No more typing reviews! Try our Samantha, our new voice AI agent.

Elastic Stack vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Stack
Ranking in Log Management
15th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
18
Ranking in other categories
No ranking in other categories
Sumo Logic Security
Ranking in Log Management
21st
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
25
Ranking in other categories
Security Information and Event Management (SIEM) (21st), Security Orchestration Automation and Response (SOAR) (14th)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Elastic Stack is 2.0%, down from 5.4% compared to the previous year. The mindshare of Sumo Logic Security is 1.3%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Elastic Stack2.0%
Sumo Logic Security1.3%
Other96.7%
Log Management
 

Featured Reviews

LB
Senior Consultant at Skillfield
Offers robust out-of-the-box integrations and streamlines logging processes effortlessly
There are improvements needed for Elastic Stack. It is mostly based on Lucene, and the heart of Elastic Stack is Lucene, which has some limitations. Anything built on top of Lucene often feels an add-on, and that includes vector databases. Elastic Stack can store vector embeddings as well and perform AI and machine learning tasks out of the box without excessive configuration. The main improvements involve increasing speed and compression capabilities; I have seen databases that claim to achieve significantly better compression. While Elastic Stack can manage vast amounts of data, if the mapping is not specified correctly, the indexing time can be slow, especially with many events per second. Improper mapping usually means that every document received gets indexed for all fields, which is not desired. Elastic consultants typically optimize this, but out of the box, as data volume increases, scaling becomes necessary. They are working on these improvements in new versions.
MR
Senior Security Analyst at City Electric Supply Company
Security insights have enabled faster incident response and streamlined cross-team collaboration
To improve Sumo Logic Security, I would appreciate the tool being easier to use from a search perspective. For example, we have a few teams that want to use the tool itself, but they are not as savvy when it comes to creating searches from the core platform. I understand that Mobot has come out and is in the works, and it really does assist non-savvy users when it comes to querying the platform. As far as that is concerned, I wish that could be improved a bit more, but I do know that that is in the works. I would add that I wish for improved documentation. For example, we are using Sumo Playbooks and automation integrations along with that, but I have found that there has been a lack of documentation, very little to none at all when it comes to that. With regards to automation integrations as well, there are very few details included in them. I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS. I chose eight out of ten because to make it a nine or ten, I would lean heavily on the documentation. A lot of the times when we get around to configuring things such as playbooks or trying to understand playbooks, what I found was that documentation sometimes is not up to date or documentation is lacking. There are instances also where some security best practices are not being followed. So, if we are able to set up an integration that is not only secure, following security best practices, and has complete documentation, I believe it would alleviate the issue of having to go back and forth with support to check the documentation and things of that nature. My impression of the built-in threat intelligence feature in Sumo Logic Security is that it is comprehensive, but I would say that it could do a little bit better. For example, we have the TAXI feeds, which is STIX and TAXI integrated into the core platform, but the issue I am running into is that I am able to use that feed into a CSE alert; however, I am not able to see the contents of that feed. If I integrate CISA, which we do have integrated, I cannot see what IOCs are in that feed in the core platform, and I hope that is the case because, in order for us to better tune our alerts, we need to be able to see what is in the contents of that threat intelligence feed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is an excellent tool for monitoring purposes."
"Elastic Stack has made a positive impact as we can now see our logs."
"The tool's most powerful aspect is its search engine capability. It's a highly effective and powerful solution for searching. We use it in professional and student projects at universities, and it delivers promising results."
"The machine learning capabilities are valuable."
"The detection rules in Elastic Stack are the most valuable feature. The search capabilities are excellent and fast. As we collect logs from workstations and devices, the detection rules run on top of the logs and detect any suspicious activity, raising alerts accordingly. Integration with Elastic Stack depends on the specific integration. Elastic provides some bridging integrations that make it easy, but require custom integration. Most integrations are simple, but customization can be challenging because we need to do some parsing. There's something called Elastic Common Schema, and we need to parse the source logs to match this schema, which can be a bit challenging."
"It is a very scalable solution...I didn't face any problem with this scalability part of the solution since we only have a few pieces of equipment in our company."
"Prior to the latest updates, data lake management was a standout feature. The hybrid capability for on-premise and cloud integration was also crucial. Now, with Elastic Defense, the agent simplifies security monitoring, making it a key asset."
"Elastic Stack is mainly used to monitor servers and APIs. It helps ensure the software's availability and sends notifications at the right time so the system is not down for a long time. The tool's stability and advanced features, such as anomaly detection, are the most valuable features. The benefit of using it is real-time monitoring."
"Sumo Logic Security has positively impacted my organization by increasing engagement with different teams."
"The troubleshooting part of Sumo Logic has solved a lot, e.g., if there is any downtime on the website, so we have reduced our downtime by a lot with Sumo Logic because we can easily troubleshoot issues."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"We are able to diagnose problems before our customers."
"Sumo Logic has absolutely improved our organization — 100% Sumo Logic is a great tool, it's absolutely necessary."
"Sumo Logic is a single place to retrieve intelligence without worrying about architecture and performance."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production."
 

