Try our new research platform with insights from 80,000+ expert users

Elastic Observability vs Security Onion comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Observability
Ranking in Log Management
16th
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
27
Ranking in other categories
Application Performance Monitoring (APM) and Observability (7th), IT Infrastructure Monitoring (10th), Container Monitoring (4th), Cloud Monitoring Software (6th)
Security Onion
Ranking in Log Management
21st
Average Rating
7.6
Reviews Sentiment
5.5
Number of Reviews
3
Ranking in other categories
AWS Marketplace (16th)
 

Mindshare comparison

As of July 2025, in the Log Management category, the mindshare of Elastic Observability is 1.4%, down from 2.1% compared to the previous year. The mindshare of Security Onion is 5.0%, up from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Adelina Craciun - PeerSpot reviewer
Customization enables tailored monitoring and alerting across departments
The possibility to customize it has been quite useful. Whatever the other departments want to dream up, we implement. Whatever they want to monitor, the granularity of it, the changes in the threshold, and the anomalies that they want reported all require some development. So far, every single request has been fulfilled.
Jörg Kippe - PeerSpot reviewer
A mature and affordable solution that is easy to install and easy to update
The product takes time to learn, it's not that easy. In the beginning we had a lot of questions. If you want to use such a tool in an real (industrial) environment, you have to ask how to get the network data. Can we do a full packet capture? Can we provide agents to our end systems? There are no simple solutions to these questions. It's a general problem when running such systems in an industrial environment.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I recommend Elastic Observability for its completeness of vision and wide ecosystem."
"Elastic provides built-in features for queries and report generation. It's a very good tool for monitoring integration capabilities."
"The most valued feature of Elastic is its log analytics capabilities."
"The most valuable feature of Elastic Observability is the text search."
"Machine learning is the most valuable feature of this solution."
"The solution is open-source and helps with back-end logging. It is also easy to handle."
"It is scalable and supports multitenancy, which is beneficial for MSPs."
"The solution allows us to dig deep into data."
"We use Security Onion for internal vulnerability assessment."
"Security Onion is the most mature solution in the market."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
 

Cons

"The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration of hot, warm, and cold zones for data storage. Additionally, managing log retention policies adds further complexity. The solution's pricing also needs to be cheaper."
"Elastic Observability needs to improve the retrieval of logs and metrics from all the instances."
"The auto-discovery isn't nearly as good. That's a big portion of it. When you drop the agent onto the JVM and you're trying to figure things out, having to go through and manually do all that is cumbersome."
"I am familiar with Azure Monitor, which I find more user-friendly compared to Elastic, which is a very technical tool."
"If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful."
"Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low."
"When opening tickets, we cannot use our team mailbox."
"Elastic Observability’s price could be improved."
"The initial setup of the solution is a little bit difficult."
"Security Onion's user interface could be improved."
"The product is not easy to learn."
 

Pricing and Cost Advice

"So far, there are just the standard licensing fees. Several of the components are embedded in the license or are even open source. They're even free depending on what you use, which makes it even more appealing to someone that is discussing pricing of the solution."
"Elastic Observability is cheaper than other similar solutions, such as Dynatrace. Its license calculation is based on various factors like data volume and physical infrastructure, particularly related to RAM capacity."
"We will buy a premium license after POC."
"The product’s pricing needs improvement."
"One needs to pay for the licenses, and it is an annual subscription model right now."
"The price of Elastic Observability is expensive."
"The product is not that cheap."
"We have been using the open-source version."
"It is an open-source solution."
"Security Onion is an open-source solution."
"Security Onion is a free solution."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
862,624 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
8%
Government
6%
Computer Software Company
11%
University
11%
Comms Service Provider
11%
Government
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Elastic Observability?
Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning...
What is your experience regarding pricing and costs for Elastic Observability?
The license for Elastic Observability is the same as for other uses; you pay for Elastic, and you can use it for various cases. Observability is actually cheaper compared to logs because you're not...
What needs improvement with Elastic Observability?
I think they are working on the AI-based features, which are currently in technical preview. The only challenging aspect for new users is often writing the query language. Basic searching is very e...
What do you like most about Security Onion?
The most valuable feature of Security Onion for security monitoring is its ability to find infected ports.
What is your experience regarding pricing and costs for Security Onion?
Security Onion is an open-source solution. On a scale from one to ten, where ten is expensive and one is cheap, I rate the solution's pricing a six out of ten.
What needs improvement with Security Onion?
The initial setup of the solution is a little bit difficult.
 

Overview

 

Sample Customers

PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
Information Not Available
Find out what your peers are saying about Elastic Observability vs. Security Onion and other solutions. Updated: July 2025.
862,624 professionals have used our research since 2012.