No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs Netwrix Auditor comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Log Management (11th), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (10th), Extended Detection and Response (XDR) (12th)
Netwrix Auditor
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
9.2
Reviews Sentiment
7.2
Number of Reviews
8
Ranking in other categories
GRC (14th), Identity and Access Management as a Service (IDaaS) (IAMaaS) (15th), Active Directory Management (3rd)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 3.5%, down from 5.6% compared to the previous year. The mindshare of Netwrix Auditor is 0.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Elastic Security3.5%
Netwrix Auditor0.7%
Other95.8%
Security Information and Event Management (SIEM)
 

Featured Reviews

Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
RishiPandit - PeerSpot reviewer
Lead - Technical Services at Impetus
Optimizing time and effort through comprehensive auditing features
Netwrix Auditor doesn't have many competitors at the level in which it is placed. All other companies provide auditing solutions but not up to the feature list; it is very broad and robust. The best features include flexibility to interact directly with MS-SQL. Real-time alerts help identify potential security threats. The ability to streamline audits with insights into configuration states is helpful, as the access reviews and audit reports are really insightful. This is a good tool. The search functionality is available, but comparative to other vendors, this is a bit slower. Reports are effective; the compliance reports and all the reports are very insightful. That is good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"I like the indexing of the logs."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"All of the features on the solution are useful due to the fact that I have the full Stack, therefore I can collect and then visualize."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It's simple and easy to use."
"Netwrix provides features that no other solution on the market does."
"What I find the most valuable about Netwrix Auditor is the way it shows risk. The reports are very clear."
"The most valuable features of Netwrix Auditor are its affordability compared to similar products and its comprehensive monitoring of admin activities."
"Netwrix Auditor was the easiest to use, most straightforward, and it had competitive pricing."
"I am impressed with the tool's reporting feature and notifications."
"Netwrix Auditor doesn't have many competitors at the level in which it is placed; all other companies provide auditing solutions but not up to the feature list—it is very broad and robust."
"Without Netwrix, it's impossible to take control of things."
"The most valuable feature is the real-time monitoring."
 

Cons

"Technical support could respond faster."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"The solution lacks self-service on password reset. It also needs to improve its scalability."
"If you buy direct, there is a minimum of 150 licenses that must be procured. The price point and barrier of entry is a little bit higher than it would be if you purchased the solution from an authorized reseller partner, rather than buying it and managing yourself."
"I expect usability features to become more refined over time. I'm interested to see how it evolves and continues to improve."
"When there are issues I would like remediation to be in one place."
"An improvement would be if there was an another way to manage the logs besides email because it's not so practical."
"There is room for improvement with the introduction of AI functionality."
"There is room for improvements when it comes to the licensing."
"In the UI, we have to adjust and resize our console many times, and sometimes it appears, sometimes you have to close and open it, and sometimes it does not give a scroll bar to navigate."
 

Pricing and Cost Advice

"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"Affordable but with additional costs"
"The solution is free."
"There is no charge for using the open-source version."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"Elastic Security is free to use."
"There is a license for this solution and we are on an annual license. The price is reasonable."
"The tool's price is fair."
"This solution is reasonably priced. I would rate it a nine out of ten."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
9%
Financial Services Firm
9%
Government
8%
Manufacturing Company
8%
Financial Services Firm
10%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise4
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should get more mature. These machine learning algorithms become better with time; as ...
What is your experience regarding pricing and costs for Netwrix Auditor?
I don't know about the pricing of this, but it is good at this price point because our organization has purchased it, which means it was in budget. We usually do not buy expensive solutions, so the...
What needs improvement with Netwrix Auditor?
The areas of improvement include the front end, as the UI should be more intuitive and there should be fewer bugs. In the UI, we have to adjust and resize our console many times, and sometimes it a...
What is your primary use case for Netwrix Auditor?
We use Netwrix Auditor for auditing, log centralizing, centralizing the logs, log management, and for permission access management, giving permission on shared folders and Active Directory groups.
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
AT&T, SanDisk, Siemens, Verizon, Electrolux, Allianz, Societe Generale
Find out what your peers are saying about Elastic Security vs. Netwrix Auditor and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.