Cons

"Agent deployment is a little tough in the on-premise version."
"There could be better documentation."
"The solution is expensive, particularly the training and certification. If customers want to increase their use of Elastic Stack, they should consider reducing the cost of certification and training."
"I would rate the technical support by Elastic as five or six out of ten. They should improve their response time and first-level support, particularly knowledge, which is very important for using Elasticsearch."
"Improving integration capabilities, especially with authentication systems, firewalls, and security controls, is a crucial area for improvement in Elastic Stack. Additionally, enhancing functionality to handle large Yara queries more efficiently would be beneficial, as many EDR solutions can run such queries faster than Elastic Stack's current limitations."
"Elastic Stack's search capabilities can be challenging, especially when searching for precise data from past years, such as two or ten years ago. Its indexing performance for exact data retrieval may decrease as the data volume grows. Therefore, I believe there is room for improvement in the product's search functionality. It needs to improve its pricing as well."
"The implementation of dashboards in the solution needs to be made easier...I had some issues with the ports and configuration since it was kind of complex to implement with Docker."
"Elastic Stack should be more simplified with ready-to-use widgets."
"The pricing could be more competitive. Sumo Logic bills based on the amount of data that you ingest into their platform."
"Sumo Logic needs to make sure integrating solutions are seamless."
"The integration with multiple sources could be better."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price."
"The solution should improve its UI."
"We would like the ability to drill down into a dashboard and get into deeper levels."
 

Pricing and Cost Advice

"It depends on the specifics, but generally, Elastic is economical for certain use cases."
"The product is expensive."
"The pricing is reasonable."
"I rate the solution's pricing a six out of ten."
"We are using the open-source community version of the product."
"If I compare Elastic Stack to the other products in the market, I would say that the tool is available at a competitive price."
"Ultimately, the pricing depends upon the capacity planning that the enterprise architect does."
"I used the open-source version of Elastic Stack, because of which I did not have to pay anything."
"We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges."
"Purchasing the solution through the AWS Marketplace is very easy."
"Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products."
"If we went to ELK Stack, which is open source, it would have been less costly, but it would have required more development from our side."
"The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price. For some small organizations, the price might be a little high."
"The AWS Marketplace pricing is fairly reasonable for what it does. I wouldn't call it expensive, but I wouldn't call it cheap. It is pretty good."
"The product is costly."
"Pricing has been cheaper than some of the competing tools, like Splunk."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
10%
Computer Software Company
9%
Government
8%
Manufacturing Company
7%
Manufacturing Company
12%
Financial Services Firm
11%
Outsourcing Company
10%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise3
Large Enterprise7
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise16
 

Questions from the Community

What is your experience regarding pricing and costs for Elastic Stack?
My experience with Elastic Stack pricing indicates that it is node-based. While I do not have complete pricing details, they are available online. If I choose Elastic Cloud, it includes licensing a...
What needs improvement with Elastic Stack?
I would like to improve Elastic Stack by addressing the current big problem we face with importing logs and log files, such as syslogs. To import these log files, we need to design the ingest pipel...
What is your primary use case for Elastic Stack?
Elastic Stack is primarily used for everything related to security, including security systems, checking the security system, and also servers and networks.
What is your experience regarding pricing and costs for Sumo Logic Security?
I would say that the pricing for Sumo Logic Security is in the medium part of the market. If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to fin...
What needs improvement with Sumo Logic Security?
I would say there are a few more things that Sumo Logic Security can improve on. It is not the tool; it is a technical part. From the app point of view, I would say when we need to include a few la...
 

Overview

Find out what your peers are saying about Elastic Stack vs. Sumo Logic Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.