We performed a comparison between Exabeam Fusion SIEM and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The initial setup is very simple and straightforward."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The Log analytics are useful."
"The advanced analytics has a really great overview of user behavior."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The solution's initial setup process is easy."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"It's a very user-friendly product and it's a very comprehensive technology."
"Timeline based analysis; good platform support"
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The setup is not difficult. It was easy."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"The deployment is easy and they provide very good documentation."
"The product is easy to customize."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"It is a stable solution."
"The MITRE ATT&CK correlation is most valuable."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"They should provide detailed information about detecting phishing emails."
"The only problem is that the UI is not very impressive."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"We still have questions surrounding hardware deployment."
"I believe if it were more flexible it would be a better product."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The organzation is rigid and not flexible in the way they operate"
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"Integration with Vyara could be better."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The computing resources are consuming and do not make sense."
Exabeam Fusion SIEM is ranked 31st in Log Management with 10 reviews while Wazuh is ranked 3rd in Log Management with 38 reviews. Exabeam Fusion SIEM is rated 8.0, while Wazuh is rated 7.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Gurucul UEBA, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our Exabeam Fusion SIEM vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.