Elastic Security vs syslog-ng comparison

Elastic and One Identity are both solutions in the Log Management category. Elastic is ranked #5 with an average rating of 7.7, while One Identity is ranked #15 with an average rating of 8.6. Elastic holds a 4.8% mindshare in LM, compared to One Identity’s 3.1% mindshare. Additionally, 85% of Elastic users are willing to recommend the solution, compared to 100% of One Identity users who would recommend it.

Elastic Security

Read 62 Elastic Security reviews

10,239 Views
8,567 Comparison Views

85% willing to recommend

syslog-ng

Read 5 syslog-ng reviews

4,522 Views
3,585 Comparison Views

100% willing to recommend

Elastic Security

syslog-ng

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

Elastic Security and syslog-ng compete in the operational security category. Elastic Security seems to have the upper hand due to its robust security framework and advanced analytical features.

Features: Elastic Security provides advanced threat detection, a wide range of integration capabilities, and a comprehensive security framework. Syslog-ng focuses on effective log collection, high-performance data filtering, and efficient data processing.

Room for Improvement: Elastic Security could enhance scalability, reduce its resource-heavy nature, and improve performance optimization. Syslog-ng could benefit from more user-friendly settings, enhanced support documentation, and improved user accessibility.

Ease of Deployment and Customer Service: Elastic Security requires significant deployment effort, often involving technical expertise and time, whereas syslog-ng offers a quicker setup but lacks robust customer support.

Pricing and ROI: Elastic Security is considered expensive, with mixed views on ROI due to its comprehensive features. Syslog-ng is generally viewed as cost-effective, providing a good balance between cost and functionality.

To learn more, read our detailed Elastic Security vs. syslog-ng Report (Updated: December 2024).

Buyer's Guide

Elastic Security vs. syslog-ng

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Elastic Security

Ranking in Log Management

5th

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)

syslog-ng

Ranking in Log Management

15th

Average Rating

8.6

Reviews Sentiment

6.3

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of December 2024, in the Log Management category, the mindshare of Elastic Security is 4.8%, down from 7.7% compared to the previous year. The mindshare of syslog-ng is 3.1%, up from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management

Featured Reviews

Gajewski Marek

Chief Technology Officer & Co-founder at CS2

Provides good anomaly detection and connectivity reporting

We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.

Read full review

RyanVargas

Senior Director and Senior Systems Engineer (Dual Role), IT Infrastructure and Security at a financial services firm with 51-200 employees

It's a user-friendly open-source solution that can replace or augment a commercial product in some cases

I rate syslog-ng 10 out of 10. It's free and easy to use. It has built-in tools that help us index the various logs sent to it. It's a solid log product. If you're looking for a SIEM solution, syslog-ng will work as a stopgap measure at beginning of the project. It can also work as an injector for a true SIEM solution. You can send all the logs to syslog-ng and forward all the data to the SIEM solution after you've cleaned up the data and got the pertinent information. It's a good front end for a commercial SIEM solution, which becomes more expensive as you load more data into it. I would highly recommend syslog-ng for that use case. However, if you lack the expertise, you might need to go with a cloud-based SIEM instead. You need some in-house expertise or an outside consultant to manage it and set it up.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of Elastic Security are it is open-source and provides a high level of security."

"It's not very complicated to install Elastic."

"The cost is reasonable. It's not overly pricey."

"Elastic Security makes data communication easier."

"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."

"The most valuable feature is the ability to collect authentication information from service providers."

"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."

"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."

More Elastic Security pros

"Syslog-ng has a separate config file in addition to the core configuration."

"The ability to extract and store the logs is the most valuable feature of syslog-ng."

"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."

"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."

"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."

Cons

"Elastic Security could improve the documentation. It would help if they were more simple and clean."

"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."

"The solution's query building is not that intuitive compared to other solutions."

"Email notification should be done the same way as Logentries does it."

"This solution is very hard to implement."

"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."

"The training that is offered for Elastic is in need of improvement because there is no depth to it."

"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."

More Elastic Security cons

"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."

"The filtering has room for improvement."

"There is always the potential for additional integration and protocol extensions."

"There is room for improvement in terms of observability."

"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."

Pricing and Cost Advice

"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."

"There is no charge for using the open-source version."

"Elastic Stack is an open-source tool. You don't have to pay anything for the components."

"The product offers an amazing pricing structure. Price-wise, the product is very competitive."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."

More Elastic Security pricing and cost advice

"Syslog-ng is a free open-source solution."

"Syslog-ng is open-source."

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

10%

University

Computer Software Company

13%

Government

13%

Financial Services Firm

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

Elastic Security is cost-effective compared to Defender and CrowdStrike. The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building...

See all answers

What do you like most about syslog-ng?

For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior.

See all answers

What is your experience regarding pricing and costs for syslog-ng?

The pricing is in the middle. I would rate the pricing a six out of ten, with one being expensive and ten being cheap.

See all answers

What needs improvement with syslog-ng?

There is room for improvement in terms of observability. Additionally, a possible new feature could be Kafka integration.

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 31% of the time

CrowdStrike Falcon vs Elastic Security

Compared 8% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Microsoft Sentinel vs Elastic Security

Compared 6% of the time

Splunk Enterprise Security vs Elastic Security

Compared 6% of the time

More Elastic Security Competitors

SolarWinds Kiwi Syslog Server vs syslog-ng

Compared 32% of the time

Graylog vs syslog-ng

Compared 24% of the time

Grafana Loki vs syslog-ng

Compared 16% of the time

Elastic Stack vs syslog-ng

Compared 5% of the time

IBM Security QRadar vs syslog-ng

Compared 2% of the time

More syslog-ng Competitors

Product Reports

Buyer's Guide

Elastic Security

December 2024

Download Elastic Security product report

Buyer's Guide

Log Management

December 2024

Download syslog-ng product report

Also Known As

Elastic SIEM, ELK Logstash

No data available

Learn More

Elastic

One Identity

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.

Rapid search and troubleshooting
With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.

Meeting compliance requirements
syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance.

Big data ingestion
syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others.

Universal log collection and routing
syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management.

Secure data archive
syslog-ng Store Box provides automated archiving, tamper-proof encrypted storage, granular access controls to protect log data. The largest appliance can store up to 10TB of raw logs.

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Tecnocom, University of Victoria, University of Exeter, Datapath

Buyer's Guide

Elastic Security vs. syslog-ng

December 2024

Free Report: Elastic Security vs. syslog-ng

Find out what your peers are saying about Elastic Security vs. syslog-ng and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our Elastic Security vs. syslog-ng report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.