Try our new research platform with insights from 80,000+ expert users

Logstash vs Wazuh comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Logstash
Ranking in Log Management
33rd
Average Rating
9.0
Reviews Sentiment
6.5
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Logstash is 0.5%, up from 0.3% compared to the previous year. The mindshare of Wazuh is 15.0%, up from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Mustafa Husny - PeerSpot reviewer
Helps to collect logs from various data sources, including hardware
I use Logstash primarily for connecting logs from hardware. This is the main use case. The second use case involves making correlations between logs from various sources.  I can collect logs from various data sources, including hardware. The product needs to improve its compatibility.  I rate…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I can collect logs from various data sources, including hardware."
"We have three or four Logstash servers for high availability."
"Everything aligns well with improving our organization."
"Logstash has numerous plugins for inputs and outputs, allowing it to work well in environments that do not contain other Elastic components."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"The configuration assessment and Pile integrity monitoring features are decent."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh has very flexible and robust features."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Regarding Wazuh, I find the SCA (Security Configuration Assessment) features most valuable. It's crucial for asset management and inventory, allowing us to monitorendpoints and servers' changes easily. This is particularly important for my customers, who aren't heavily focused on incident response but rely on asset management and inventories. Wazuh's compliance management features are very supportive, especially in regions like the Americas and Europe. However, it's less effective in the ANZ (Australia and New Zealand) region since Wazuh doesn't cater to the specific compliance standards there, such as those required in Australia. I appreciate that Wazuh fully complies with PCI DSS and GDPR standards, allowing us to generate necessary reports."
"We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh."
 

Cons

"We still have a problem with importing the log system."
"Elastic does not provide proper support for Logstash worldwide, and I rate their technical support as one out of ten."
"The product needs to improve its compatibility."
"Almost all the research can be very bad. We still have a problem with importing the log system."
"The tool does not provide CTI to monitor darknet."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"We would like to see more improvements on the cloud."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"There could be a hardware monitoring tool for the solution."
 

Pricing and Cost Advice

Information not available
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"The solution's cost is above the average."
"There is not a license required for Wazuh."
"Wazuh is an open-source tool, which means it is freely available for use."
"The solution's pricing is very competitive."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"My client uses the open-source version of Wazuh."
"We use the free version of Wazuh."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
13%
Government
9%
Educational Organization
6%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Logstash?
I can collect logs from various data sources, including hardware.
What needs improvement with Logstash?
Logstash lacks a graphical user interface, necessitating a strong programming background to handle it effectively. It is challenging for business users who need a skilled team for its operation. Ch...
What is your primary use case for Logstash?
I am considered an expert in Elastic Observability ( /products/elastic-observability-reviews ) in the Middle East. During my experience, I have worked heavily on Logstash ( /products/logstash-38586...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

Find out what your peers are saying about Logstash vs. Wazuh and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.