We performed a comparison between Elastic Security and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product can integrate with any device."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"We've found the initial setup to be quite straightforward."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"I like the indexing of the logs."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The performance is good and it is faster than IBM QRadar."
"File integrity monitoring is a very important function."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"The most valuable feature is the predefined reports for PCI compliance."
"This is a very easy-to-use interface with a quick ramp-up time."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"The interface could be more user friendly because it is sometimes hard to deal with."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"It could use maybe a little more on the Linux side."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"Technical support could respond faster."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
"The correlation suite needs to be improved."
Elastic Security is ranked 5th in Log Management with 58 reviews while NNT Log Tracker Enterprise is ranked 45th in Log Management with 4 reviews. Elastic Security is rated 7.6, while NNT Log Tracker Enterprise is rated 8.2. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Defender for Endpoint, IBM Security QRadar and CrowdStrike Falcon, whereas NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response. See our Elastic Security vs. NNT Log Tracker Enterprise report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
