Try our new research platform with insights from 80,000+ expert users

Grafana Loki vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 6, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Grafana Loki
Ranking in Log Management
4th
Average Rating
8.2
Reviews Sentiment
8.0
Number of Reviews
17
Ranking in other categories
No ranking in other categories
IBM Security QRadar
Ranking in Log Management
6th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
208
Ranking in other categories
Security Information and Event Management (SIEM) (4th), User Entity Behavior Analytics (UEBA) (1st), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (4th), Managed Detection and Response (MDR) (9th), Extended Detection and Response (XDR) (11th)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Grafana Loki is 8.5%, up from 3.0% compared to the previous year. The mindshare of IBM Security QRadar is 3.8%, down from 5.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

CarlosPimentel - PeerSpot reviewer
Efficient log filtering enhances quick network troubleshooting
We use Grafana Loki for various verticals including manufacturing, finance, health, and aerospatial sectors. It primarily helps in monitoring security and access to devices. Grafana dashboards are used to track access success and failure and audit commands issued on devices Loki significantly…
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The best feature of Grafana Loki is that it integrates well with our other tool."
"We are using Grafana Loki as a database for real-time metrics."
"There are new features like that pilot code and things like that for profiling."
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events."
"It does good correlation for events. It does good general analysis, and it has good apps as well."
"I think QRadar is stable and currently satisfies my needs."
"We run 65 servers globally with just two people: an engineering person and me."
"We've found the solution to be scalable."
"The product provides a complete platform for ingesting the log, doing the correlations and handling the runtime."
"It helps us discover any threats with their alerts and tracking."
"IBM QRadar User Behavior Analytics's most important feature is its ease of use."
"IBM QRadar is easy to scale, it doesn't affect the environment. In our office, we have around 40 - 50 users, but our clients have more users on their networks. Our organization has staff in the software department that manages IBM QRadar for us."
 

Cons

"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"There is a need for some change in the alerting types of the product. In short, a few changes in the alert area are needed due to minor shortcomings."
"We had a well-structured dashboard with a functional query. However, an issue arose when the Kubernetes pod restarted. The statistics from our Grafana query would reset, dropping to zero and starting anew. This was particularly noticeable with linear graphs, which are expected to show consistent growth."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"It's not intended for proprietary services, so you have to struggle with configuration a lot."
"The product must improve its UI."
"The correlation of requests is not simple in Grafana Loki and can be improved."
"The Docker container partition feature needs improvement as they do not reuse the space and goes into a pending state."
"I don't look at only the features and benefits; I also look at the price. It is a bit expensive when compared with other solutions. It is expensive for specific deployment topologies, and the decision-makers go for alternatives like ArcSight. It should also have more AI features or capabilities for better threat intelligence. The more it uses machine learning, the better would be the dashboard, analytics, and other things."
"There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement."
"IBM needs to invest more into the collaboration with other vendors."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"The solution's technical support works, but sometimes, it can take quite a long time to get a solution from technical support."
"The pricing of the solution is a bit high. If they could lower it, that would be ideal."
"I would also like to see more integration with other vendors. IBM doesn't integrate well with products from China, like Huawei. Many Middle Eastern customers are switching to Huawei from American vendors like Cisco because of the price. In most RFPs, Huawei wins because it costs less."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
 

Pricing and Cost Advice

"I use the open-source version of the product."
"Grafana Loki is a free, open-source solution."
"My company doesn't need to pay for the licensing cost of the solution."
"The pricing structure varies based on the number of users; there might be specific taxes to pay for it."
"I use the solution's open-source version. Grafana Loki is a completely free solution for me."
"Since we are using the open-source version of Grafana Loki, we are not paying anything for the solution."
"I find the licensing structure quite reasonable, as the free license effectively meets my requirements."
"The solution is open source."
"I feel that the price is reasonable but compared to other products that are on the market, such as an offering by Microsoft, it is more expensive."
"It is a perpetual license that we have for the event collector. The licensing is done based on the number of events and flows that you receive on this particular device. These are perpetual licenses, which means once you purchase them, they don't expire, which means that the support to IBM is definitely renewed after every one year. We have an enterprise agreement with IBM, which puts the cost in a totally different category as compared to someone who is not an IBM partner and is approaching IBM for this solution. We were able to get massive discounts. To give you an idea, we recently purchased 30,000 event licenses, and it costs around $480,000. It is definitely not a cheap product. We have licenses for about 270,000 events per second and 3 million flows per second. All the appliances and their events and flows are basically clubbed together and charged or rather calculated through a single source. The console receives all the details from all the event processes that we have globally. So, the license that we have is a single license for 270,000 events per second and 3 million flows per second, but that can be managed centrally. I was only part of the secondary purchase, which was 30,000 events per second for about $480,000. You can calculate how much we paid for 270,000 events. Reducing its price would be a compromise. We have already used a lower-priced product in the form of NNT, but we had to get rid of it because it was not doing the job that we actually wanted to do. You get what you pay for."
"It is cheaper than ArcSight."
"The price of this solution is reasonable."
"Most of the time, it is easier and cheaper to buy a new product or the QRadar box."
"The pricing needs to be such that they are more competitive with other vendors."
"It's free of charge."
"QRadar UBA's price is a little more than street price and could be reduced."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Educational Organization
24%
Computer Software Company
14%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Grafana Loki?
We are using Grafana Loki as a database for real-time metrics.
What is your experience regarding pricing and costs for Grafana Loki?
We use the open-source version of Loki. The cloud version is competitively priced compared to other market solutions.
What needs improvement with Grafana Loki?
It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers.
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information in...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What is your experience regarding pricing and costs for IBM Security QRadar?
The cost depends. The price I negotiated varies by region and relationship with the OEM. Cost is not shared due to another procurement team handling negotiations, but it was reasonable as far as I ...
 

Also Known As

No data available
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Information Not Available
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Grafana Loki vs. IBM Security QRadar and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.