We performed a comparison between SolarWinds Security Event Manager and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"It has basic out-of-the-box integrations with multiple log sources."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The features that stand out are the detection engine and its integration with multiple data sources."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The initial setup is very simple and straightforward."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"This tool is simple to use."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"SolarWinds is easy to configure, and it provides timely alerts."
"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."
"The most valuable features are the modules and metrics."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"It has efficient SCA capabilities."
"The MITRE ATT&CK correlation is most valuable."
"The product is easy to customize."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"I like that the solution is on top of the Kubernetes stack."
"The tool is stable."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The solution should allow for a streamlined CI/CD procedure."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"I would like to have a more customizable dashboard."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"The only issue is the pricetag. SolarWinds is a costly solution."
"It can be difficult for users who are inexperienced with the solution."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"While it is scalable, it can suffer from reduced latencies."
"Since it's an open-source tool, scalability is the main issue."
"The computing resources are consuming and do not make sense."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"A lack of certain features creates limitations."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. SolarWinds Security Event Manager is rated 7.8, while Wazuh is rated 7.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our SolarWinds Security Event Manager vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.