We performed a comparison between Grafana Loki and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"We are using Grafana Loki as a database for real-time metrics."
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The best feature of Grafana Loki is that it integrates well with our other tool."
"The tool can be used in multi-cluster environments."
"Loki also utilizes the same service discovery mechanism as used by Prometheus. So, whatever labeled metadata you see in Prometheus, you have the exact same metadata in the Loki system. Given this level of intricacy and the attempt to address these challenges, I firmly believe that Loki deserves praise for the work."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"It is the core of our entire SOX."
"This solution has allowed us to correlate logs from multiple sources."
"The ability to add extensions is the most valuable feature. For example, extensions that provide valuable test ports."
"This is a good tool to have because it gives you the ability to track what is currently happening in your environment."
"It is very stable. We have not faced interruptions in the past four and a half years."
"The most valuable features of IBM Security QRadar are flexibility, IBM support, and scalability."
"The threat hunting capabilities in general are great."
"Provided that the report is prebuilt and I can find what I am looking for, the reporting is the most valuable feature in this solution."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"The Docker container partition feature needs improvement as they do not reuse the space and goes into a pending state."
"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"The correlation of requests is not simple in Grafana Loki and can be improved."
"The product must improve its UI."
"My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption."
"There is a need for some change in the alerting types of the product. In short, a few changes in the alert area are needed due to minor shortcomings."
"The solution has shortcomings regarding security monitoring-oriented features that need improvement."
"The tech support is not that good."
"SOAR is what is expected the most from QRadar. They have something called SOAR Resilient, and it would be great if that gets induced in SIEM. IBM QRadar (as well as McAfee ESM) should have analytics platform integration. Currently, SIEMs don't have full-fledged integration with analytics where we are able to dump our data in SIEM, and the same data can be called from different analytics applications. We should be able to bring this data to a platform like Hadoop for big data and run the analytics there. Currently, people are seeing the past data and taking some actions in the present, but when it comes to analytics, there should be futuristic data where you can predict something out of your present and past data. Apart from that, I would like to see a full-fledged ITSM tool in QRadar. It sometimes has some technical issues that need to be checked. It requires a dedicated QRadar engineer to completely manage it. It has different module sets, such as event collector and event processor, and some technical glitches come in between. It takes the log but doesn't exactly process it in the way we want."
"It would be good if the program allowed certain profiles to only see certain customer information."
"QRadar needs a lot of fine tuning"
"There are reports that I would like to generate that are either not included, or I cannot find."
"The AI engine could be smarter."
"We need more features in order to create rules to detect or to meet some requirements for other areas, for example, catching the event from other authentication tools."
"The implementation and configuration are not easy."
Grafana Loki is ranked 14th in Log Management with 12 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Grafana Loki is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Grafana Loki writes "Effective for Logging, recovery from node failures is fast and single UI supports metrics, logs, and even tracing". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Grafana Loki is most compared with Graylog, Wazuh, syslog-ng, Splunk Enterprise Security and Fortinet FortiAnalyzer, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Grafana Loki vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.