No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs syslog-ng comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Log Management
11th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Security Information and Event Management (SIEM) (7th), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (10th), Extended Detection and Response (XDR) (12th)
syslog-ng
Ranking in Log Management
17th
Average Rating
9.0
Reviews Sentiment
3.2
Number of Reviews
7
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Elastic Security is 3.4%, up from 3.0% compared to the previous year. The mindshare of syslog-ng is 1.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Elastic Security3.4%
syslog-ng1.3%
Other95.3%
Log Management
 

Featured Reviews

Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
OC
IT Infrastructure & Cloud Security Manager at Thux
Has ensured compliance by centralizing log data and supporting secure connections
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I think we can use other features of this tool in the future. In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results."
"The visualization is very good."
"I think that it's a good solution for a SIEM."
"You just deploy and start using, and it's quite stable and hasn't broken down on us at all."
"Elastic Security is very easy to adapt."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"We chose syslog-ng because it is easy to install, easy to maintain, easy to update, and due to the fact that all data arrive in raw format, we can manipulate it as we want."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"What I appreciate most about syslog-ng is its configuration; its C-style config is much easier to understand, read, and write than other popular solutions such as syslog or rsyslog."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
 

Cons

"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"The biggest challenge has been related to the implementation."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"The solution is stable if you don't touch it too much. Meaning, it's technically stable, but if there is a period of downtime, you will face quite a big hiccup in getting it running again and stabilized."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."
"Installation is a little bit overwhelming, so improvements on the installation site could make it easier."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
"In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it."
"There is always the potential for additional integration and protocol extensions."
"The filtering has room for improvement."
 

Pricing and Cost Advice

"We are using the free, open-source version of this solution."
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Affordable but with additional costs"
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"We use the open-source version, so there is no charge for this solution."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"Syslog-ng is a free open-source solution."
"Syslog-ng is open-source."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
903,996 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
9%
Financial Services Firm
8%
Government
8%
Manufacturing Company
8%
Financial Services Firm
11%
Government
10%
Manufacturing Company
9%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should get more mature. These machine learning algorithms become better with time; as ...
What needs improvement with syslog-ng?
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I thin...
What is your primary use case for syslog-ng?
In Italy, we have to be compliant with the Garante for privacy. We have to log every login, logout, or login failure made by a system administrator. We store all syslog data of the infrastructure. ...
What advice do you have for others considering syslog-ng?
When it comes to parsing, I can parse both structured and unstructured data, though our data are only structured. Currently, we collect all data we receive as raw data. Each file is stored for each...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Tecnocom, University of Victoria, University of Exeter, Datapath
Find out what your peers are saying about Elastic Security vs. syslog-ng and other solutions. Updated: June 2026.
903,996 professionals have used our research since 2012.