We performed a comparison between Elastic Security and Fortinet FortiAnalyzer based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."
"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"Elastic is straightforward, easy to integrate, and highly customizable."
"The cost is reasonable. It's not overly pricey."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"It's not very complicated to install Elastic."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"Elastic Security allows us to deliver visibility in a few hours, which makes our customers more confident in our service."
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"This solution offers one view of incident management which has been the most valuable feature."
"The product can scale."
"Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine."
"I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it."
"The initial setup is straightforward."
"The solution does what it is supposed to. I want it to do reports for Fortinet and it does it well."
"Initial setup is ok."
"Technical support could be better."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"The biggest challenge has been related to the implementation."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"Better integration with third-party APMs would be really good."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"It could use maybe a little more on the Linux side."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."
"The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better."
"The traffic monitoring could be better, and stability could be improved."
"The pricing could be better."
"Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking."
"If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot."
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Elastic Security is ranked 7th in Log Management with 18 reviews while Fortinet FortiAnalyzer is ranked 9th in Log Management with 32 reviews. Elastic Security is rated 7.4, while Fortinet FortiAnalyzer is rated 8.2. The top reviewer of Elastic Security writes "It is quite comprehensive and you're able to do a lot of tasks". On the other hand, the top reviewer of Fortinet FortiAnalyzer writes "It creates a central point of management and control, giving you real-time insight into what is going on. ". Elastic Security is most compared with Splunk, Wazuh, Graylog, Datadog and Nagios Log Server, whereas Fortinet FortiAnalyzer is most compared with Splunk, Wazuh, Graylog, Datadog and LogRhythm NextGen SIEM. See our Elastic Security vs. Fortinet FortiAnalyzer report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
