We performed a comparison between Elastic Stack and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning capabilities are valuable."
"The tool is huge, and it performs brilliantly. I tested it for malware, and within two weeks of launching, the product alerted me about a network intrusion. This was a tough test for it, but it performed admirably. The alerting system is excellent, and searching through logs is incredibly efficient. What's impressive is that all three products or options are integrated into one solution. This means I don't need separate logging, monitoring, or antivirus solutions."
"The tool's most powerful aspect is its search engine capability. It's a highly effective and powerful solution for searching. We use it in professional and student projects at universities, and it delivers promising results."
"The biggest strength of Elastic Stack is its brilliant archiving capabilities."
"It is a very scalable solution...I didn't face any problem with this scalability part of the solution since we only have a few pieces of equipment in our company."
"I think the ecosystem is well supported, and for logs, it was faster compared to our previous previous log management."
"The solution's technical support is good...Elastic Stack offers good value for value for money based on the product's features and what they offer."
"I have experienced a return on investment from the use of the solution."
"The most valuable feature is the hunting ability to work in a CERT."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The newer 11.5 version that my team is using has found it to have good mapping."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"Their technical support responds quickly and are knowledgable."
"The most valuable features are the threat prediction and network forensics."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"Performance and reporting are very good."
"The implementation of dashboards in the solution needs to be made easier...I had some issues with the ports and configuration since it was kind of complex to implement with Docker."
"Elastic Stack should work on their dashboards and integration process."
"The main issue related to Elastic Stack is in the area of its licensing."
"AI-enablement would be a big improvement in Elastic Stack...If there is room for an ML model in Elastic Stack, then it would be good."
"When people try to move the data from another source to Elastic Stack for visualization, they face challenges when connecting to Elastic Stack from such different sources."
"Improvements are needed in the solution in areas like SOAR and TIP, where there are certain shortcomings."
"Elastic Stack's search capabilities can be challenging, especially when searching for precise data from past years, such as two or ten years ago. Its indexing performance for exact data retrieval may decrease as the data volume grows. Therefore, I believe there is room for improvement in the product's search functionality. It needs to improve its pricing as well."
"Agent deployment is a little tough in the on-premise version."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"More customizability is required, which is something that they need to improve on."
"Its technical support could be better."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The initial setup is complex. There are other solutions that are easier to implement."
"The log system is a bit complex and has room for improvement."
Elastic Stack is ranked 16th in Log Management with 11 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Elastic Stack is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Elastic Stack writes "A stable product that can be fine-tuned easily". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Elastic Stack is most compared with Security Onion, Wazuh, Falcon LogScale, Grafana Loki and syslog-ng, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Elastic Stack vs. NetWitness Platform report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
