We performed a comparison between Elastic Security and Security Onion based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Elastic is straightforward, easy to integrate, and highly customizable."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"ELK documentation is very good, so never needed to contact technical support."
"It's very stable and reliable."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The feature that we have found the most valuable is scalability."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The stability of the solution is good."
"Security Onion is the most mature solution in the market."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"We use Security Onion for internal vulnerability assessment."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Their visuals and graphs need to be better."
"This solution is very hard to implement."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"There isn't really a very good user experience. You need a lot of training."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"The initial setup of the solution is a little bit difficult."
"Security Onion's user interface could be improved."
"The product is not easy to learn."
Elastic Security is ranked 5th in Log Management with 59 reviews while Security Onion is ranked 33rd in Log Management with 3 reviews. Elastic Security is rated 7.6, while Security Onion is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Security Onion writes "A mature and affordable solution that is easy to install and easy to update". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Security Onion is most compared with Wazuh, Elastic Stack, TheHive, Splunk Enterprise Security and Grafana Loki. See our Elastic Security vs. Security Onion report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.