We compared Amazon CloudWatch and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Amazon CloudWatch users liked the solution’s simplicity, intuitive interface, and ability to handle large workloads. Users also praised CloudWatch’s comprehensive monitoring and alerts. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. Reviews also mentioned QRadar's comprehensive network visibility and strong SIEM capabilities. Some reviews mentioned that Amazon CloudWatch could improve performance and dashboard visualization through. Others noted that the solution lacked compatibility with some databases. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.
Service and Support: Customers generally have positive opinions about Amazon's customer service. They commended the support team for its availability and timely issue resolution. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.
Ease of Deployment: Amazon CloudWatch is generally described as easy to set up. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.
Pricing: Amazon CloudWatch offers a flexible pricing structure based on usage and processing, without any separate licensing cost. Some users said that scaling up can be costly due to the need for additional storage space. QRadar can be costly because users need to buy new hardware to upgrade.
ROI: Amazon CloudWatch offers a return on investment by minimizing the need for manual monitoring. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.
"The solution gives us very good real-time data."
"Every time we get an alarm or have an incident, CloudWatch is always there. We use it not only for resources we've spun up in the cloud, but also for some of our on-premises resources."
"Setting up this product was easy. I found data analytics as its most valuable feature."
"The most valuable feature of Amazon CloudWatch is the monitoring and UI."
"What my company likes best about Amazon CloudWatch is that it's on AWS. My team also likes it for its log feature. As the solution is on AWS, it also has good pricing and resource availability, plus it's what clients choose. My company also chose AWS for Forge ECS, and at the time, there was a need for the log features provided by Amazon CloudWatch, so it's the solution my team went with."
"The most valuable features of Amazon CloudWatch are metrics, dashboards, alarms, logs, events, logs insight, and application insights."
"Monitoring time and ensuring ease in it is the most valuable feature."
"The initial setup is easy."
"We can easily monitor many things using this tool."
"QRadar shows very effective correlations. If you combine all the logins plus user behavior and the current intelligence, it gives a very good correlation for business. I think it reduces the false positives in user activity monitoring because there is a lot of social information to correlate with other data."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"The most valuable feature is user behavior analytics (UBA)."
"It has improved my efficiency."
"We are using the platform version, which I like."
"It protect us from multiple authentication values, unauthorized access and antivirus threats."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"There could be further enhancements through CloudWatch's partnerships."
"I found several areas for improvement in Amazon CloudWatch. First is that it's tough to track issues and find out where it's going wrong. The process takes longer. For example, if I get an exception error, I read the logs, search, go to AWS Cloud, then to the groups to find the keyword to determine what's wrong. Another area for improvement in Amazon CloudWatch is that it's slow in terms of log streaming. It requires an entire twenty-four hours for scanning, rather than just one hour. This issue can be solved with Elasticsearch streaming with Kibana, but it requires a lot of development effort and integration with Kibana or Splunk, and this also means I need a separate developer and software technical stack to do the indexing and streaming to Kibana. It's a manual effort that you need to do properly, so log streaming should be improved in Amazon CloudWatch. The AWS support person should also have a better understanding of the logs in Amazon CloudWatch. What I'd like added to the solution is a more advanced search function, particularly one that can tell you more information or special information. Right now, the search function is difficult to use because it only gives you limited data. For example, I got an error message saying that the policy wasn't created. I only know the amount the customer paid for the policy, the mobile number, and the customer name, but if I use those details, the information won't show up on the logs. I need to enter more details, so that's the type of fuzzy matching Amazon CloudWatch won't provide. If this type of search functionality is provided, it will be very helpful for businesses and companies that provide professional services to customers, like ours."
"The solution should provide human-readable metrics."
"I think something that can be improved are the alerts and alerting mechanism based on no rejects. We want to have it more flexible and that is one of the key things that is required."
"The product’s documentation must be improved."
"I do not know whether or not CloudWatch can be integrated with on-prem services."
"It is hard to configure; it is not a straightforward tool."
"Better reporting is always something needed. That could be an answer to just about anything. But you always want better reporting, better dashboards, things that are just more dynamic and more accessible."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"IMB should reduce the pricing, or reduce some of the features for a more economical solution for the customer."
"The quality of technical support depends on the IBM support person. Sometimes, it's hard to get the right person on the other side. A ticket coordinator could be the key to better quality delivery."
"It's resource-intensive."
"The tool is very complicated. One place for improvement would be to have a more user-friendly interface. Having better support in Spanish would be cool."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"Each module requires a separate license and a separate cost."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Amazon CloudWatch is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Amazon CloudWatch vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
