• Home
  • Elastic Observability vs. Wazuh

Elastic Observability vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Elastic Logo

Elastic Observability

Read 22 Elastic Observability reviews
4,098 views|3,420 comparisons
90% willing to recommend
Wazuh Logo

Wazuh

Read 38 Wazuh reviews
38,296 views|20,629 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Observability vs. Wazuh
April 2024
Executive Summary

We performed a comparison between Elastic Observability and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Observability vs. Wazuh Report (Updated: April 2024).
Download the complete report
768,924 professionals have used our research since 2012.
Featured Review
Jherzon Nava
An affordable solution with the text search feature, but its retrieval of logs and metrics from all the instances...
Elastic Observability didn't help our organization because it was simpler for us to configure other tools, including Dynatrace and Grafana.
Usman Arif
Transforming security features with notable vulnerability reduction and comprehensive compliance
Before the deployment of Wazuh, we faced challenges related to vulnerability management and version change history. Vulnerabilities often went... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution allows us to dig deep into data.""Elastic APM has plenty of features, such as the Elastic server for Kibana and many additional plugins. It's a comprehensive tool when used as a logging platform.""The product has connectors to many services.""The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes.""It has always been a stable solution.""It is a powerful tool that allows users to collect and transform logs as needed, enabling flexible visualization and analysis.""We can view and connect different sources to the dashboard using it.""The solution has been stable in our usage."

More Elastic Observability Pros →

"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company.""The product is easy to customize.""The configuration assessment and Pile integrity monitoring features are decent.""It's stable.""I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch.""It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.""Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms.""Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."

More Wazuh Pros →

Cons
"Elastic Observability needs to have better standardization, logging, and schema.""In the future, Elastic APM needs a portfolio iTool. They can provide an easy way to develop the custom UI for Kibana.""Elastic Observability needs to improve the retrieval of logs and metrics from all the instances.""More web features could be added to the product.""If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful.""The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages.""There is room for improvement regarding its APM capabilities.""The interface could be improved."

More Elastic Observability Cons →

"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality.""The only challenge we faced with Wazuh was the lack of direct support.""Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage.""We would like to see more improvements on the cloud.""I have yet to find the same capability in Wazuh to get logs from different sources into the system""The implementation is very complex.""The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement.""Its configuration process is time-consuming."

More Wazuh Cons →

Pricing and Cost Advice
  • "So far, there are just the standard licensing fees. Several of the components are embedded in the license or are even open source. They're even free depending on what you use, which makes it even more appealing to someone that is discussing pricing of the solution."
  • "There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."
  • "Pricing is one of those situations where the more you use it, the more you pay."
  • "The price of Elastic Observability is expensive."
  • "Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."
  • "One needs to pay for the licenses, and it is an annual subscription model right now."
  • "Since we are a huge company, Elastic Observability is an affordable solution for us."
  • "We will buy a premium license after POC."

    • More Elastic Observability Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    768,924 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Elastic Observability?
    Top Answer:Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning… more »
    Read all 16 answers   →
    What is your experience regarding pricing and costs for Elastic Observabi...
    Top Answer:I rate the pricing a five out of ten. The product is not that cheap.
    Read all 12 answers   →
    What needs improvement with Elastic Observability?
    Top Answer:The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration… more »
    Read all 16 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
    Read all 26 answers   →
    Ranking
    13th
    out of 95 in Log Management
    Views
    4,098
    Comparisons
    3,420
    Reviews
    16
    Average Words per Review
    445
    Rating
    7.9
    3rd
    out of 95 in Log Management
    Views
    38,296
    Comparisons
    20,629
    Reviews
    32
    Average Words per Review
    478
    Rating
    7.5
    Comparisons
    Learn More
    Elastic
    Wazuh
    Overview
    To effectively monitor and gain insights across your distributed systems, you need to have all your observability data in one stack. Break down silos by bringing together application, infrastructure, and user data into a unified solution for end-to-end observability and alerting.
    Rely on the most widely deployed observability platform available, built on the proven Elastic Stack (also known as the ELK Stack) to converge silos, delivering unified visibility and actionable insights.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Manufacturing Company18%
    Healthcare Company9%
    Insurance Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company8%
    Healthcare Company6%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider9%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise67%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise20%
    Large Enterprise48%
    Buyer's Guide
    Elastic Observability vs. Wazuh
    April 2024
    Free Report: Elastic Observability vs. Wazuh
    Find out what your peers are saying about Elastic Observability vs. Wazuh and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    768,924 professionals have used our research since 2012.

    Elastic Observability is ranked 13th in Log Management with 22 reviews while Wazuh is ranked 3rd in Log Management with 38 reviews. Elastic Observability is rated 7.8, while Wazuh is rated 7.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our Elastic Observability vs. Wazuh report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.