Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Google Cloud's operations suite (formerly Stackdriver) vs IBM Security QRadar comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of June 2025, in the Log Management category, the mindshare of Elastic Security is 3.1%, down from 6.3% compared to the previous year. The mindshare of Google Cloud's operations suite (formerly Stackdriver) is 0.6%, down from 0.9% compared to the previous year. The mindshare of IBM Security QRadar is 3.7%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Anand_Patel - PeerSpot reviewer
Offers reliable Ops Agent and logging transport feature with easy third-party integrations
As part of our company, we implemented several changes in our log analytics pattern, including the storage and procurement process. Earlier, before implementing the solution, our company was able to procure only one year of data, but later, we came to the three-year mark. Around 15-20% reduction has been witnessed in the total analytic consumption of our company. The aforementioned result was possible because the solution allowed the creation of a dashboard where factors like storage costs, proportion of logs, and logs presence in a storage bucket or BigQuery can all be checked. Earlier all logs were stored in a raw storage, but currently our company is able to move logs in table bucket that contributes towards cost savings.
Md. Shahriar Hussain - PeerSpot reviewer
Real-time incident detection and user-friendly dashboard benefit daily operations
There are many types of AI, and this AI is very limited in SQL and features. There may be potential for improvement. So far, it seems very limited. It shows some good features in the correlation part, but I think there is room for improvement. For instance, when creating rules, it can suggest more rules, reducing the effort needed. If AI-related support can suggest rules and integrate with existing security devices like MD, IPS, this SIM can create more relevant rules. Sometimes logs I receive don't mean anything, and I need technical stakeholders to share or forward logs, but these are sometimes inadequate. Keywords can help identify insufficient logs. I often lack time to verify logs. Sharing false positive results could be reduced to help my team.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The performance is good and it is faster than IBM QRadar."
"The cost is reasonable. It's not overly pricey."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"ELK documentation is very good, so never needed to contact technical support."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Google's technical support is very good."
"Provides visibility into the performance uptime."
"I like the monitoring feature."
"The features that I have found most valuable are its graphs - if I need any statistics, in Kubernetes or Kong level or VPN level, I can quickly get the reports."
"The cloud login enables us to get our logs from the different platforms that we currently use."
"We find the solution to be stable."
"Our company has a corporate account for Google Cloud and so our systems and clusters integrate really well."
"Offers a valuable logging transport feature"
"It has improved my efficiency."
"I like that it's easy to use and the performance is good."
"The scalability is very good. It's not a problem."
"We run 65 servers globally with just two people: an engineering person and me."
"Integration is very easy and the reporting is good."
"There are a lot of great out-of-the-box features included."
"My overall rating for this solution is nine out of ten."
"The solution is relatively easy to use."
 

Cons

"Elastic Security consumes a lot of resources, requiring a substantial deployment setup."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"The interface could be more user friendly because it is sometimes hard to deal with."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The biggest challenge has been related to the implementation."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Continuous upgrades can be quite inconvenient. My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"Lacking sufficient operations documentation."
"It could be even more automated."
"The process of logging analytics can be improved"
"If I want to track any round-trip or breakdowns of my response times, I'm not able to get it. My request goes through various levels of the Google Cloud Platform (GCP) and comes back to my client machine. Suppose that my request has taken 10 seconds overall, so if I want to break it down, to see where the delay is happening within my architecture, I am not able to find that out using Stackdriver."
"It is difficult to estimate in advance how much something is going to cost."
"The logging functionality could be better."
"The product provides minimal metrics that are insufficient."
"While we are satisfied with the overall performance, in certain cases we must add additional metrics and additional tools like Grafana and Dynatrace."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"Needs better visualization options beyond the time series charts and a few other options that they have."
"The dashboards are all legacy and old."
"A lot of information that we receive for the devices is IP-based, but it would help if we could have a default dashboard in which we can add more details about the assets for which we are receiving the information. For example, if it is a Windows or Linux device, we only get the IP for that particular device. We don't really get the name and other details of that particular device. For that, you have to drill down into your own asset management system. It would be good to have a place where we can probably add this information so that we don't have to look into other tools."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"The solution can be improved by lowering the cost and bettering their technical support."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"We sometimes experience downtime, but it depends on the version. There is some variability."
 

Pricing and Cost Advice

"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
"The solution is not expensive and costs around ten dollars a month."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"Affordable but with additional costs"
"The solution is free."
"The cost could be lower."
"We have a basic standard license without any additional costs."
"The cost of using Stackdriver depends on usage."
"It is costlier as compared to the other alternatives available in the market."
"The tool is priced in a competitive manner. The tool's price is dependent on the installation and the product size, but it is competitive in the marketplace."
"The tool's on-premise version is expensive. However, it is cheaper than Splunk. The hybrid model offers shared instances for customers, which is not expensive. Customers with a limited budget can opt for it. You can get premium support with licenses. However, if you need customized integration, you need to buy it."
"The price could be better. I bought a subscription for three years."
"It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
"The pricing is always fine."
"I think that the price is fair, but we can always say that the price could be cheaper."
"Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
857,162 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Financial Services Firm
20%
Computer Software Company
14%
Manufacturing Company
7%
Real Estate/Law Firm
6%
Computer Software Company
16%
Financial Services Firm
11%
Educational Organization
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several time...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it con...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they...
What needs improvement with Google Stackdriver?
If the errors are caught early in the interface, it would be easier for users to manage. The process of logging analy...
What is your primary use case for Google Stackdriver?
I use the solution for logging, defining alerts, and monitoring. Our company's Java and Python logging teams mainly u...
What advice do you have for others considering Google Stackdriver?
The Ops Agent and logging transport feature of the solution have had a major impact on improving application performa...
What are the biggest differences between Securonix UEBA, Exabeam, and IBM QRadar?
It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendli...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is a...
What is your experience regarding pricing and costs for IBM Security QRadar?
When comparing with Splunk, IBM Security QRadar's cost is reasonable. Splunk is more expensive than IBM Security QRadar.
 

Also Known As

Elastic SIEM, ELK Logstash
Google Stackdriver, Stackdriver Monitoring, Stackdriver Logging, Google Cloud Monitoring
IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, IBM QRadar Advisor with Watson
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Uber, Batterii, Q42, Dovetail Games
Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
Find out what your peers are saying about Wazuh, Splunk, Datadog and others in Log Management. Updated: May 2025.
857,162 professionals have used our research since 2012.