Try our new research platform with insights from 80,000+ expert users

Logstash vs Wazuh comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Logstash
Ranking in Log Management
33rd
Average Rating
9.0
Reviews Sentiment
6.5
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Logstash is 0.5%, up from 0.3% compared to the previous year. The mindshare of Wazuh is 15.0%, up from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Mustafa Husny - PeerSpot reviewer
Helps to collect logs from various data sources, including hardware
I use Logstash primarily for connecting logs from hardware. This is the main use case. The second use case involves making correlations between logs from various sources.  I can collect logs from various data sources, including hardware. The product needs to improve its compatibility.  I rate…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have three or four Logstash servers for high availability."
"Everything aligns well with improving our organization."
"I can collect logs from various data sources, including hardware."
"Logstash has numerous plugins for inputs and outputs, allowing it to work well in environments that do not contain other Elastic components."
"The tool is stable."
"Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"The deployment is easy and they provide very good documentation."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
 

Cons

"We still have a problem with importing the log system."
"Elastic does not provide proper support for Logstash worldwide, and I rate their technical support as one out of ten."
"The product needs to improve its compatibility."
"Almost all the research can be very bad. We still have a problem with importing the log system."
"We would like to see more improvements on the cloud."
"Wazuh is missing many things that a typical SIEM should have."
"Since it's an open-source tool, scalability is the main issue."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"An issue I noticed is with tag values in certain rules not functioning properly."
 

Pricing and Cost Advice

Information not available
"Wazuh is free and open source."
"Wazuh is an open-source tool, which means it is freely available for use."
"The current pricing is open source."
"The product is cheaper compared to other tools."
"We use the free version of Wazuh."
"When I contacted customer care, they mentioned bundling options, that I found to be overall affordable."
"Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
"Wazuh has a community edition, and I was using that. It's free and open source."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
14%
Government
9%
Insurance Company
6%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Logstash?
I can collect logs from various data sources, including hardware.
What needs improvement with Logstash?
Logstash lacks a graphical user interface, necessitating a strong programming background to handle it effectively. It is challenging for business users who need a skilled team for its operation. Ch...
What is your primary use case for Logstash?
I am considered an expert in Elastic Observability ( /products/elastic-observability-reviews ) in the Middle East. During my experience, I have worked heavily on Logstash ( /products/logstash-38586...
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

Find out what your peers are saying about Logstash vs. Wazuh and other solutions. Updated: February 2025.
845,040 professionals have used our research since 2012.