No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Security vs syslog-ng comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Log Management
11th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
66
Ranking in other categories
Security Information and Event Management (SIEM) (7th), Endpoint Detection and Response (EDR) (15th), Security Orchestration Automation and Response (SOAR) (10th), Extended Detection and Response (XDR) (12th)
syslog-ng
Ranking in Log Management
17th
Average Rating
9.0
Reviews Sentiment
3.2
Number of Reviews
7
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Elastic Security is 3.4%, up from 3.0% compared to the previous year. The mindshare of syslog-ng is 1.3%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Elastic Security3.4%
syslog-ng1.3%
Other95.3%
Log Management
 

Featured Reviews

Laurentiu Popescu - PeerSpot reviewer
Chief Product Officer at ClusterPower
Has improved threat detection with deep log analysis and streamlined investigation workflows
The most useful features I find in Elastic Security are the forensic ones that allow us to carry deeper analysis into the logs for in-depth investigations, and the dashboards, with the reporting dashboard being quite user-friendly. Elastic Security is quite good at identifying threats, as it is part of the deep investigation tool that I mentioned before. Unless we need to look further into a certain log, we can carry out a deeper analysis and forensics on those particular logs. I can assess the impact of Elastic Security's real-time data analysis on our threat response efficiency as working pretty good. We are looking for real-time analysis because we have a continuous inflow of logs from different sources: from our cloud, from Active Directory, from our network. So it works pretty well.
OC
IT Infrastructure & Cloud Security Manager at Thux
Has ensured compliance by centralizing log data and supporting secure connections
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I think we can use other features of this tool in the future. In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"We've found the initial setup to be quite straightforward."
"The solution is free."
"The solution is quite stable. The performance has been good."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"I like the indexing of the logs."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"We chose syslog-ng because it is easy to install, easy to maintain, easy to update, and due to the fact that all data arrive in raw format, we can manipulate it as we want."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"What I appreciate most about syslog-ng is its configuration; its C-style config is much easier to understand, read, and write than other popular solutions such as syslog or rsyslog."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
 

Cons

"The solution's basic setup takes time, and a lot of effort is required from the beginning to make it actually work."
"Elastic sometimes does not correctly identify threats or anomalies. It might not classify an issue as malicious or critical accurately."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"The tool should improve its scalability."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The initial configuration and setup are complicated and not straightforward."
"The filtering has room for improvement."
"In syslog-ng, I think a GUI would be beneficial. I am unsure if the premium module has a GUI to administer it."
"There is always the potential for additional integration and protocol extensions."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
 

Pricing and Cost Advice

"The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"Affordable but with additional costs"
"The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
"There is no charge for using the open-source version."
"Elastic Security is free to use."
"I can say that the product is cheaply priced."
"When compared to other products, the price is average or on the low side."
"Syslog-ng is open-source."
"Syslog-ng is a free open-source solution."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
904,928 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
9%
Financial Services Firm
8%
Government
8%
Manufacturing Company
8%
Financial Services Firm
11%
Government
10%
Manufacturing Company
9%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise12
Large Enterprise15
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What is your experience regarding pricing and costs for Elastic Security?
I am satisfied with the pricing, setup cost, and licensing cost. It is a pure 10.
What needs improvement with Elastic Security?
I do not have any specific recommendations for improvements in Elastic Security, but I feel that the AI module should get more mature. These machine learning algorithms become better with time; as ...
What needs improvement with syslog-ng?
We currently do not use that feature. We currently have just an open-source release, not a premium release. My boss has indicated that he wants to buy a premium syslog-ng version next month. I thin...
What is your primary use case for syslog-ng?
In Italy, we have to be compliant with the Garante for privacy. We have to log every login, logout, or login failure made by a system administrator. We store all syslog data of the infrastructure. ...
What advice do you have for others considering syslog-ng?
When it comes to parsing, I can parse both structured and unstructured data, though our data are only structured. Currently, we collect all data we receive as raw data. Each file is stored for each...
 

Also Known As

Elastic SIEM, ELK Logstash
No data available
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Tecnocom, University of Victoria, University of Exeter, Datapath
Find out what your peers are saying about Elastic Security vs. syslog-ng and other solutions. Updated: June 2026.
904,928 professionals have used our research since 2012.