Try our new research platform with insights from 80,000+ expert users

Elastic Observability vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.1
Elastic Observability enhances cost-effectiveness, reduces incidents, and improves efficiency, yielding significant time savings and operational benefits.
Sentiment score
3.5
Wazuh offers rapid detection and response, reducing costs and ensuring high ROI for small to medium businesses without security compromises.
 

Customer Service

Sentiment score
7.7
Elastic Observability's support is praised for prompt, efficient service and effective community-driven insights, enhancing overall user experience.
Sentiment score
4.3
Wazuh's support is praised, but response times vary; satisfaction ranges from 7 to 9 out of 10.
There is no dedicated technical support for Wazuh as it is open source.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
We use the open-source version of Wazuh, which does not provide paid support.
 

Scalability Issues

Sentiment score
7.1
Elastic Observability is efficiently scalable, with performance stability across varying team sizes, influenced by subscription level and infrastructure.
Sentiment score
7.4
Wazuh is scalable and adaptable but requires technical expertise for setup and may struggle with massive data handling.
Elastic Observability seems to have a good scale-out capability.
What is not scalable for us is not on Elastic's side.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
 

Stability Issues

Sentiment score
8.2
Elastic Observability is praised for its robust and stable performance, efficiently handling large data volumes across industries.
Sentiment score
7.0
Wazuh is generally stable and reliable for small to mid-level businesses, though updates and configuration errors can cause issues.
It is very stable, and I would rate it ten out of ten based on my interaction with it.
Elastic Observability is really stable.
The stability of Wazuh is largely dependent on maintenance.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
 

Room For Improvement

Elastic Observability needs better licensing, visualization, automation, integration, pricing, AI features, customization, and support for observability and cost transparency.
Wazuh needs scalability, user interface improvements, better AI, cloud integration, Unix support, and efficient threat detection features.
It lacked some capabilities when handling on-prem devices, like network observability, package flow analysis, and device performance data on the infrastructure side.
One example is the inability to monitor very old databases with the newest version.
Elastic Observability could improve asset discovery as the current requirement to push the agent is not ideal.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
An issue I noticed is with tag values in certain rules not functioning properly.
There is room for improvement by integrating more AI into Wazuh.
 

Setup Cost

Elastic Observability offers competitive pricing with variable costs, favoring enterprises over startups, requiring premiums for advanced features.
Wazuh provides cost-effective, open-source security with free software but may incur costs for support, storage, and Wazuh Cloud enhancements.
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing.
The license is reasonably priced, however, the VMs where we host the solution are extremely expensive, making the overall cost in the public cloud high.
Totaling around two lakh Indian rupees per month.
Since Wazuh is open source, the pricing for support could be applicable to medium-sized companies without much issue.
 

Valuable Features

Elastic Observability offers scalable logging, seamless integrations, real-time visualization, and enhances system performance with a user-friendly, open-source model.
Wazuh provides comprehensive security features, scalability, and cost-effectiveness, supporting diverse environments and regulatory compliance with strong community support.
The most valuable feature is the integrated platform that allows customers to start from observability and expand into other areas like security, EDR solutions, etc.
the most valued feature of Elastic is its log analytics capabilities.
All the features that we use, such as monitoring, dashboarding, reporting, the possibility of alerting, and the way we index the data, are important.
Wazuh is a SIEM tool that is highly customizable and versatile.
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs.
We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh.
 

Categories and Ranking

Elastic Observability
Ranking in Log Management
15th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
26
Ranking in other categories
Application Performance Monitoring (APM) and Observability (7th), IT Infrastructure Monitoring (8th), Container Monitoring (4th), Cloud Monitoring Software (7th)
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of March 2025, in the Log Management category, the mindshare of Elastic Observability is 1.6%, down from 2.2% compared to the previous year. The mindshare of Wazuh is 15.0%, up from 14.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Adelina Craciun - PeerSpot reviewer
Customization enables tailored monitoring and alerting across departments
The possibility to customize it has been quite useful. Whatever the other departments want to dream up, we implement. Whatever they want to monitor, the granularity of it, the changes in the threshold, and the anomalies that they want reported all require some development. So far, every single request has been fulfilled.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
842,296 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Elastic Observability?
Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning...
What is your experience regarding pricing and costs for Elastic Observability?
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing. However, sizing and licensing information could be clearer.
What needs improvement with Elastic Observability?
Of course, maintenance is necessary, as with any software, requiring updates with the latest features and security enhancements. It lacked some capabilities when handling on-prem devices, like netw...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

 

Sample Customers

PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
Information Not Available
Find out what your peers are saying about Elastic Observability vs. Wazuh and other solutions. Updated: March 2025.
842,296 professionals have used our research since 2012.