Try our new research platform with insights from 80,000+ expert users

Elastic Security vs LogRhythm UEBA comparison

Elastic and LogRhythm are both solutions in the Extended Detection and Response (XDR) category. Elastic is ranked #8 with an average rating of 7.7, while LogRhythm is ranked #25 with an average rating of 7.0. Elastic holds a 5.8% mindshare in XDR, compared to LogRhythm’s 1.1% mindshare. Additionally, 86% of Elastic users are willing to recommend the solution, compared to 55% of LogRhythm users who would recommend it.
Elastic Security
Read 64 Elastic Security reviews
  • 6,295 Views
  • 5,294 Comparison Views
86% willing to recommend
LogRhythm UEBA
Read 11 LogRhythm UEBA reviews
  • 915 Views
  • 756 Comparison Views
55% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Elastic Security and LogRhythm UEBA compete in the security field, each offering distinct advantages. Elastic Security holds an edge in pricing and support, while LogRhythm UEBA stands out with comprehensive features.

Features: Elastic Security is recognized for its integration with existing tools, scalability, and flexibility. LogRhythm UEBA offers advanced analytics, strong threat detection, and tools optimized for proactive security measures.

Room for Improvement: Elastic Security could enhance its threat intelligence capabilities, refine reporting functionality, and improve user interface design. LogRhythm UEBA users suggest more intuitive reporting features, faster deployment options, and a more user-friendly configuration process.

Ease of Deployment and Customer Service: Elastic Security benefits from a straightforward deployment process and speedy support response. LogRhythm UEBA, while more complex to deploy, provides robust customer service to assist in configuration.

Pricing and ROI: Elastic Security is praised for cost-effectiveness and consistent ROI. LogRhythm UEBA, although with higher initial costs, is valued for its advanced features and substantial long-term ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Elastic Security vs. LogRhythm UEBA Report (Updated: April 2025).
Buyer's Guide
Elastic Security vs. LogRhythm UEBA
April 2025
Download the complete report
Helped 852,649 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Extended Detection and Response (XDR)
8th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (6th)
LogRhythm UEBA
Ranking in Extended Detection and Response (XDR)
25th
Average Rating
7.0
Reviews Sentiment
6.7
Number of Reviews
11
Ranking in other categories
User Entity Behavior Analytics (UEBA) (11th)
 

Mindshare comparison

As of May 2025, in the Extended Detection and Response (XDR) category, the mindshare of Elastic Security is 5.8%, down from 8.0% compared to the previous year. The mindshare of LogRhythm UEBA is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Read full review
Sheikh Abu Ayub Azad - PeerSpot reviewer
Great at managing cyber incidents; the technical support could be improved
The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is scalable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"Elastic is straightforward, easy to integrate, and highly customizable."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The solution's most valuable features are anomaly detection and connectivity reporting."
"I like the indexing of the logs."
More Elastic Security pros
"It is easy to monitor users and that is how the solution is adding value to our firm."
"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."
"Good capability pinpointing specific cyber incidents."
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The most valuable features are file activity monitoring and registry activity monitoring."
"What I like most about LogRhythm UEBA is that it allows you to identify and analyze end-user behaviors and suspicious activities within the systems."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"It has a lot of features. It has file integration monitoring."
More LogRhythm UEBA pros
 

Cons

"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"It could use maybe a little more on the Linux side."
"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"The biggest challenge has been related to the implementation."
More Elastic Security cons
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The cloud version is lacking and not up to par."
"In general, if something needs to be improved in the algorithm, it would be the dashboards."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."
"The UI could be improved a little bit."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
More LogRhythm UEBA cons
 

Pricing and Cost Advice

"Compared to other tools, Elastic Security is a cheaper solution."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The solution is free."
"Elastic Security is free to use."
"The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
More Elastic Security pricing and cost advice
"It is quite a budget-friendly product."
"LogRhythm UEBA's pricing is affordable for small and medium businesses."
"Licensing is on a yearly basis. It's not expensive compared to its competitors."
"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
"The pricing is nice when compared to other products in the industry."
"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
852,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
18%
Financial Services Firm
11%
Manufacturing Company
9%
Real Estate/Law Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
See all answers
What do you like most about LogRhythm UserXDR?
The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
See all answers
What is your experience regarding pricing and costs for LogRhythm UserXDR?
I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
See all answers
What needs improvement with LogRhythm UserXDR?
In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
See all answers
 

Comparisons

Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 20% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 8% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 7% of the time
Microsoft Defender for Endpoint vs Elastic Security Logo
Microsoft Defender for Endpoint vs Elastic Security
Compared 5% of the time
More Elastic Security Competitors
Wazuh vs LogRhythm UEBA Logo
Wazuh vs LogRhythm UEBA
Compared 44% of the time
Darktrace vs LogRhythm UEBA Logo
Darktrace vs LogRhythm UEBA
Compared 19% of the time
Cortex XDR by Palo Alto Networks vs LogRhythm UEBA Logo
Cortex XDR by Palo Alto Networks vs LogRhythm UEBA
Compared 9% of the time
Microsoft Purview Insider Risk Management vs LogRhythm UEBA Logo
Microsoft Purview Insider Risk Management vs LogRhythm UEBA
Compared 8% of the time
CrowdStrike Falcon vs LogRhythm UEBA Logo
CrowdStrike Falcon vs LogRhythm UEBA
Compared 6% of the time
More LogRhythm UEBA Competitors
 

Product Reports

Buyer's Guide
Elastic Security
May 2025
Elastic Security reportDownload Elastic Security product report
Buyer's Guide
User Entity Behavior Analytics (UEBA)
May 2025
LogRhythm UEBA reportDownload LogRhythm UEBA product report
 

Also Known As

Elastic SIEM, ELK Logstash
LogRhythm UserXDR, LogRhythm Enterprise UEBA
 

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

Elastic

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm
 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Information Not Available
Buyer's Guide
Elastic Security vs. LogRhythm UEBA
April 2025
Free Report: Elastic Security vs. LogRhythm UEBA
Find out what your peers are saying about Elastic Security vs. LogRhythm UEBA and other solutions. Updated: April 2025.
DOWNLOAD NOW
852,649 professionals have used our research since 2012.
See our Elastic Security vs. LogRhythm UEBA report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.