No more typing reviews! Try our Samantha, our new voice AI agent.

Graylog Security vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Graylog Security
Ranking in Security Information and Event Management (SIEM)
60th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
7.4
Reviews Sentiment
7.0
Number of Reviews
38
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Graylog Security is 0.6%, up from 0.5% compared to the previous year. The mindshare of Trellix ESM is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Trellix ESM1.0%
Graylog Security0.6%
Other98.4%
Security Information and Event Management (SIEM)
 

Featured Reviews

Tony Zafiropoulos - PeerSpot reviewer
Owner/ Chief Engineer at Fixvirus.com
Aggregates logs in one place and helps to review data points
We tried Graylog Security, starting with their inexpensive open-source version. We tested it out and continued using it for a while. As for the main differences between Graylog Security and other vendors, some users might prefer cloud-based platforms over on-premises solutions. It isn't inherently cloud-native, but that might not matter much for some.
MD
Senior Vice President IT at AS IT Consulting Pvt. Ltd.
Offers comprehensive report generation while maintaining ease of integration
We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that. We can add some new features regarding AI in the future for Trellix ESM, but the maturity will take a longer time. There are many false positives that happen in an environment during the first couple of months, or around six months, so the system analyst is not able to identify whether the event which has occurred is a true positive or a false positive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We use the solution to collect logs."
"The tool aggregates logs. We can see the logs in one place."
"If a customer is specifically looking for log and event analysis, with the correlations, then this solution is a good choice."
"It is easy to use."
"We are quite happy with the product and its stability, but the problem is the lack of support, which is one of the major issues that we are facing."
"The security can't be compromised, and the security features on offer are the most valuable feature and are why it's really worth having as a product like this in our organization."
"The product’s most valuable feature is log monitoring."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"The solution's technical support is great."
"McAfee as a whole is a good solution."
 

Cons

"Graylog Security needs to incorporate security scorecards."
"The API the product provides still needs to develop some maturity."
"I would like to see improvements to the user interface."
"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."
"I would like to see good analytics in future releases."
"McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"Just like any other software/hardware platform, once in awhile we have issues with software bugs, but McAfee's support is good in helping to fix these issues in a timely manner."
"The product documentation is good, but could be better. Also a bug-free version would be nice as the version I worked on had a bug in the alarm system."
 

Pricing and Cost Advice

"I rate the tool's pricing a one out of ten."
"We renew our license annually."
"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
"The cost is dependent on the customer's environment and requirements."
"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
"The licensing cost is based on EPS."
"The pricing is fair."
"The product is slightly expensive."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
904,016 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Educational Organization
14%
Comms Service Provider
10%
Construction Company
7%
Manufacturing Company
7%
Comms Service Provider
14%
Construction Company
13%
Financial Services Firm
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise6
Large Enterprise25
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for McAfee ESM?
When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...
What needs improvement with McAfee ESM?
Areas of Trellix ESM that could be improved or enhanced include checking on the clients who are still on-prem, especially banks, as most are not moving everything to the cloud due to confidentialit...
What is your primary use case for McAfee ESM?
My customer's usual use case for Trellix ESM involves one client, as most of the users have moved to ESM. Nowadays, they don't use IPS only, since McAfee IPS is standalone; they incorporate firewal...
 

Also Known As

No data available
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Overview

 

Sample Customers

Information Not Available
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about Graylog Security vs. Trellix ESM and other solutions. Updated: June 2026.
904,016 professionals have used our research since 2012.