No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs syslog-ng comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Log Management
11th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Security Information and Event Management (SIEM) (7th), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (10th), Extended Detection and Response (XDR) (12th)
syslog-ng
Ranking in Log Management
17th
Average Rating
9.0
Reviews Sentiment
3.2
Number of Reviews
7
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Elastic Security is 3.4%, up from 3.0% compared to the previous year. The mindshare of syslog-ng is 1.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Elastic Security3.4%
syslog-ng1.3%
Other95.3%
Log Management
 

Featured Reviews

Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
OC
IT Infrastructure & Cloud Security Manager at Thux
Has ensured compliance by centralizing log data and supporting secure connections
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I think we can use other features of this tool in the future. In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"The intelligence of the system has been very impressive; it's pretty accurate and gives you good details to create an intelligence report and present that to your C-level management."
"The most valuable feature for me is Discover."
"All of the features on the solution are useful due to the fact that I have the full Stack, therefore I can collect and then visualize."
"In my previous organization, I used this for central log management, increasing developer productivity."
"Elastic is straightforward, easy to integrate, and highly customizable."
"This is one of the best open-source log management and log analyzer tools in the world."
"ELK documentation is very good, so never needed to contact technical support."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"What I appreciate most about syslog-ng is its configuration; its C-style config is much easier to understand, read, and write than other popular solutions such as syslog or rsyslog."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"We chose syslog-ng because it is easy to install, easy to maintain, easy to update, and due to the fact that all data arrive in raw format, we can manipulate it as we want."
 

Cons

"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"Installation is a little bit overwhelming, so improvements on the installation site could make it easier."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"The solution could offer better reporting features."
"Their visuals and graphs need to be better."
"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"The initial configuration and setup are complicated and not straightforward."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"There is room for improvement in terms of observability."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is always the potential for additional integration and protocol extensions."
"The filtering has room for improvement."
"In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it."
 

Pricing and Cost Advice

"The solution is not expensive and costs around ten dollars a month."
"We are using the free, open-source version of this solution."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"When compared to other products, the price is average or on the low side."
"This is an open-source product, so there are no costs."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"There is no charge for using the open-source version."
"Compared to other tools, Elastic Security is a cheaper solution."
"Syslog-ng is a free open-source solution."
"Syslog-ng is open-source."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
904,146 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
9%
Financial Services Firm
8%
Government
8%
Manufacturing Company
8%
Financial Services Firm
11%
Government
10%
Manufacturing Company
9%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should get more mature. These machine learning algorithms become better with time; as ...
What needs improvement with syslog-ng?
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I thin...
What is your primary use case for syslog-ng?
In Italy, we have to be compliant with the Garante for privacy. We have to log every login, logout, or login failure made by a system administrator. We store all syslog data of the infrastructure. ...
What advice do you have for others considering syslog-ng?
When it comes to parsing, I can parse both structured and unstructured data, though our data are only structured. Currently, we collect all data we receive as raw data. Each file is stored for each...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Tecnocom, University of Victoria, University of Exeter, Datapath
Find out what your peers are saying about Elastic Security vs. syslog-ng and other solutions. Updated: June 2026.
904,146 professionals have used our research since 2012.