Try our new research platform with insights from 80,000+ expert users

Grafana Loki vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Grafana Loki
Ranking in Log Management
4th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
17
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Grafana Loki is 8.5%, up from 3.0% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

CarlosPimentel - PeerSpot reviewer
Efficient log filtering enhances quick network troubleshooting
We use Grafana Loki for various verticals including manufacturing, finance, health, and aerospatial sectors. It primarily helps in monitoring security and access to devices. Grafana dashboards are used to track access success and failure and audit commands issued on devices Loki significantly…
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events."
"Loki also utilizes the same service discovery mechanism as used by Prometheus. So, whatever labeled metadata you see in Prometheus, you have the exact same metadata in the Loki system. Given this level of intricacy and the attempt to address these challenges, I firmly believe that Loki deserves praise for the work."
"I appreciate the capability to process logs from microservices and seamlessly integrate them into Grafana."
"The solution's stability has never been a problem. Stability-wise, I rate the solution a nine to ten out of ten."
"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"We are using Grafana Loki as a database for real-time metrics."
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"I like that it's easy to use and the performance is good."
"We get events and make the correlation, or rules. In IBM, we can implement our customer's rules. We can have very clear status threats and severity of antigens."
"It's user-friendly when compared to other products."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"IBM QRadar User Behavior Analytics has easy architecture, has a good portfolio and integration."
"The most valuable aspect of the solution is the integration capabilities on offer."
"The scalability is good."
 

Cons

"The correlation of requests is not simple in Grafana Loki and can be improved."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"We had a well-structured dashboard with a functional query. However, an issue arose when the Kubernetes pod restarted. The statistics from our Grafana query would reset, dropping to zero and starting anew. This was particularly noticeable with linear graphs, which are expected to show consistent growth."
"It's not intended for proprietary services, so you have to struggle with configuration a lot."
"The platform's stability needs improvement."
"The product must improve its UI."
"I do not see any areas for improvement at the moment."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"The modularity could be improved."
"The user interface and configurability of IBM QRadar User Behavior Analytics can be improved. It has a lot of pre-configured settings and not many things can be changed. It also needs more integrations. Currently, User Behavior Analytics is integrated only with IBM QRadar. It could have deeper integrations. It can also have more complicated scoring models. Currently, it has a very simple linear scoring model for users."
"The product does not have a team for investigating malware."
"Pricing model could be more cost-effective."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"If you have too many events that occur, then the storage capacity becomes a problem. You need to have more storage."
"The Indian tech support is not helpful."
 

Pricing and Cost Advice

"I use the solution's open-source version. Grafana Loki is a completely free solution for me."
"Grafana Loki is an open-source solution."
"You can use the free version of Grafana Loki on-premises."
"I find the licensing structure quite reasonable, as the free license effectively meets my requirements."
"The cost is less than other paid services like CloudWatch."
"The solution is open source."
"I use the open-source version of the product."
"Since we are using the open-source version of Grafana Loki, we are not paying anything for the solution."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate IBM Security QRadar's pricing a five out of ten."
"It is costlier as compared to the other alternatives available in the market."
"On a scale of one to ten, I rate the price a one, where one is an extremely expensive product, and ten is a cheap product."
"The price of this solution is a little bit expensive, so if it were cheaper then it would help."
"Licensing can be costly depending on your architecture."
"QRadar UBA's price is a little more than street price and could be reduced."
"It is very expensive."
"The pricing is always fine."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Grafana Loki?
We are using Grafana Loki as a database for real-time metrics.
What is your experience regarding pricing and costs for Grafana Loki?
We use the open-source version of Loki. The cloud version is competitively priced compared to other market solutions.
What needs improvement with Grafana Loki?
It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Information Not Available
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Grafana Loki vs. IBM Security QRadar and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.