We performed a comparison between Elastic Security and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"It's not very complicated to install Elastic."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"It is a very useful tool if you have a VMware environment."
"vRealize Log Insight has been running without any issues."
"The virtualization solution supports data center virtualization, network and security."
"The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"The interface of the solution is good."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The biggest challenge has been related to the implementation."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"The tool does not provide a centralized pane for monitoring."
"The solution isn't user-friendly for admins."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"Log retention should have more options for user control."
"I don't use the solution on a day to day basis, so I'm not sure what specifically can be improved."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Elastic Security is ranked 5th in Log Management with 58 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Elastic Security is rated 7.6, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and LogRhythm SIEM, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, LogRhythm SIEM, Graylog, IBM Security QRadar and Fortinet FortiAnalyzer. See our Elastic Security vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.