We performed a comparison between Coralogix and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Free ingestion for Azure logs (with E5 licence)"
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"Log aggregation and data connectors are the most valuable features."
"A non-tech person can easily get used to it."
"The solution offers very good convenience filtering."
"The initial setup is straightforward."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"The solution is easy to use and to start with."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"The rule engine is very easy to use — very flexible."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"There is a single dashboard that gives us a complete overview of what is happening around the globe."
"It helps us discover any threats with their alerts and tracking."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"The most valuable features are log monitoring, easy-to-fix issues, and problem-solving."
"The solution could improve the playbooks."
"We'd like to see more connectors."
"There is room for improvement in entity behavior and the integration site."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"I think the number one area of improvement for Sentinel would be the cost."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"We are invoiced according to the amount of data generated within each log."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Maybe they could make it more user-friendly."
"The user interface could be more intuitive and explanatory."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"The documentation of the tool could be improved"
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"From my experience, Coralogix has horrible Terraform providers."
"The solution should enhance its capabilities of UEBA and AI/ML tech modeling."
"The interface is very old. IBM should remake it into a more modern interface."
"I would like the rule creation interface to be much more user-friendly in the next release."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"There was some complexity in the initial setup due to bandwidth issues."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"In a future release, the solution could provide malware analysis."
Coralogix is ranked 26th in Log Management with 7 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Coralogix is rated 8.4, while IBM Security QRadar is rated 8.0. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Elastic Search, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Fortinet FortiSIEM. See our Coralogix vs. IBM Security QRadar report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.