We just raised a $30M Series A: Read our story

Elastic SIEM Pros and Cons

Elastic SIEM Pros

JM
Director of Engineering at a tech services company with 201-500 employees
The most valuable features are the speed, detail, and visualization. It has the latest standards.
View full review »
SA
Consultant at a computer software company with 5,001-10,000 employees
It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast.
Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals.
View full review »
SA
Consultant at a computer software company with 5,001-10,000 employees
The most valuable feature is the speed, as it responds in a very short time.
View full review »
Learn what your peers think about Elastic SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,721 professionals have used our research since 2012.
TW
I.T. Manager at a healthcare company with 51-200 employees
Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted.
View full review »
JJ
CEO at a tech services company with 51-200 employees
The most valuable feature is the machine learning capability.
View full review »
KE
Cyber Security Consultant at a tech services company with 51-200 employees
The performance is good and it is faster than IBM QRadar.
View full review »

Elastic SIEM Cons

JM
Director of Engineering at a tech services company with 201-500 employees
If you compare this with CrowdStrike or Carbon Black, they can improve.
View full review »
SA
Consultant at a computer software company with 5,001-10,000 employees
There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM.
Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price.
View full review »
SA
Consultant at a computer software company with 5,001-10,000 employees
The training that is offered for Elastic is in need of improvement because there is no depth to it.
View full review »
Learn what your peers think about Elastic SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,721 professionals have used our research since 2012.
TW
I.T. Manager at a healthcare company with 51-200 employees
The biggest challenge has been related to the implementation.
View full review »
JJ
CEO at a tech services company with 51-200 employees
This solution is very hard to implement.
View full review »
KE
Cyber Security Consultant at a tech services company with 51-200 employees
The interface could be more user friendly because it is sometimes hard to deal with.
View full review »
Learn what your peers think about Elastic SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,721 professionals have used our research since 2012.