Try our new research platform with insights from 80,000+ expert users

Elastic Stack vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Stack
Ranking in Log Management
13th
Average Rating
7.8
Reviews Sentiment
6.5
Number of Reviews
16
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of March 2025, in the Log Management category, the mindshare of Elastic Stack is 4.8%, up from 0.7% compared to the previous year. The mindshare of Wazuh is 15.0%, up from 14.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Balamurali P - PeerSpot reviewer
Advanced query capabilities enhance monitoring effectiveness
Elastic Stack should be more simplified with ready-to-use widgets. Also, incorporating AI capabilities is essential as monitoring and observability tools are now adding AI features. Ideally, it should evolve into a full-stack observability tool, similar to AppDynamics or DynaTrace, which offers a solution that includes ISP provider, API monitoring, and infrastructure monitoring.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is a very scalable solution...I didn't face any problem with this scalability part of the solution since we only have a few pieces of equipment in our company."
"The tool's most powerful aspect is its search engine capability. It's a highly effective and powerful solution for searching. We use it in professional and student projects at universities, and it delivers promising results."
"Prior to the latest updates, data lake management was a standout feature. The hybrid capability for on-premise and cloud integration was also crucial. Now, with Elastic Defense, the agent simplifies security monitoring, making it a key asset."
"The scripting model in Elastic Stack allows me to query logs and then put the data into Grafana."
"The detection rules in Elastic Stack are the most valuable feature. The search capabilities are excellent and fast. As we collect logs from workstations and devices, the detection rules run on top of the logs and detect any suspicious activity, raising alerts accordingly. Integration with Elastic Stack depends on the specific integration. Elastic provides some bridging integrations that make it easy, but require custom integration. Most integrations are simple, but customization can be challenging because we need to do some parsing. There's something called Elastic Common Schema, and we need to parse the source logs to match this schema, which can be a bit challenging."
"The only beneficial aspect of Elastic Stack is that it's open source."
"The tool is huge, and it performs brilliantly. I tested it for malware, and within two weeks of launching, the product alerted me about a network intrusion. This was a tough test for it, but it performed admirably. The alerting system is excellent, and searching through logs is incredibly efficient. What's impressive is that all three products or options are integrated into one solution. This means I don't need separate logging, monitoring, or antivirus solutions."
"The solution's technical support is good...Elastic Stack offers good value for value for money based on the product's features and what they offer."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Wazuh is simple to use for PCI compliance."
"Good for monitoring, active response, and for vulnerabilities."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"The most valuable feature of Wazuh is its EDR capabilities."
"The solution is easy to maintain."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
 

Cons

"Elastic Stack's search capabilities can be challenging, especially when searching for precise data from past years, such as two or ten years ago. Its indexing performance for exact data retrieval may decrease as the data volume grows. Therefore, I believe there is room for improvement in the product's search functionality. It needs to improve its pricing as well."
"Support could be improved. The error code is not helpful. We have to ask for it or pass it on to community forums."
"The implementation of dashboards in the solution needs to be made easier...I had some issues with the ports and configuration since it was kind of complex to implement with Docker."
"AI-enablement would be a big improvement in Elastic Stack...If there is room for an ML model in Elastic Stack, then it would be good."
"It lacks a clear NDR (Network Detection and Response) feature. If Elastic could enhance this aspect, it would significantly boost its capabilities."
"Improving integration capabilities, especially with authentication systems, firewalls, and security controls, is a crucial area for improvement in Elastic Stack. Additionally, enhancing functionality to handle large Yara queries more efficiently would be beneficial, as many EDR solutions can run such queries faster than Elastic Stack's current limitations."
"There could be better documentation."
"The solution is expensive, particularly the training and certification. If customers want to increase their use of Elastic Stack, they should consider reducing the cost of certification and training."
"The only challenge we faced with Wazuh was the lack of direct support."
"The tool doesn't detect anomalies or new environments."
"A lack of certain features creates limitations."
"An issue I noticed is with tag values in certain rules not functioning properly."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements."
"The support channel is not optimal, and extensive research is required on our part to implement Wazuh effectively."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
 

Pricing and Cost Advice

"We are using the open-source community version of the product."
"If I compare Elastic Stack to the other products in the market, I would say that the tool is available at a competitive price."
"The pricing is reasonable."
"I rate the solution's pricing a six out of ten."
"I used the open-source version of Elastic Stack, because of which I did not have to pay anything."
"It depends on the specifics, but generally, Elastic is economical for certain use cases."
"The product is expensive."
"Ultimately, the pricing depends upon the capacity planning that the enterprise architect does."
"They have a good pricing strategy for market expansion."
"My client uses the open-source version of Wazuh."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"The product price is neither too high nor too low."
"We use the free version of Wazuh."
"The product is cheaper compared to other tools."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
842,194 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
Comms Service Provider
9%
Manufacturing Company
8%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Elastic Stack?
The tool is huge, and it performs brilliantly. I tested it for malware, and within two weeks of launching, the product alerted me about a network intrusion. This was a tough test for it, but it per...
What is your experience regarding pricing and costs for Elastic Stack?
I may not be able to answer as this is customer-paid Elastic Stack, and I didn't handle the payment.
What needs improvement with Elastic Stack?
Elastic Stack should be more simplified with ready-to-use widgets. Also, incorporating AI capabilities is essential as monitoring and observability tools are now adding AI features. Ideally, it sho...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

Find out what your peers are saying about Elastic Stack vs. Wazuh and other solutions. Updated: March 2025.
842,194 professionals have used our research since 2012.