No more typing reviews! Try our Samantha, our new voice AI agent.

Logstash vs USM Anywhere comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Logstash
Ranking in Log Management
30th
Average Rating
9.0
Reviews Sentiment
5.6
Number of Reviews
5
Ranking in other categories
No ranking in other categories
USM Anywhere
Ranking in Log Management
29th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Security Information and Event Management (SIEM) (29th), Endpoint Detection and Response (EDR) (40th), Compliance Management (14th)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Logstash is 0.8%, up from 0.6% compared to the previous year. The mindshare of USM Anywhere is 1.3%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
USM Anywhere1.3%
Logstash0.8%
Other97.9%
Log Management
 

Featured Reviews

reviewer2727468 - PeerSpot reviewer
Senior Application Engineer at a comms service provider with 11-50 employees
Transforms logs for real-time insights and seamless reporting
Logstash is used for transforming logs, and you can use many plugins in Logstash. Logstash works with configuration files that contain three main parts: an input part, a filter part, and an output part. In the input part, we can take logs from many sources such as Beats, files, or Kafka. The filter part is used to filter the logs that are shipped from Beats. From my understanding and experience with Logstash, it is usually used for processing logic, meaning I can control what fields should be transferred to Elastic and what fields shouldn't be transferred. This is the main function I use Logstash for. Elastic is a famous open-source searching engine that helps operation teams speed up the investigation process and provides real-time insights for performance reporting.
Kris Nawani - PeerSpot reviewer
Co-Founder/Director at Bangkok MSP Company Limited
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Logstash has numerous plugins for inputs and outputs, allowing it to work well in environments that do not contain other Elastic components."
"Everything aligns well with improving our organization."
"The functionality of Logstash is quite easy to implement and the plugin ecosystem of Logstash is great, with plugins for shell script monitoring and SQL monitoring working well with the tool."
"I can collect logs from various data sources, including hardware."
"We have three or four Logstash servers for high availability."
"The transformation means we ship the logs in the way that we want them to be presented in Kibana, which is the main function we use Logstash for."
"The asset discovery and inventory capabilities in USM Anywhere is quite good."
"It's a single solution that is meeting the needs of multiple of my PCI compliance objectives."
"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
"We were able to use the product to identify two security issues already."
"We’ve had 100% uptime since installation."
"AlienVault provides a checklist answer when using SIEM."
"Ease of deployment across various environments."
"IDS is a nice capability to have."
 

Cons

"Almost all the research can be very bad. We still have a problem with importing the log system."
"An enhancement we could implement is the ability to cluster Logstash to exist in more than one node."
"There can be a UI to implement with Logstash. Currently, I have to work with config files and everything."
"Elastic does not provide proper support for Logstash worldwide, and I rate their technical support as one out of ten."
"The product needs to improve its compatibility."
"The only recommended changes I can think of is to have the ability to filter logs."
"Taking into account that server access credentials are controlled by the tool, some more management-focused actions could be performed from AlienVault."
"Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
"I think expanding their vendor-specific plugins would beneficial."
"I would like to see it be able to run on any hardware via just an installer."
"The support could absolutely be better."
 

Pricing and Cost Advice

Information not available
"​The price point is good.​"
"The ROI is quite good."
"Use an MSSP instead. It is much cheaper."
"​The vulnerability management solution is worse than buying a Nessus Professional license.​"
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"I don't think the product's pricing is a good value because they try to raise the price 50 percent every year... AlienVault needs to understand that not all customers are huge enterprises... Their sales team is way too aggressive. The price they advertise is not always the price you get."
"It allows you to do a lot with a small price tag... The pricing is the best on the market."
"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Manufacturing Company
8%
Comms Service Provider
7%
University
7%
Construction Company
23%
Financial Services Firm
10%
Comms Service Provider
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business65
Midsize Enterprise29
Large Enterprise25
 

Questions from the Community

What needs improvement with Logstash?
Customization can be automated with Logstash, but it is at the developer's disposal. The developer has to do it, not the tool as such. There is scope for optimization, but that is all outside the t...
What is your primary use case for Logstash?
The purposes for which I am using Logstash largely include log aggregation and application monitoring.
What advice do you have for others considering Logstash?
I am using Logstash for log management and also implement it. Logstash can be deployed both on-cloud and on-premises. On a scale of 1-10, I rate Logstash an 8.
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
What is your primary use case for AT&T AlienVault USM?
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
 

Comparisons

 

Also Known As

No data available
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

 

Sample Customers

Information Not Available
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Find out what your peers are saying about Logstash vs. USM Anywhere and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.