No more typing reviews! Try our Samantha, our new voice AI agent.

Microsoft Purview Audit vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Purview Audit
Ranking in Log Management
35th
Average Rating
8.2
Reviews Sentiment
5.1
Number of Reviews
4
Ranking in other categories
Microsoft Security Suite (31st)
Wazuh
Ranking in Log Management
2nd
Average Rating
7.4
Reviews Sentiment
6.1
Number of Reviews
50
Ranking in other categories
Security Information and Event Management (SIEM) (3rd), Extended Detection and Response (XDR) (6th)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Microsoft Purview Audit is 1.1%, up from 0.4% compared to the previous year. The mindshare of Wazuh is 4.6%, down from 13.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Wazuh4.6%
Microsoft Purview Audit1.1%
Other94.3%
Log Management
 

Featured Reviews

OK
Cloud Solution Engineer at a computer software company with 51-200 employees
Integrated auditing has strengthened data retention and improved incident investigations
I have seen areas for improvement, specifically in Microsoft Purview Audit or in general about Microsoft. I have had a situation with documentation. I had a customer who wanted to create alerts and they had Microsoft 365 Business Premium. In the documentation, it was noted that this license is enough for creating alerts. When we tried to make them, we noticed they cannot do it with Microsoft 365 E3 because the customer had limited features to manage alerts. The customer had to buy E3. We created Microsoft support requests, and they confirmed that the documentation displayed not the real situation and they have been going to update documentation. The same situation occurred now with implementing Microsoft Purview Audit in the last autumn. eDiscovery was combined with search and content search, and the documentation was not clear at the beginning. It was a little difficult to describe to customers that now it is a part of eDiscovery. Content search is a very simple functionality, while eDiscovery is a little difficult. I am not entirely sure why Microsoft is going in the way of combining these services because they are the same. However, for a customer who has never seen these services, it is difficult to understand quickly. The same situation occurs with litigation holds and some other holds. For any mail, I am trying to keep data. For example, emails are held for a year or two years, ten years, it does not matter. It is difficult to understand where to find this data and where these emails are being held. I need to use eDiscovery to find out all deleted data that was kept somewhere in some hidden folders of the mailbox. Regular customers and regular administrators know that on-premises Exchange, for example, allows them to find the data in some repository and review the list of kept data. However, with this hold, we do not have any functionality to review the list of kept data. It is difficult to understand for customers how to work with this. I had a case where I spent three or four hours working deeply with a customer to explain how to work with eDiscovery, why Content Search is not there when it was before, what is an eDiscovery case, and why we are talking about all of this just to review a list of kept emails. This is difficult.
RS
Engineer Information Security at N-Able (Pvt) Ltd
Has faced limitations in AI capabilities and pricing flexibility
Pricing-wise, Wazuh stands out, along with deployment flexibility and its documentation which is extremely good in comparison to Forti. The community support is also incredible. They have helped quite a bit because previously, we had a separate tool and management dashboard to do our compliance. With Wazuh, we receive that information without having to do anything extra. We just set up the SIEM and all of that information was automatically populated. The dashboards are very easy to understand and very quick with no lag or delay. I have experienced delays on Forti's dashboards, but not with Wazuh. Wazuh is quite good. In comparison to Forti, they are quite similar. They are very good at detection.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The overall user experience with Microsoft Purview Audit is of higher quality than when it was branded as Compliance Center, and Microsoft consistently updates and evolves functionalities and the overall experience."
"The main Microsoft feature is that it offers common integration of services, of data, of identity, meaning user accounts, user access, and privileged access."
"We're easily saving at least one hour per day using this solution."
"The platform has significantly enhanced our operational insight into the overall Microsoft 365 environment."
"The product is easy to customize."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"If they support a solution, it is easy to do an integration."
"It has efficient SCA capabilities."
"Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Wazuh is simple to use for PCI compliance."
"Stability-wise, Wazuh seems to have fixed all the past issues, and the latest version is possibly the most stable."
 

Cons

"I had a case where I spent three or four hours working deeply with a customer to explain how to work with eDiscovery, why Content Search is not there when it was before, what is an eDiscovery case, and why we are talking about all of this just to review a list of kept emails."
"We are still in the early stages of leveraging Microsoft Purview Audit. Currently, it's primarily used for the audit function."
"We do have a Denial of Access happening."
"Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Some features, like alerting, are complex with Wazuh."
"The product's configuration part and lack of AI capabilities are some of the major concerns associated with Wazuh."
"Integration with Vyara could be better."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
 

Pricing and Cost Advice

Information not available
"Wazuh has a community edition, and I was using that. It's free and open source."
"The product price is neither too high nor too low."
"Wazuh is an open-source tool, which means it is freely available for use."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"We use the free version of Wazuh."
"It is a free-of-cost solution."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"The solution's pricing is very competitive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
11%
Construction Company
8%
Comms Service Provider
7%
Comms Service Provider
11%
Computer Software Company
11%
University
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business27
Midsize Enterprise15
Large Enterprise8
 

Questions from the Community

What is your experience regarding pricing and costs for Microsoft Purview Audit?
It is not so expensive in comparison with other products, but I can tell you about an example.
What needs improvement with Microsoft Purview Audit?
I have seen areas for improvement, specifically in Microsoft Purview Audit or in general about Microsoft. I have had a situation with documentation. I had a customer who wanted to create alerts and...
What is your primary use case for Microsoft Purview Audit?
I work with Defender for IoT by chance because I see that we have enough reviews for Defender for Office 365 today, and we need reviews for some Azure products. I work with Azure products such as L...
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
What needs improvement with Wazuh?
Regarding compliance, I find it not stable. I do not recommend it for that purpose. It can comply with Wazuh NCA, which we have here in Saudi Arabia. Wazuh NCA has many frameworks starting with ECC...
What is your primary use case for Wazuh?
I have been working with Wazuh for two years, and I can explain how I use Wazuh. I did not use Wazuh as a SIEM solution. I use Wazuh as a tool for services we provide. This service is called compro...
 

Also Known As

No data available
Wazuh All-In-One Deployment
 

Overview

Find out what your peers are saying about Microsoft Purview Audit vs. Wazuh and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.