Devo vs Elastic Observability comparison

Devo and Elastic are both solutions in the Log Management category. Devo is ranked #27 with an average rating of 8.5, while Elastic is ranked #14 with an average rating of 8.1. Devo holds a 0.6% mindshare in Log Management, compared to Elastic’s 1.4% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 88% of Elastic users who would recommend it.

Devo

Read 22 Devo reviews

1,864 Views
914 Comparison Views

95% willing to recommend

Elastic Observability

Read 26 Elastic Observability reviews

2,840 Views
2,461 Comparison Views

88% willing to recommend

Devo

Elastic Observability

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

Devo and Elastic Observability compete in the data monitoring and analysis sector. Devo stands out in pricing and customer support, while Elastic Observability impresses with its extensive feature set.

Features: Devo is noted for fast query performance, scalability, and efficient data integration capabilities. Elastic Observability offers a comprehensive feature set with diverse integrations and advanced analytics.

Room for Improvement: Devo users suggest enhancements in alerting functionality, improved documentation, and more intuitive interface options. Elastic Observability faces challenges with setup complexity, requires better training materials, and could simplify its initial configuration process.

Ease of Deployment and Customer Service: Devo is recognized for straightforward deployment and responsive customer service, aided by guided installation. Elastic Observability is less intuitive but has effective customer support for issue resolution.

Pricing and ROI: Devo is known for its competitive pricing and favorable ROI due to lower setup costs. Elastic Observability, while more expensive, provides satisfactory ROI through advanced analytics and features.

To learn more, read our detailed Devo vs. Elastic Observability Report (Updated: April 2025).

Buyer's Guide

Devo vs. Elastic Observability

April 2025

Download the complete report

Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Devo

Ranking in Log Management

27th

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (26th), IT Operations Analytics (6th), AIOps (17th)

Elastic Observability

Ranking in Log Management

14th

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (7th), IT Infrastructure Monitoring (7th), Container Monitoring (4th), Cloud Monitoring Software (7th)

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of Devo is 0.6%, down from 0.8% compared to the previous year. The mindshare of Elastic Observability is 1.4%, down from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management

Featured Reviews

Michael Wenn

CEO / Co-Founder at Aiops ltd

Has cloud-first architecture with SIEM technology to run security operations

When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.

Read full review

Adelina Craciun

Product Owner at Swisscom

Customization enables tailored monitoring and alerting across departments

The possibility to customize it has been quite useful. Whatever the other departments want to dream up, we implement. Whatever they want to monitor, the granularity of it, the changes in the threshold, and the anomalies that they want reported all require some development. So far, every single request has been fulfilled.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."

"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."

"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."

"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."

"The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events."

"The most useful feature for us, because of some of the issues we had previously, was the simplicity of log integrations. It's much easier with this platform to integrate log sources that might not have standard logging and things like that."

"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."

"Scalability is one of Devo's strengths."

More Devo pros

"The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes."

"Elastic provides built-in features for queries and report generation. It's a very good tool for monitoring integration capabilities."

"For full stack observability, Elastic is the best tool compared with any other tool ."

"It is very stable, and I would rate it ten out of ten based on my interaction with it."

"Machine learning is the most valuable feature of this solution."

"I recommend Elastic Observability for its completeness of vision and wide ecosystem."

"Good design and easy to use once implemented."

"All the features that we use, such as monitoring, dashboarding, reporting, the possibility of alerting, and the way we index the data, are important."

More Elastic Observability pros

Cons

"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."

"I would like to have the ability to create more complex dashboards."

"Their documentation could be better. They are growing quickly and need to have someone focused on tech writing to ensure that all the different updates, how to use them, and all the new features and functionality are properly documented."

"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."

"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."

"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."

"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."

"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."

More Devo cons

"One example is the inability to monitor very old databases with the newest version."

"The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages."

"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."

"Improving code insight related to infrastructure and network, particularly focusing on aspects such as firewalls, switches, routers, and testing would be beneficial."

"Elastic Observability’s price could be improved."

"I am familiar with Azure Monitor, which I find more user-friendly compared to Elastic, which is a very technical tool."

"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."

"They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base."

