We performed a comparison between IBM Security QRadar and syslog-ng based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Stability-wise, I rate the solution a ten out of ten."
"The most valuable features of IBM Security QRadar are flexibility, IBM support, and scalability."
"There are other third-party plugins that we can use."
"It has a logical, user-friendly GUI."
"The threat hunting capabilities in general are great."
"The QNI feature is the one I am very interested in, and I have also been interested in Watson. From the log analysis and the security perspective, we are able to dive deep into any of the logs and anomalies."
"An engineer can live-monitor all the flow happening in real-time. This would help us a lot while investigating a case, and it would even help us with preventive actions."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng has a separate config file in addition to the core configuration."
"The dashboards are all legacy and old."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
"The interface is very old. IBM should remake it into a more modern interface."
"I would like for them to develop a detection management solution. It does not have a detecting management solution in it, you have to buy it as it is, on top of the extended solution."
"Technical support really needs to be improved. Right now, they aren't where they need to be at all."
"The usability of interfaces could be improved."
"The tech support is not that good."
"The filtering has room for improvement."
"There is always the potential for additional integration and protocol extensions."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while syslog-ng is ranked 17th in Log Management with 5 reviews. IBM Security QRadar is rated 8.0, while syslog-ng is rated 8.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Graylog, Grafana Loki, Logstash and Nagios Log Server. See our IBM Security QRadar vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.