We performed a comparison between Elastic Security and IBM SevOne Network Performance Management (NPM) based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The most valuable feature is the speed, as it responds in a very short time."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"The cost is reasonable. It's not overly pricey."
"The automation feature is good because if your CMDB is OK and it is already in sync, then the automation part is good to go."
"We've had great feedback from our customers about SevOne support. They're willing to set up a remote session upon request. You have to go through three tiers of support with most vendors, and they ask a lot of screening questions before they will do a remote session. You need to spend a lot of time before an engineer will host a remote session to look at your problematic system."
"We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"The network data collection has been very flexible for us. It's been thorough in areas that were lacking. They have a team that I've worked with to add other pieces to it. So if it's missing something out of the box, they work with me to add it. I was able to collect that data. It's not perfect, but it's pretty thorough."
"We find that the reporting is particularly valuable in terms of not only communicating with our peer teams but also with the executives."
"With this tool it is interesting to show the info to the client and explain where the traffic is."
"Another useful feature is that SevOne gives you real-time insights into your network performance. It polls every five minutes. That is important for our customers because there are some network teams that are always monitoring their networks."
"It also gives us the closest thing to real-time insight into network performance that we have, with just a 10-second delay. It's very important for us to know the health of the infrastructure very quickly."
"Sometimes, the solution isn't the easiest to use."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"It could use maybe a little more on the Linux side."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"Software upgrades can be tricky is not easy."
"Some similar solutions offer end-to-end visibility."
"I'm not really sure if this was the software's fault or a server issue, but a couple of years back the disks were failing on our SevOne physical server every month and the server would go down. The secondary server took over from the primary until the disk issue was resolved. That was annoying."
"The method of searching for SIP and the way to create the groups."
"There is no service mode setup in this monitoring tool if you want to snooze alerts for any specific amount of time, to account for any activity change or major incident."
"Their virtualization solution is not compatible with our Kubernetes environment, which is one of the reasons we are ending our relationship with them."
"We need to be thinking about streaming telemetry protocols. They already have the port for enhanced visualization, which they already have through Data Insight."
"One area that requires a little bit of improvement is the topology of visualization and being able to map out connections, end-to-end. It's able to do that, but it's not as impressive as we would like it to be. We would like to understand the different interface types and the connection points better, through the visualization. Heatmaps also need further development."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
Elastic Security is ranked 5th in Log Management with 58 reviews while IBM SevOne Network Performance Management (NPM) is ranked 32nd in Log Management with 52 reviews. Elastic Security is rated 7.6, while IBM SevOne Network Performance Management (NPM) is rated 8.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas IBM SevOne Network Performance Management (NPM) is most compared with Instana Infrastructure Monitoring, LogicMonitor, SolarWinds NPM, Splunk Enterprise Security and NETSCOUT nGeniusONE. See our Elastic Security vs. IBM SevOne Network Performance Management (NPM) report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.