More Elastic Observability cons

Pricing and Cost Advice

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."

"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."

"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."

"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."

"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."

"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."

"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."

"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."

More Devo pricing and cost advice

"We have been using the open-source version."

"Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."

"There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."

"Pricing is one of those situations where the more you use it, the more you pay."

"One needs to pay for the licenses, and it is an annual subscription model right now."

"Elastic Observability is cheaper than other similar solutions, such as Dynatrace. Its license calculation is based on various factors like data volume and physical infrastructure, particularly related to RAM capacity."

"The price of Elastic Observability is expensive."

"The product is not that cheap."

More Elastic Observability pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

850,236 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

15%

Government

University

Financial Services Firm

19%

Computer Software Company

15%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Devo?

Devo has a really good website for creating custom configurations.

See all answers

What is your experience regarding pricing and costs for Devo?

Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.

See all answers

What needs improvement with Devo?

They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...

See all answers

What do you like most about Elastic Observability?

Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning...

See all answers

What is your experience regarding pricing and costs for Elastic Observability?

Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing. However, sizing and licensing information could be clearer.

See all answers

What needs improvement with Elastic Observability?

Of course, maintenance is necessary, as with any software, requiring updates with the latest features and security enhancements. It lacked some capabilities when handling on-prem devices, like netw...

See all answers

Comparisons

IBM Security QRadar vs Devo

Compared 17% of the time

Splunk Enterprise Security vs Devo

Compared 17% of the time

Microsoft Sentinel vs Devo

Compared 16% of the time

LogRhythm SIEM vs Devo

Compared 6% of the time

Wazuh vs Devo

Compared 6% of the time

More Devo Competitors

New Relic vs Elastic Observability

Compared 15% of the time

Sentry vs Elastic Observability

Compared 13% of the time

Dynatrace vs Elastic Observability

Compared 12% of the time

Grafana vs Elastic Observability

Compared 9% of the time

Zabbix vs Elastic Observability

Compared 8% of the time

More Elastic Observability Competitors

Product Reports

Buyer's Guide

Devo

May 2025

Download Devo product report

Buyer's Guide

Elastic Observability

May 2025

Download Elastic Observability product report

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

Elastic Observability is primarily used for monitoring login events, application performance, and infrastructure, supporting significant data volumes through features like log aggregation, centralized logging, and system metric analysis.

Elastic Observability employs Elastic APM for performance and latency analysis, significantly aiding business KPIs and technical stability. It is popular among users for system and server monitoring, capacity planning, cyber security, and managing data pipelines. With the integration of Kibana, it offers robust visualization, reporting, and incident response capabilities through rapid log searches while supporting machine learning and hybrid cloud environments.

What are Elastic Observability's key features?

Economic licensing: Offers cost-effective plans.
Extensive metrics tracking: Helps in comprehensive system monitoring.
Comprehensive logging: Centralizes log data efficiently.
Performance Monitoring: Provides robust APM capabilities.
Integration: Seamlessly integrates with other solutions.
Kibana visualization: Facilitates data visualization and reporting.
Machine learning support: Enables advanced data analysis.
Flexible deployment: Supports various deployment environments.
Rapid log searches: Enhances quick incident response.
Accessibility: Offers extensive online documentation and connector support.

What benefits or ROI should users look for in Elastic Observability reviews?

Stability: Look for consistent performance and reliability.
Compliance: Effective monitoring aids in regulation adherence.
System Security: Enhanced system monitoring and alert management.
Cost-Effectiveness: Evaluate the economic pricing models.
Scalability: Adequate scalability options for growing needs.

Companies in technology, finance, healthcare, and other industries implement Elastic Observability for tailored monitoring solutions. They find its integration with existing systems useful for maintaining operation efficiency and security, particularly valuing the visualization capabilities through Kibana to monitor KPIs and improve incident response times.

Elastic

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel

PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank

Buyer's Guide

Devo vs. Elastic Observability

April 2025

Free Report: Devo vs. Elastic Observability

Find out what your peers are saying about Devo vs. Elastic Observability and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,236 professionals have used our research since 2012.

See our Devo vs. Elastic Observability report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.