No more typing reviews! Try our Samantha, our new voice AI agent.

Graylog Security vs NetWitness Platform comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Graylog Security
Ranking in Security Information and Event Management (SIEM)
60th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
No ranking in other categories
NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
36th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (38th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Graylog Security is 0.6%, up from 0.5% compared to the previous year. The mindshare of NetWitness Platform is 1.0%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
NetWitness Platform1.0%
Graylog Security0.6%
Other98.4%
Security Information and Event Management (SIEM)
 

Featured Reviews

Tony Zafiropoulos - PeerSpot reviewer
Owner/ Chief Engineer at Fixvirus.com
Aggregates logs in one place and helps to review data points
We tried Graylog Security, starting with their inexpensive open-source version. We tested it out and continued using it for a while. As for the main differences between Graylog Security and other vendors, some users might prefer cloud-based platforms over on-premises solutions. It isn't inherently cloud-native, but that might not matter much for some.
reviewer2256927 - PeerSpot reviewer
Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees
A solid SIEM solution that should improve technical support and online resources to be easier to use
A big problem with the product is that we don't have much professional experience in Israel installing, implementing, and integrating this product. There is not enough of a knowledge base. There is no support for this product in this country, so problems have to be resolved through global technical teams. We like to work locally because of the language, and when the product is only supported outside the country, it's a little difficult to implement and use this product. Moreover, AI is something that must be added immediately. Artificial intelligence is a part of the competitors' products, and it's not been implemented for us.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool aggregates logs. We can see the logs in one place."
"We use the solution to collect logs."
"Overall, I feel that the product is very good and my biggest complaint is about their support."
"Technical support is very good; they try to resolve issues with the proper SLAs which are defined by them and they understand the client's requirements as well as the client's infrastructure in a better manner."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"It gives customers visibility about their most important servers and devices."
"Stability has not been an issue with this product."
"The most valuable feature is the ability to write rules and triggers for network communication and then being able to investigate based on that, where you can see the payload and deconstruct the packets."
"Packet Solution: Allows analyst proactive hunting and alerting on daily sophisticated APTs."
"The solution is really scalable for the high-end power, enterprise customer."
 

Cons

"Graylog Security needs to incorporate security scorecards."
"More customizability is required, which is something that they need to improve on."
"I cannot say that the solution was stable because it tended to crash."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"But the 11.3 version is a complete disaster. You cannot analyze anything."
"We encountered stability issues in the earlier versions, and much fewer in the newer versions."
"The initial setup is very complex and should be simplified."
 

Pricing and Cost Advice

"I rate the tool's pricing a one out of ten."
"The product price was reasonable for my region and the market."
"Compared to the competition, the is price is not that high."
"We are on an annual license for the use of the solution."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Educational Organization
14%
Comms Service Provider
10%
Construction Company
7%
Manufacturing Company
7%
Financial Services Firm
12%
Construction Company
11%
Comms Service Provider
9%
Outsourcing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
What is your primary use case for NetWitness Platform?
I use NetWitness Platform ( /products/netwitness-platform-reviews ) in the financial industry as a good product with excellent capabilities and integration with various devices.
 

Also Known As

No data available
RSA Security Analytics
 

Overview

 

Sample Customers

Information Not Available
Los Angeles World Airports, Reply
Find out what your peers are saying about Graylog Security vs. NetWitness Platform and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.