We performed a comparison between Graylog Security and Wazuh based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"We use the solution to collect logs."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"I like that the solution is on top of the Kubernetes stack."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"It is a stable solution."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"Wazuh has very flexible and robust features."
"Good for monitoring, active response, and for vulnerabilities."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"We'd like also a better ticketing system, which is older."
"I think the number one area of improvement for Sentinel would be the cost."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The product can be improved by reducing the cost to use AI machine learning."
"Graylog Security needs to incorporate security scorecards."
"Its configuration process is time-consuming."
"They could include flexibility and customization capabilities by modifying for customers based on partner agreements."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"The tool does not provide CTI to monitor darknet."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions."
Graylog Security is ranked 34th in Security Information and Event Management (SIEM) with 1 review while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. Graylog Security is rated 9.0, while Wazuh is rated 7.4. The top reviewer of Graylog Security writes "Helps to collect logs and pricing is cheap ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Graylog Security is most compared with Microsoft Defender XDR, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.