We performed a comparison between Elastic Security and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The main benefit is the ease of integration."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The scalability is good. It can be scaled easily in the production environment."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The most valuable feature is the speed, as it responds in a very short time."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"The most valuable feature is the ease of use for the end user."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"It supports high availability, which is very helpful."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The troubleshooting has room for improvement."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"There is room for improvement in entity behavior and the integration site."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The solution should allow for a streamlined CI/CD procedure."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"We'd like better premium support."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Email notification should be done the same way as Logentries does it."
"Their visuals and graphs need to be better."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"There are no multiple dashboards which would allow you to see information side-by-side."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"The only issue is the pricetag. SolarWinds is a costly solution."
More SolarWinds Security Event Manager Pricing and Cost Advice →
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 58 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. Elastic Security is rated 7.6, while SolarWinds Security Event Manager is rated 7.8. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Defender for Endpoint, IBM Security QRadar and CrowdStrike Falcon, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar and Microsoft Defender XDR. See our Elastic Security vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.