Elastic Observability and Wazuh compete in system monitoring and security. Elastic Observability has an advantage in analytics and visualization, while Wazuh is preferred for its security features.
Features: Elastic Observability is recognized for strong analytical capabilities, effective data visualization, and ability to help identify system health and performance issues. Wazuh provides robust security monitoring, compliance checks, and threat detection, appealing to security-focused users.
Room for Improvement: Elastic Observability could improve in configuration flexibility and scalability options. Wazuh could enhance its integration capabilities, improve documentation, and expand its platform interoperability to improve usability in diverse IT environments.
Ease of Deployment and Customer Service: Users find Elastic Observability easier to deploy due to its comprehensive documentation and dependable support. Wazuh requires more initial configuration, posing challenges for some users. Wazuh’s service team is responsive but could offer more detailed guidance for improved user experience.
Pricing and ROI: Elastic Observability offers a competitive pricing model, providing clear value over time. Wazuh is affordable, benefiting smaller organizations, though achieving optimal ROI may require additional customization and integration investments.
I have seen value in security cost savings with Wazuh, as using proprietary EDR versions could save us substantial money.
They responded quickly, which was crucial as I was on a time constraint.
We use the open-source version of Wazuh, which does not provide paid support.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
Elastic Observability seems to have a good scale-out capability.
What is not scalable for us is not on Elastic's side.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Currently, I don't see any limitations in terms of scalability as Wazuh can still connect many endpoints.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
It is very stable, and I would rate it ten out of ten based on my interaction with it.
Elastic Observability is really stable.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
The stability of Wazuh is largely dependent on maintenance.
The indexer frequently times out, requiring system restarts.
For instance, if you have many error logs and want to create a rule with a custom query, such as triggering an alert for five errors in the last hour, all you need to do is open the AI bot, type this question, and it generates an Elastic query for you to use in your alert rules.
It lacked some capabilities when handling on-prem devices, like network observability, package flow analysis, and device performance data on the infrastructure side.
One example is the inability to monitor very old databases with the newest version.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
I think Wazuh should improve by introducing AI functionalities, as it would be beneficial to see AI incorporated in the threat hunting and detection functionalities.
Wazuh could improve by creating videos on YouTube covering installation, use cases, and integration of third-party APIs for different scenarios that other SAAS services provide.
The license is reasonably priced, however, the VMs where we host the solution are extremely expensive, making the overall cost in the public cloud high.
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing.
Observability is actually cheaper compared to logs because you're not indexing huge blobs of text and trying to parse those.
Wazuh is completely free of charge.
Totaling around two lakh Indian rupees per month.
Wazuh is free to use, but there are licensing fees for third parties.
The most valuable feature is the integrated platform that allows customers to start from observability and expand into other areas like security, EDR solutions, etc.
the most valued feature of Elastic is its log analytics capabilities.
All the features that we use, such as monitoring, dashboarding, reporting, the possibility of alerting, and the way we index the data, are important.
Wazuh is a SIEM tool that is highly customizable and versatile.
The system allows us to monitor endpoints effectively and collect security data that can be utilized across other platforms such as SOAR.
With this open source tool, organizations can establish their own customized setup.
Elastic Observability is primarily used for monitoring login events, application performance, and infrastructure, supporting significant data volumes through features like log aggregation, centralized logging, and system metric analysis.
Elastic Observability employs Elastic APM for performance and latency analysis, significantly aiding business KPIs and technical stability. It is popular among users for system and server monitoring, capacity planning, cyber security, and managing data pipelines. With the integration of Kibana, it offers robust visualization, reporting, and incident response capabilities through rapid log searches while supporting machine learning and hybrid cloud environments.
What are Elastic Observability's key features?Companies in technology, finance, healthcare, and other industries implement Elastic Observability for tailored monitoring solutions. They find its integration with existing systems useful for maintaining operation efficiency and security, particularly valuing the visualization capabilities through Kibana to monitor KPIs and improve incident response times.
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.
Wazuh Capabilities
Some of Wazuh’s most notable capabilities include:
Wazuh Benefits
Some of the most valued benefits of Wazuh include:
Wazuh Offers
Reviews From Real Users
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited
“The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
