Elastic SIEM Room for Improvement

reviewer1341687
Director of Engineering at a tech services company with 201-500 employees
The signature security needs improvement. If you compare this with CrowdStrike or Carbon Black, they can improve. View full review »
reviewer1393731
Consultant at a computer software company with 1,001-5,000 employees
There are sensors called beats that have to be installed on all of the client machines, and there are seven or eight of them. As it is now, each beat needs to be configured separately, which can be quite hectic if my client has 1000+ machines. It would take a considerable period of time for us to complete the installation. They have begun working on this in the form of agents, which is a centralized management tool wherein all beats will be installed in a single stroke. The training that is offered for Elastic is in need of improvement because there is no depth to it. It hardly takes 15 or 20 minutes to complete a training session that they say will take two hours to finish. Clearly, something is missing. If a new engineer wants to work with Elastic then it is really very hard for them to understand the technology. View full review »
reviewer1269834
I.T. Manager at a healthcare company with 51-200 employees
The biggest challenge has been related to the implementation. It's a very complex product which, without a lot of knowledge or a lot of training, it's very difficult to get into and make use of. They try and make a lot of the general features very simple to access; a lot of the dashboards are very simple to use and so forth, but a lot of the refined capabilities take serious skills. They're not necessarily the easiest to implement. View full review »
Find out what your peers are saying about Elastic, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: October 2020.
441,850 professionals have used our research since 2012.
reviewer1331592
CEO at a tech services company with 51-200 employees
This solution is very hard to implement. It is not a simple product but rather, it has many features and we need to understand all of them. For example, there is the analytics, the parser, and the visualizer, and setting them all up is a little bit complex. In the next release of this product, I would like to see SOAR automation features, similar to what Splunk Phantom has. View full review »
reviewer1247235
Cyber Security Consultant at a tech services company with 51-200 employees
The interface could be more user friendly because it is sometimes hard to deal with. The initial setup can be made easier. View full review »
Find out what your peers are saying about Elastic, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: October 2020.
441,850 professionals have used our research since 2012.