Try our new research platform with insights from 80,000+ expert users

Grafana Loki vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Grafana Loki
Ranking in Log Management
4th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
17
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
207
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Grafana Loki is 8.5%, up from 3.0% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

CarlosPimentel - PeerSpot reviewer
Efficient log filtering enhances quick network troubleshooting
We use Grafana Loki for various verticals including manufacturing, finance, health, and aerospatial sectors. It primarily helps in monitoring security and access to devices. Grafana dashboards are used to track access success and failure and audit commands issued on devices Loki significantly…
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool can be used in multi-cluster environments."
"Loki significantly saves time in troubleshooting by quickly pinpointing network issues."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"I appreciate the capability to process logs from microservices and seamlessly integrate them into Grafana."
"Grafana agent is very lightweight and does not cost significant resources of our cluster."
"The product's most valuable features are ease of installation, management, and reporting. It has an efficient ability to set thresholds for alerts, as well."
"The log collection feature is good and the solution is easily understandable. v"
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"think QRadar is great overall. We’ve had a positive experience with it and recommend it for deployment. However, there are areas for improvement. The technical support is good, and the documentation is valuable, but it could be enhanced, especially regarding integration with other systems. In terms of support and updates, QRadar’s capabilities are crucial for maintaining high security standards. Network and software administrators can monitor all traffic effectively, which reassures clients and drives further adoption."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"We can easily monitor many things using this tool."
"IBM has everything you need in a cybersecurity solution. If you want to build a cybersecurity operation center version then I think QRadar is a perfect solution."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"The pre-canned rules and reports in this product are a huge plus."
"The most valuable features are all the implementations, the plug-ins, and the User Behavior Analytics (UBA)."
 

Cons

"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"It's not intended for proprietary services, so you have to struggle with configuration a lot."
"My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption."
"There is a need for some change in the alerting types of the product. In short, a few changes in the alert area are needed due to minor shortcomings."
"We had a well-structured dashboard with a functional query. However, an issue arose when the Kubernetes pod restarted. The statistics from our Grafana query would reset, dropping to zero and starting anew. This was particularly noticeable with linear graphs, which are expected to show consistent growth."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers."
"The platform's stability needs improvement."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"I would like to see a more user-friendly product."
"The tech support is not that good."
"Their technical support is not good. We opened a lot of cases and from my experience, they are not complicated issues but it takes forever to get an answer."
"The solution does not support the integration of flat file databases."
"The architecture could be improved. I got stuck for a long time trying to understand the architecture, as it is quite challenging."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
 

Pricing and Cost Advice

"The cost is less than other paid services like CloudWatch."
"My company doesn't need to pay for the licensing cost of the solution."
"I find the licensing structure quite reasonable, as the free license effectively meets my requirements."
"I use the solution's open-source version. Grafana Loki is a completely free solution for me."
"Grafana Loki is a free, open-source solution."
"We use a free version."
"You can use the free version of Grafana Loki on-premises."
"The solution is open source."
"Its price is good in terms of efficiency and the number of people required for implementing various things. You might pay more in terms of money, but you might save on the number of people. For example, if you are using Kibana, you have to pay more for people or experts, which is not the case with IBM QRadar."
"There are additional costs, such as the cost associated with the different hardware required for implementation and deployment. Along with the add-on apps, these are all additional costs, and they require licensing as well."
"The pricing is good."
"I think that the price is fair, but we can always say that the price could be cheaper."
"IBM Security QRadar is a very expensive tool."
"I think my company pays for the license yearly."
"QRadar is quite expensive. It wouldn't be worth it for a small business..."
"The pricing is always fine."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Educational Organization
23%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Grafana Loki?
We are using Grafana Loki as a database for real-time metrics.
What is your experience regarding pricing and costs for Grafana Loki?
We use the open-source version of Loki. The cloud version is competitively priced compared to other market solutions.
What needs improvement with Grafana Loki?
It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Information Not Available
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Grafana Loki vs. IBM Security QRadar and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.