Try our new research platform with insights from 80,000+ expert users

Elastic Security vs FileAudit comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Log Management
7th
Ranking in Security Information and Event Management (SIEM)
5th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
FileAudit
Ranking in Log Management
43rd
Ranking in Security Information and Event Management (SIEM)
44th
Average Rating
9.0
Reviews Sentiment
7.3
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 6.6%, down from 9.4% compared to the previous year. The mindshare of FileAudit is 0.1%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.
AntoSebastin - PeerSpot reviewer
A scalable SIEM solution for monitoring a user's activity in the file server
The most valuable features of the solution are its quick and simple features related to advanced permissions for files, allowing for what permission needs to be granted to the users when it comes to the monitoring folder in the solution. If someone who has been denied permission to use a particular folder tries to go to that folder, then the administrator gets a notification. In general, the administrator can easily gather and maintain records if a person who has been denied permission to a particular confidential folder tries to access it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The most valuable feature for me is Discover."
"Elastic Security is very easy to adapt."
"It's not very complicated to install Elastic."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"It is a good and stable solution...It is a scalable solution."
"Our customer acquires the complete report which is kept for future auditing purposes."
"Alerting upon file changes is the most valuable aspect of the product."
 

Cons

"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks."
"Whenever someone cuts and paste, it shows as "file is deleted"."
"The updates management and central management console could be improved."
 

Pricing and Cost Advice

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"The solution is not expensive and costs around ten dollars a month."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"Elastic Security is free to use."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"The solution is free."
"FileAudit provides a trial license for 30 days, and after that, customers can choose between perpetual licensing or the annual-based licensing option offered by FileAudit."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
University
7%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Elastic Security is considered cost-effective, especially at lower EPS levels. However, a direct comparison was not made due to different pricing structures.
What do you like most about FileAudit?
It is a good and stable solution...It is a scalable solution.
What needs improvement with FileAudit?
The DLP function, including installation of the agent on the workstation and controlling the DLP restrictions, are areas where the product lacks. It would be great if the aforementioned details wer...
What is your primary use case for FileAudit?
My company uses FileAudit as an SIEM solution, and it is used for monitoring the file server activity to find out what users did in the file server, which may include modifying the file, deleting i...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
CommuniCare Health Centre, DP World, BAE Systems, Moet Hennessy, Ernst & Young, Honda, Volswagon, VTech, GlakoSmithKline, Lockheed Martin, US Navy, University of Alabama, Ministry of Interior Saudi Arabia, Total
Find out what your peers are saying about Elastic Security vs. FileAudit and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.