Try our new research platform with insights from 80,000+ expert users

Wazuh vs syslog-ng comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

syslog-ng
Ranking in Log Management
19th
Average Rating
8.6
Reviews Sentiment
6.3
Number of Reviews
5
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Log Management
1st
Average Rating
7.4
Reviews Sentiment
6.3
Number of Reviews
46
Ranking in other categories
Security Information and Event Management (SIEM) (2nd), Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of syslog-ng is 2.6%, down from 2.7% compared to the previous year. The mindshare of Wazuh is 15.0%, up from 14.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

RyanVargas - PeerSpot reviewer
It's a user-friendly open-source solution that can replace or augment a commercial product in some cases
I rate syslog-ng 10 out of 10. It's free and easy to use. It has built-in tools that help us index the various logs sent to it. It's a solid log product. If you're looking for a SIEM solution, syslog-ng will work as a stopgap measure at beginning of the project. It can also work as an injector for a true SIEM solution. You can send all the logs to syslog-ng and forward all the data to the SIEM solution after you've cleaned up the data and got the pertinent information. It's a good front end for a commercial SIEM solution, which becomes more expensive as you load more data into it. I would highly recommend syslog-ng for that use case. However, if you lack the expertise, you might need to go with a cloud-based SIEM instead. You need some in-house expertise or an outside consultant to manage it and set it up.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"Wazuh has very flexible and robust features."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"It's stable."
"If they support a solution, it is easy to do an integration."
"I would recommend Wazuh to others."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"Wazuh is simple to use for PCI compliance."
 

Cons

"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"There is always the potential for additional integration and protocol extensions."
"The filtering has room for improvement."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"It would be great if there could be customization for the decoder portion."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"Some features, like alerting, are complex with Wazuh."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"Integration with Vyara could be better."
"The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh."
 

Pricing and Cost Advice

"Syslog-ng is a free open-source solution."
"Syslog-ng is open-source."
"Wazuh is an open-source tool."
"It is an open-source product."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"Wazuh is free and open source."
"Wazuh is a cheaply priced product."
"The product price is neither too high nor too low."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Government
13%
Computer Software Company
13%
Manufacturing Company
8%
Financial Services Firm
8%
Computer Software Company
16%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about syslog-ng?
For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior.
What is your experience regarding pricing and costs for syslog-ng?
The pricing is in the middle. I would rate the pricing a six out of ten, with one being expensive and ten being cheap.
What needs improvement with syslog-ng?
There is room for improvement in terms of observability. Additionally, a possible new feature could be Kafka integration.
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
There is room for improvement by integrating more AI into Wazuh. It requires constant nurturing, as I have to provide it with code and specific requirements. This maintenance can be quite labor-int...
What is your primary use case for Wazuh?
We use Wazuh as a SIEM solution because it is open source, highly customizable, and continually expanding. Our clients can request various solutions for their issues, which Wazuh is able to address.
 

Comparisons

 

Overview

 

Sample Customers

Tecnocom, University of Victoria, University of Exeter, Datapath
Information Not Available
Find out what your peers are saying about Wazuh vs. syslog-ng and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.