We performed a comparison between Elastic Security and IBM SevOne Network Performance Management (NPM) based on real PeerSpot user reviews.Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"It's not very complicated to install Elastic."
"The cost is reasonable. It's not overly pricey."
"Elastic Security allows us to deliver visibility in a few hours, which makes our customers more confident in our service."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"We've found the initial setup to be quite straightforward."
"I like the indexing of the logs."
"Enables monitoring of application performance and the ability to predict behaviors."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"The feature that I have found most valuable is the scale-up and scale-down. The scale-up is an operation where the CPU boosts-up and then the memory will boost-up. That works awesomely."
"The modules and the performance management reports that come with data insights are two of the most valuable features. I also find the reports for Wi-Fi, Netflow, LAN, and WAN for monitoring to be very good."
"Its ability to monitor practically any type of network device via SNMP is most valuable. This is the main functionality that we're using. If a network device exposes a metric, such as interface utilization, SevOne will monitor it for us."
"It also gives us the closest thing to real-time insight into network performance that we have, with just a 10-second delay. It's very important for us to know the health of the infrastructure very quickly."
"The most valuable feature as of late has been the API integration with ServiceNow."
"Another useful feature is that SevOne gives you real-time insights into your network performance. It polls every five minutes. That is important for our customers because there are some network teams that are always monitoring their networks."
"Data Insight reporting tool is the most valuable feature. They came up with it a couple of years ago. The most pleasing factor is the dark theme. You don't have a white background. It has templates that you can create for all kinds of reports that you can hit on the fly. It's much better printing of the reports. If you want to send PDFs to people, the reports are actually decent. Whereas for years, the old architecture of the PDFs was rubbish and even our customers said, "We have to manipulate your PDFs because they all have bad margin breaks. SevOne fixed that a couple of years ago with the new Data Insight. It's fantastic."
"SevOne has rich API capabilities, giving us the flexibility to control what we collect and customize the collection, creation, and manipulation of now metrics as necessary."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"I would like to have the ability to create more complex dashboards."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"Elastic Security provides a huge amount of searchable data, which is a great advantage in itself but is costly in terms of the number of servers used."
"It could use maybe a little more on the Linux side."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"Better integration with third-party APMs would be really good."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"There are a lot of pain points. My main problem is that we don't have a high availability system. There are 20 peers. We're going to lose the end-of-life appliances that are old. If we lose a peer and it doesn't come back, we lose all that data. The reason we don't have high availability is because it's double the charge."
"There are some tweaks and enhancements that I've already requested. One is to be able to make changes per device rather than as a global setting. That has to do with naming. It's minor."
"The user management features need to be improved. It would be nice if we had more granular control, or layers of control, out of the box."
"The one area with room for improvement is probably administration. They added data insights to make a better user experience, but I'd like to see some improvements in the way the system's administered."
"We need to be thinking about streaming telemetry protocols. They already have the port for enhanced visualization, which they already have through Data Insight."
"You need to plan integrations. That has been the biggest bug with SevOne so far. For the things that SevOne pulls directly, those are easy to understand, modify, and put into the database. For things that need to use the Universal Collector or xStats, you need to plan that stuff well in advance."
"Would benefit with the addition of AI modules for proactive data insights."
"Their virtualization solution is not compatible with our Kubernetes environment, which is one of the reasons we are ending our relationship with them."
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
The IBM® SevOne Network Performance Management (IBM SevOne NPM) solution helps you spot, address, and prevent network performance issues early with machine learning-powered analytics from a single source. Boost network performance and improve your user application experience by proactively monitoring your multivendor end-to-end network across enterprise, communication, and managed service provider networks.
Transform raw network performance data into intelligent and actionable insights. The IBM SevOne NPM solution goes beyond detection, combining industry-leading expertise and advanced technology to help your IT team plan and optimize your network and act on what matters: improving network performance to provide an exceptional customer experience.
For further information, please visit www.ibm.com/cloud/sevo...
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Elastic Security is ranked 8th in Log Management with 17 reviews while IBM SevOne Network Performance Management (NPM) is ranked 6th in Log Management with 20 reviews. Elastic Security is rated 7.2, while IBM SevOne Network Performance Management (NPM) is rated 8.2. The top reviewer of Elastic Security writes "Integrates into the overall ELK Stack, scans for vulnerabilities well and offers good performance". On the other hand, the top reviewer of IBM SevOne Network Performance Management (NPM) writes "Easy to use, facilitates proactive problem detection and resolution, with helpful and responsive support". Elastic Security is most compared with Wazuh, Splunk, Graylog, Datadog and Fortinet FortiSIEM, whereas IBM SevOne Network Performance Management (NPM) is most compared with SolarWinds NPM, Zabbix, IBM QRadar, Fortinet FortiAnalyzer and Splunk. See our Elastic Security vs. IBM SevOne Network Performance Management (NPM) report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.