No more typing reviews! Try our Samantha, our new voice AI agent.

Coralogix vs NetWitness Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Coralogix
Ranking in Log Management
12th
Ranking in Security Information and Event Management (SIEM)
13th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
22
Ranking in other categories
Application Performance Monitoring (APM) and Observability (13th), API Management (11th), Streaming Analytics (11th), Anomaly Detection Tools (2nd), AI Observability (8th)
NetWitness Platform
Ranking in Log Management
38th
Ranking in Security Information and Event Management (SIEM)
36th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Coralogix is 1.5%, up from 0.8% compared to the previous year. The mindshare of NetWitness Platform is 1.1%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Coralogix1.5%
NetWitness Platform1.1%
Other97.4%
Log Management
 

Featured Reviews

Arka Sarkar - PeerSpot reviewer
Technical Solution Support Development Engineer at Ericsson Global
Centralized monitoring has transformed telecom troubleshooting and now reduces downtime proactively
Coralogix works well for our needs, but there are a few areas where improvements can be made. One area is querying performance for large-scale data sets. When we are dealing with very high log volumes, some complex queries take time to return results. Improving query speed and optimization would enhance the troubleshooting experience. Another point is the learning curve for advanced features. While basic usage is straightforward, advanced querying and dashboard configurations can take time for new users we are onboarding. We have faced this situation in our organization's domain frequently. More simplified UI options or guided templates would help new team members onboard faster. Additionally, dashboard customization flexibility needs improvement. Although dashboards are useful, having more flexibility in customization would make them even more powerful. An important point is cost optimization. Since log volume is high in our environment, better visibility and control over cost optimization would be beneficial. These are minor improvements overall. Coralogix already provides strong capabilities for centralized logging and monitoring, but enhancing these areas would make it even more efficient for large-scale environments in our telecom servers. Improvements could include query performance, alert noise reduction, and ease of use for advanced features, especially for large-scale environments like ours.
reviewer2256927 - PeerSpot reviewer
Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees
A solid SIEM solution that should improve technical support and online resources to be easier to use
A big problem with the product is that we don't have much professional experience in Israel installing, implementing, and integrating this product. There is not enough of a knowledge base. There is no support for this product in this country, so problems have to be resolved through global technical teams. We like to work locally because of the language, and when the product is only supported outside the country, it's a little difficult to implement and use this product. Moreover, AI is something that must be added immediately. Artificial intelligence is a part of the competitors' products, and it's not been implemented for us.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Support is great; they are helpful and responsive, and they are the greatest support team that I ever worked with, especially in comparison with AWS support’s premium tier where Coralogix is a few times better than even AWS support."
"In my opinion, the best feature of Coralogix is that it's convenient to look at errors."
"I have worked on multiple logging systems, and I would say Coralogix was the best among those."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"For now, we have not experienced any stability issues."
"The log monitoring is good, and the dashboards that we create are beneficial."
"Coralogix saves us the need to actively tune and dig deep into our logs, which is something we have to do with other log management solutions, and is a genuine time saver due to its smart capabilities."
"With Coralogix, we have saved money and time."
"RSA NetWitness is a SIEM and real-time network traffic solution that collects logs and packets, applies a set of alerting, reporting, and analysis rules on them, and thus provides the enterprise with full visibility of the networks and activities of the systems."
"Thanks to this tool, we have a small SOC running in our company."
"The most valuable feature is the correlation, as it can report in real-time and monitor the management."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"It gives customers visibility about their most important servers and devices."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"Once it is deployed and you are used to it, you can do whatever you want."
"Integration is exceedingly minimal, since its project development is much easier than that of LogRythm or IBM."
 

Cons

"In terms of documentation, I think there can be more user-friendly documentation that stresses more on day-to-day issues."
"We have asked the company to auto-revert the changes after a while so that the system works typically. We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"Coralogix can be improved by cleaning up the UI, as it is too cluttered. If the search speed could also be improved, that would be helpful."
"The documentation of the tool could be improved"
"I see room for improvement in Coralogix regarding the cost, as they can reduce the costs for the license."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"Maybe they could make it more user-friendly."
"Coralogix works well for our needs, but there are a few areas where improvements can be made."
"Cross Platform Integration could be improved."
"The product's licensing models are complex to understand. This particular area needs improvement."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"One thing to be improved in NetWitness is the capability to correlate event logs in a general sense."
"Health monitoring of the event sources and devices."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
 

Pricing and Cost Advice

"Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage. Initially, we were at $900 per month."
"The cost of the solution is per volume of data ingested."
"We are paying roughly $5,000 a month."
"The platform has a reasonable cost. I rate the pricing a three out of ten."
"The product price was reasonable for my region and the market."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"Compared to the competition, the is price is not that high."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"It’s cheaper to run virtual machines in a VMware environment."
"The product is expensive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Manufacturing Company
10%
Outsourcing Company
8%
Computer Software Company
7%
Financial Services Firm
12%
Construction Company
11%
Comms Service Provider
9%
Outsourcing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise11
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
 

Questions from the Community

What is your experience regarding pricing and costs for Coralogix?
My experience with Coralogix pricing and licensing has been generally positive, especially considering the value it provides in terms of monitoring and troubleshooting. It follows a usage-based pri...
What needs improvement with Coralogix?
Coralogix works well for our needs, but there are a few areas where improvements can be made. One area is querying performance for large-scale data sets. When we are dealing with very high log volu...
What is your primary use case for Coralogix?
In my organization, particularly in Ericsson's telecom BSS domain, the primary use case of Coralogix is centralized log management and real-time monitoring of telecom applications, such as the BSS ...
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
What is your primary use case for NetWitness Platform?
I use NetWitness Platform ( /products/netwitness-platform-reviews ) in the financial industry as a good product with excellent capabilities and integration with various devices.
 

Also Known As

No data available
RSA Security Analytics
 

Overview

 

Sample Customers

Payoneer, AGS, Monday.com, Capgemini
Los Angeles World Airports, Reply
Find out what your peers are saying about Coralogix vs. NetWitness Platform and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.