Elastic Security vs syslog-ng comparison

Elastic and One Identity are both solutions in the Log Management category. Elastic is ranked #11 with an average rating of 7.8, while One Identity is ranked #17 with an average rating of 10.0. Elastic holds a 2.9% mindshare in Log Management, compared to One Identity’s 2.4% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 100% of One Identity users who would recommend it.

Elastic Security

Read 65 Elastic Security reviews

11,217 Views
6,169 Comparison Views

86% willing to recommend

syslog-ng

Read 7 syslog-ng reviews

4,107 Views
4,107 Comparison Views

100% willing to recommend

Elastic Security

syslog-ng

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

Elastic Security and syslog-ng compete in the operational security category. Elastic Security seems to have the upper hand due to its robust security framework and advanced analytical features.

Features: Elastic Security provides advanced threat detection, a wide range of integration capabilities, and a comprehensive security framework. Syslog-ng focuses on effective log collection, high-performance data filtering, and efficient data processing.

Room for Improvement: Elastic Security could enhance scalability, reduce its resource-heavy nature, and improve performance optimization. Syslog-ng could benefit from more user-friendly settings, enhanced support documentation, and improved user accessibility.

Ease of Deployment and Customer Service: Elastic Security requires significant deployment effort, often involving technical expertise and time, whereas syslog-ng offers a quicker setup but lacks robust customer support.

Pricing and ROI: Elastic Security is considered expensive, with mixed views on ROI due to its comprehensive features. Syslog-ng is generally viewed as cost-effective, providing a good balance between cost and functionality.

To learn more, read our detailed Elastic Security vs. syslog-ng Report (Updated: September 2025).

Buyer's Guide

Elastic Security vs. syslog-ng

September 2025

Download the complete report

Helped 867,676 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Elastic Security

Ranking in Log Management

11th

Average Rating

7.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (7th), Extended Detection and Response (XDR) (9th)

syslog-ng

Ranking in Log Management

17th

Average Rating

9.0

Reviews Sentiment

3.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of September 2025, in the Log Management category, the mindshare of Elastic Security is 2.9%, down from 5.4% compared to the previous year. The mindshare of syslog-ng is 2.4%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management Market Share Distribution
Product	Market Share (%)
Elastic Security	2.9%
syslog-ng	2.4%
Other	94.7%

Log Management

Featured Reviews

SyedAli17

Assistant Director at PTA

Centralized monitoring improves security posture through rapid data processing

The processing part of Elastic Security is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.

Read full review

RyanVargas

Senior Director and Senior Systems Engineer (Dual Role), IT Infrastructure and Security at a financial services firm with 51-200 employees

It's a user-friendly open-source solution that can replace or augment a commercial product in some cases

I rate syslog-ng 10 out of 10. It's free and easy to use. It has built-in tools that help us index the various logs sent to it. It's a solid log product. If you're looking for a SIEM solution, syslog-ng will work as a stopgap measure at beginning of the project. It can also work as an injector for a true SIEM solution. You can send all the logs to syslog-ng and forward all the data to the SIEM solution after you've cleaned up the data and got the pertinent information. It's a good front end for a commercial SIEM solution, which becomes more expensive as you load more data into it. I would highly recommend syslog-ng for that use case. However, if you lack the expertise, you might need to go with a cloud-based SIEM instead. You need some in-house expertise or an outside consultant to manage it and set it up.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Enables monitoring of application performance and the ability to predict behaviors."

"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."

"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."

"The solution is quite stable. The performance has been good."

"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."

"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."

"It is scalable."

More Elastic Security pros

"The ability to extract and store the logs is the most valuable feature of syslog-ng."

"Syslog-ng has a separate config file in addition to the core configuration."

"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."

"We chose syslog-ng because it is easy to install, easy to maintain, easy to update, and due to the fact that all data arrive in raw format, we can manipulate it as we want."

"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."

"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."

Cons

"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."

"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."

"The solution could also use better dashboards. They need to be more graphical, more matrix-like."

"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."

"Their visuals and graphs need to be better."

"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."

"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."

"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."

More Elastic Security cons

"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."

"The filtering has room for improvement."

"There is room for improvement in terms of observability."

"In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it."

"There is always the potential for additional integration and protocol extensions."

"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."

Pricing and Cost Advice

"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."

"This is an open-source product, so there are no costs."

"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."

"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."

"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."

"There is no charge for using the open-source version."

"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."

"The solution is not expensive and costs around ten dollars a month."

More Elastic Security pricing and cost advice

"Syslog-ng is open-source."

"Syslog-ng is a free open-source solution."

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

867,676 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Government

10%

Comms Service Provider

Financial Services Firm

Government

13%

Computer Software Company

12%

Manufacturing Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	40
Midsize Enterprise	11
Large Enterprise	14

By reviewers
Company Size	Count
Small Business	3
Midsize Enterprise	2
Large Enterprise	3

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...

See all answers

What do you like most about Elastic Security?

Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...

See all answers

What is your experience regarding pricing and costs for Elastic Security?

I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.

See all answers

What do you like most about syslog-ng?

For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior.

See all answers

What is your experience regarding pricing and costs for syslog-ng?

The pricing is in the middle. I would rate the pricing a six out of ten, with one being expensive and ten being cheap.

See all answers

What needs improvement with syslog-ng?

Something could potentially be improved, though it works effectively for me. In the early stages, over 10 years ago, syslog-ng was lacking some features, so I created a patch for it. I used a patch...

See all answers

Comparisons

Wazuh vs Elastic Security

Compared 16% of the time

IBM Security QRadar vs Elastic Security

Compared 7% of the time

Splunk Enterprise Security vs Elastic Security

Compared 7% of the time

CrowdStrike Falcon vs Elastic Security

Compared 6% of the time

Microsoft Defender for Endpoint vs Elastic Security

Compared 5% of the time

More Elastic Security Competitors

Graylog Enterprise vs syslog-ng

Compared 31% of the time

SolarWinds Kiwi Syslog Server vs syslog-ng

Compared 23% of the time

Grafana Loki vs syslog-ng

Compared 10% of the time

Cribl vs syslog-ng

Compared 6% of the time

Elastic Stack vs syslog-ng

Compared 6% of the time

More syslog-ng Competitors

Product Reports

Buyer's Guide

Elastic Security

September 2025

Download Elastic Security product report

Buyer's Guide

Log Management

August 2025

Download syslog-ng product report

Also Known As

Elastic SIEM, ELK Logstash

No data available

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.

Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

Optimizing SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM.

Rapid search and troubleshooting
With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs.

Meeting compliance requirements
syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance.

Big data ingestion
syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others.

Universal log collection and routing
syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management.

Secure data archive
syslog-ng Store Box provides automated archiving, tamper-proof encrypted storage, granular access controls to protect log data. The largest appliance can store up to 10TB of raw logs.

One Identity

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care

Tecnocom, University of Victoria, University of Exeter, Datapath

Buyer's Guide

Elastic Security vs. syslog-ng

September 2025

Free Report: Elastic Security vs. syslog-ng

Find out what your peers are saying about Elastic Security vs. syslog-ng and other solutions. Updated: September 2025.

DOWNLOAD NOW

867,676 professionals have used our research since 2012.

See our Elastic Security vs. syslog-ng report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.