Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Google Cloud's operations suite (formerly Stackdriver) vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of June 2025, in the Log Management category, the mindshare of Elastic Security is 3.1%, down from 6.3% compared to the previous year. The mindshare of Google Cloud's operations suite (formerly Stackdriver) is 0.6%, down from 0.9% compared to the previous year. The mindshare of IBM Security QRadar is 3.7%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Anand_Patel - PeerSpot reviewer
Offers reliable Ops Agent and logging transport feature with easy third-party integrations
As part of our company, we implemented several changes in our log analytics pattern, including the storage and procurement process. Earlier, before implementing the solution, our company was able to procure only one year of data, but later, we came to the three-year mark. Around 15-20% reduction has been witnessed in the total analytic consumption of our company. The aforementioned result was possible because the solution allowed the creation of a dashboard where factors like storage costs, proportion of logs, and logs presence in a storage bucket or BigQuery can all be checked. Earlier all logs were stored in a raw storage, but currently our company is able to move logs in table bucket that contributes towards cost savings.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"I like the indexing of the logs."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"It is scalable."
"The most valuable feature is the machine learning capability."
"The stability of the solution is good."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"We find the solution to be stable."
"It's easy to use."
"The cloud login enables us to get our logs from the different platforms that we currently use."
"Provides visibility into the performance uptime."
"The most valuable feature is the multi-cloud integration, where there is support for both GCP and AWS."
"Offers a valuable logging transport feature"
"I like the monitoring feature."
"Google's technical support is very good."
"IBM QRadar Advisor with Watson is a stable solution."
"Most of our clients are interested in automation. The automation part is good because they are able to detect threats and vulnerabilities in real time. It's very fast."
"This solution has excellent security analytics."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"QRadar UBA's most valuable feature is the risk rating of users depending on their behavior."
"It's quite scalable. We have upgraded some solutions from 1000 APS up to 3500 APS to 5000 APS. It's a good solution, they have no scalability issues."
"I think this is a good product for enterprises because of the performance and out-of-the-box rules and use cases. If they want to reach the maturity level early, they can use these out-of-the-box rules and use cases. That will help them a lot."
"I like that it's easy to use and the performance is good."
 

Cons

"I would like more ways to manage permissions and restrict access to certain users."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"Technical support could respond faster."
"This solution is very hard to implement."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"The product provides minimal metrics that are insufficient."
"It is difficult to estimate in advance how much something is going to cost."
"It could be more stable."
"The logging functionality could be better."
"It could be even more automated."
"If I want to track any round-trip or breakdowns of my response times, I'm not able to get it. My request goes through various levels of the Google Cloud Platform (GCP) and comes back to my client machine. Suppose that my request has taken 10 seconds overall, so if I want to break it down, to see where the delay is happening within my architecture, I am not able to find that out using Stackdriver."
"This solution could be improved if it offered the ability to analyze charts, such as a solution like Kibana."
"The process of logging analytics can be improved"
"Ideally we would like a mobile version so that any alert that comes in will notify us in a mobile app, or by using SMS integration."
"We sometimes experience downtime, but it depends on the version. There is some variability."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"AI is superb but need improvements."
"Technical support is good, but not great."
"I would like to see some artificial intelligence and alternative solutions."
"I would like the rule creation interface to be much more user-friendly in the next release."
"Dashboards and reports could provide better visualization of SIEM activity."
 

Pricing and Cost Advice

"We use the open-source version, so there is no charge for this solution."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"This is an open-source product, so there are no costs."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"When compared to other products, the price is average or on the low side."
"The solution is not expensive and costs around ten dollars a month."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"Elastic Security is free to use."
"The cost of using Stackdriver depends on usage."
"The cost could be lower."
"We have a basic standard license without any additional costs."
"The tool's on-premise version is expensive. However, it is cheaper than Splunk. The hybrid model offers shared instances for customers, which is not expensive. Customers with a limited budget can opt for it. You can get premium support with licenses. However, if you need customized integration, you need to buy it."
"There is a license required for this solution. There are some limitations depending on what license you purchase."
"When compared with other SIM solutions, QRadar is considerably less expensive."
"The cost of this product is expensive."
"The pricing is always fine."
"The tool is priced in a competitive manner. The tool's price is dependent on the installation and the product size, but it is competitive in the marketplace."
"I think that the price is fair, but we can always say that the price could be cheaper."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate IBM Security QRadar's pricing a five out of ten."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
854,618 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Financial Services Firm
19%
Computer Software Company
13%
Manufacturing Company
7%
Real Estate/Law Firm
6%
Educational Organization
16%
Computer Software Company
15%
Financial Services Firm
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they...
What needs improvement with Google Stackdriver?
If the errors are caught early in the interface, it would be easier for users to manage. The process of logging analy...
What is your primary use case for Google Stackdriver?
I use the solution for logging, defining alerts, and monitoring. Our company's Java and Python logging teams mainly u...
What advice do you have for others considering Google Stackdriver?
The Ops Agent and logging transport feature of the solution have had a major impact on improving application performa...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendli...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
 

Also Known As

Elastic SIEM, ELK Logstash
Google Stackdriver, Stackdriver Monitoring, Stackdriver Logging, Google Cloud Monitoring
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Uber, Batterii, Q42, Dovetail Games
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Wazuh, Splunk, Datadog and others in Log Management. Updated: May 2025.
854,618 professionals have used our research since 2012.