I have found security issues with some of my other products."
"The UBA feature is the most valuable because you can see everything about users' activities."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"The QNI feature is the one I am very interested in, and I have also been interested in Watson. From the log analysis and the security perspective, we are able to dive deep into any of the logs and anomalies."
"We run 65 servers globally with just two people: an engineering person and me."
"I think the QDI is very good."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"Improved our organization's TCO."
"I would rate the technical support very well as they are knowledgeable and quick to respond."
"The setup and installation are very easy."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"The system's management and its alerts are the most valuable aspects of the solution."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"It allows us to gain a comprehensive overview of our infrastructure."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"What I like is that you can have different storage locations for different applications."
"The virtualization solution supports data center virtualization, network and security."
"Do your research before implementing it, because it is tough to implement."
"I have also been working with other SIEM solutions, and I have observed that they have extensive Linux-based and Unix-based integrations. They have been able to support some of the Linux-based agents, which is useful to investigate and process the information on the Linux and Unix side."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"Some of the cloud apps need improvement."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"There are reports that I would like to generate that are either not included, or I cannot find."
"IBM QRadar User Behavior Analytics is good, but I think the functionality should be much more integrated. You should have easy access to the artifacts if you are doing a particular investigation. It's good, but other team solutions like LogRhythm are actually merging the functionality. So, I think that is something IBM can work on."
"Technical support is good, but not great."
"It needs to have better reporting. "
"It was very complex. There was poor native correlation. "
"The solution isn't user-friendly for admins."
"The solution should be more user-friendly. The user interface and dashboard could be simplified."
"Log retention should have more options for user control."
"Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that."
"The monitoring landscape is getting bigger. When it comes to infrastructure monitoring, we need more visibility. VMware needs to integrate more related applications and third-party products. That would make it more appealing to an audience beyond the VMware team."
"Documentation is lacking, including some guide as to how to use the expressions. It is not clear how to look for a log, for example. Some examples in the documentation might be helpful. I think that VMware had good documentation, but it's no longer hosted. The documentation is not as easy to understand as it was before."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"It's great for VMware, but it would be good if they had third-party logins."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Earn 20 points