We performed a comparison between Elastic Security and Security Onion based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The visualization is very good."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"Security Onion is the most mature solution in the market."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"The solution's query building is not that intuitive compared to other solutions."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"Security Onion's user interface could be improved."
"The initial setup of the solution is a little bit difficult."
"The product is not easy to learn."
Elastic Security is ranked 5th in Log Management with 59 reviews while Security Onion is ranked 33rd in Log Management with 3 reviews. Elastic Security is rated 7.6, while Security Onion is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Splunk Enterprise Security and Grafana Loki. See our Elastic Security vs. Security Onion report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.