Coralogix vs NetWitness Platform comparison

Coralogix and NetWitness are both solutions in the Log Management category. Coralogix is ranked #39 with an average rating of 8.0, while NetWitness is ranked #22 with an average rating of 7.6. Coralogix holds a 0.7% mindshare in Log Management, compared to NetWitness’s 0.3% mindshare. Additionally, 90% of Coralogix users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.

Coralogix

Read 9 Coralogix reviews

1,051 Views
805 Comparison Views

90% willing to recommend

NetWitness Platform

Read 37 NetWitness Platform reviews

768 Views
480 Comparison Views

75% willing to recommend

Coralogix

NetWitness Platform

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Coralogix are strong contenders in the network security and log analytics space. While users appreciate NetWitness Platform for its robust security features, Coralogix gains an edge with its user-friendly configuration and efficient performance.

Features: NetWitness Platform is noted for its comprehensive security capabilities and advanced threat detection, including detailed packet analysis and event correlation. Coralogix offers real-time log analytics, seamless integration with various data sources, and the automatic dynamic clustering of data. Coralogix stands out in ease of use and integration capabilities.

Room for Improvement: NetWitness users mention a steep learning curve and high resource consumption. They also seek more user-friendly documentation. Coralogix users note the need for enhanced alerting mechanisms, more detailed reporting features, and an expanded set of integrations to cover more platforms.

Ease of Deployment and Customer Service: NetWitness Platform has a complex deployment process that can be time-consuming and requires specialized skills for installation. Customer service is competent but may not always be responsive. Coralogix offers simpler deployment with quicker setup times and receives high satisfaction ratings for customer support.

Pricing and ROI: NetWitness Platform's pricing is on the higher side, justified for large-scale implementations due to its extensive capabilities. Coralogix offers competitive pricing, and users feel the ROI aligns well with the investment, particularly appreciating the cost-effectiveness for small and medium-sized enterprises.

To learn more, read our detailed Coralogix vs. NetWitness Platform Report (Updated: April 2025).

Buyer's Guide

Coralogix vs. NetWitness Platform

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Coralogix

Ranking in Log Management

39th

Ranking in Security Information and Event Management (SIEM)

42nd

Average Rating

8.2

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (33rd), API Management (29th), Streaming Analytics (19th), Anomaly Detection Tools (1st)

NetWitness Platform

Ranking in Log Management

22nd

Ranking in Security Information and Event Management (SIEM)

22nd

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of Coralogix is 0.7%, up from 0.5% compared to the previous year. The mindshare of NetWitness Platform is 0.3%, down from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management

Featured Reviews

reviewer1915599

VP of Engineering at a financial services firm with 51-200 employees

Good capabilities, has a helpful interface and is straightforward to set up

We have asked for a couple of features from the company already. What typically happens is a lot of people - and developers are one of the biggest consumers of this product - go to this product to optimize their investigation process and specific configurations. That increases our data flow at times, so the cost changes. And a lot of changes happen due to that. We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change.

Read full review

MdZaman

IT manager at a agriculture with 10,001+ employees

Really scalable for enterprise customers

The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The log monitoring is good, and the dashboards that we create are beneficial."

"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."

"For now, we have not experienced any stability issues."

"The solution is easy to use and to start with."

"Coralogix scales well, and I will rate it nine out of ten."

"The initial setup is straightforward."

"The solution offers very good convenience filtering."

"A non-tech person can easily get used to it."

More Coralogix pros

"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."

"Performance and reporting are very good."

"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."

"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."

"The product's initial setup phase was not at all difficult."

"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."

"The most valuable features are the threat prediction and network forensics."

"The most valuable features are the packet inspection and the automated incident response."

More NetWitness Platform pros

Cons

"The user interface is not intuitive, especially when first onboarding, and improvements could be made here."

"The user interface could be more intuitive and explanatory."

"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions."

"From my experience, Coralogix has horrible Terraform providers."

"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."

"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."

"Maybe they could make it more user-friendly."

"Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions. The increasing volume of data and the resulting bandwidth charges are concerns."

More Coralogix cons

"The implementation needs assistance."

"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."

"The multi-tenant capabilities are lagging compared to IBM QRadar."

"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."

"Its technical support could be better."

"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."

"I believe that integrating the solution with other products such as Oracle would be beneficial."

"The initial setup is complex. There are other solutions that are easier to implement."

More NetWitness Platform cons

Pricing and Cost Advice

"We are paying roughly $5,000 a month."

"The platform has a reasonable cost. I rate the pricing a three out of ten."

"The cost of the solution is per volume of data ingested."

"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."

"It provides tools to assist in selecting the appropriate license and usage scenarios."

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"It is cheap."

"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."

"The product price was reasonable for my region and the market."

"The product is expensive."

"It’s cheaper to run virtual machines in a VMware environment."

More NetWitness Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

10%

Manufacturing Company

Healthcare Company

Computer Software Company

19%

Financial Services Firm

18%

Government

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Coralogix?

Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams.

See all answers

What is your experience regarding pricing and costs for Coralogix?

The pricing is expensive. We need to reduce logs to manage costs. Despite the expense, I believe it is worth the money to have Coralogix as a tool.

See all answers

What needs improvement with Coralogix?

We need to reduce the number of logs generated by our system, which are substantial. We require some form of grouping or categorization of logs to identify them better. Additionally, we find that t...

See all answers

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.

See all answers

What needs improvement with NetWitness Platform?

There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.

See all answers

Comparisons

Datadog vs Coralogix

Compared 31% of the time

New Relic vs Coralogix

Compared 10% of the time

Grafana vs Coralogix

Compared 10% of the time

Elastic Search vs Coralogix

Compared 7% of the time

Sentry vs Coralogix

Compared 7% of the time

More Coralogix Competitors

Splunk Enterprise Security vs NetWitness Platform

Compared 28% of the time

IBM Security QRadar vs NetWitness Platform

Compared 18% of the time

Elastic Security vs NetWitness Platform

Compared 14% of the time

Trellix Network Detection and Response vs NetWitness Platform

Compared 11% of the time

RSA enVision vs NetWitness Platform

Compared 10% of the time

More NetWitness Platform Competitors

Product Reports

Buyer's Guide

Coralogix

April 2025

Download Coralogix product report

Buyer's Guide

NetWitness Platform

April 2025

Download NetWitness Platform product report

Also Known As

No data available

RSA Security Analytics

Overview

Coralogix is a stateful streaming data platform that provides real-time insights and long-term trend analysis with no reliance on storage or indexing, solving the monitoring challenges of data growth in large-scale systems.

Ingest log, metric, and security data from any source for a single, centralized platform to monitor and alert on your applications. As data is ingested, Coralogix instantly narrows millions of events down to common patterns for deeper insights and faster troubleshooting. Proactive data storage optimization enables up to 70% savings on monitoring costs with better performance.

Coralogix

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Sample Customers

Payoneer, AGS, Monday.com, Capgemini

Los Angeles World Airports, Reply

Buyer's Guide

Coralogix vs. NetWitness Platform

April 2025

Free Report: Coralogix vs. NetWitness Platform

Find out what your peers are saying about Coralogix vs. NetWitness Platform and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our Coralogix vs. NetWitness Platform report.

See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.