No more typing reviews! Try our Samantha, our new voice AI agent.

Security Onion vs VMware Aria Operations for Logs comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Security Onion
Ranking in Log Management
25th
Average Rating
7.2
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
VMware Aria Operations for ...
Ranking in Log Management
18th
Average Rating
8.2
Reviews Sentiment
6.2
Number of Reviews
29
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Security Onion is 1.9%, down from 5.0% compared to the previous year. The mindshare of VMware Aria Operations for Logs is 1.2%, down from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
VMware Aria Operations for Logs1.2%
Security Onion1.9%
Other96.9%
Log Management
 

Featured Reviews

HJ
Manager at teshama
Centralized threat monitoring has improved visibility but demands complex setup and configuration
The best features Security Onion offers include acting as the intrusion detection system in my organization and helping me to address traffic, logs, and events happening within the organization. Since Security Onion is an open-source system that integrates with tools like Suricata and Zeek with the ELK stack, it enables threat detection and response capabilities, delivering high-level security measures at a cost, making it suitable for businesses of varying skill levels. These integrations with Suricata and Zeek have greatly impacted our workflow and our team's effectiveness by helping us address issues such as identifying intrusions, evaluating threats, and overseeing log files. This tool is very cost-effective, making it suitable for any size of organization wanting to use it.
DineshKumar21 - PeerSpot reviewer
Service Delivery Manager at DXC Technology
Comprehensive monitoring has improved performance, capacity planning, and multi-source log analysis
VMware Aria Operations for Logs would be used to completely monitor the health of your environment. Second is to understand your existing capacity and forecast your capacity for the next year or so. Third would be on performance management, understanding how the environment is performing, and what has to be done to optimize it. We use VMware Aria Operations for Logs for these purposes. We also use VMware Aria Operations for Logs to monitor non-VMware components as well. VMware Aria Operations for Logs is now part of a bigger suite with several modules added. You have an option to collect logs from various sources and then you can do some sorts of analytics from it as well. All of this can be done with VMware Aria Operations for Logs.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Security Onion has positively impacted my organization by greatly improving our security posture, making alert triage easier to handle, simplifying the analysis of threats, and decreasing the cost of threat analysis and detection."
"Security Onion is the most mature solution in the market."
"We use Security Onion for internal vulnerability assessment."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"It is a very useful tool if you have a VMware environment."
"It is a scalable solution; I can say that I agree with the claims that it can be scaled, it is an awesome product, and organizationally it is able to cover our needs completely."
"I rate the overall solution a ten out of ten."
"The trace log is the solution's most valuable feature. It's very helpful in troubleshooting problems."
"Log Insight correlates with the VMware product log, and it can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"Log Insight seems to be better than other solutions in terms of very good integrations and working out items to be able to log."
"However, Log Insight is quite good and very useful."
"The most valuable features are log centralization and long-term retention for logs."
 

Cons

"For Security Onion, setting up and configuring the system can be quite challenging for newcomers due to the need for a grasp of networking and security concepts."
"The initial setup of the solution is a little bit difficult."
"Security Onion's user interface could be improved."
"The product is not easy to learn."
"It's great for VMware, but it would be good if they had third-party logins."
"The product's price falls on the higher end of the spectrum, making it an area of concern."
"From an improvement perspective, the tool needs to be made more user-friendly."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have."
"The solution is a very good tool, but it has a lot of limitations."
"In vRealize login files, we have limitations regarding log partitions."
"I don't use the solution on a day to day basis, so I'm not sure what specifically can be improved."
 

Pricing and Cost Advice

"Security Onion is an open-source solution."
"It is an open-source solution."
"Security Onion is a free solution."
"The license cost for any other monitoring tool is too high compared to this product."
"Pricing is good because it is part of the suite package. It comes in a bundle for us."
"I think it is a reasonably priced product."
"It is not cheap. But it is worth it."
"The product's price is reasonable, but when it comes to SQL licensing, it's a bit expensive."
"I am not sure what the exact cost is. However, I believe the vRealize suite costs $2,500.00 per year."
"Pricing could always be lower. If it were free, I would be more satisfied."
"The licensing cost for vRealize Log Insight is a little higher, so in terms of cost, it all depends upon what kind of environment you have. If you have a complete virtualized environment, or at least you're using a ninety-five percent virtualized environment, then vRealize Log Insight will play a very good role because it is a VMware component, so it has very tight integration with other VMware components and systems. This means you don't have to procure any other monitoring and management tool, and you don't need a separate automation tool. vRealize Log Insight will have an upper hand if your environment is purely virtualized on VMware. If you're using a mix of physical and virtual components, for example, a 50:50 ratio, then you need to have a third-party component to manage overall monitoring."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
University
12%
Comms Service Provider
11%
Government
10%
Computer Software Company
7%
Financial Services Firm
11%
Government
11%
Computer Software Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise9
Large Enterprise13
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for vRealize Log Insight?
VMware Aria Operations for Logs does have device licenses. The license is perpetual and you do not have to pay monthly as it is a one time purchase. The only thing is if you are looking for support...
What needs improvement with vRealize Log Insight?
VMware periodically provides upgrades and updates to the product. They are also extending support to various third party hardware as well. I am not sure whether they have any ready made APIs for cl...
What is your primary use case for vRealize Log Insight?
We have been using this for the last five years.
 

Also Known As

No data available
vRealize Log Insight
 

Overview

 

Sample Customers

Information Not Available
Wildlands Adventure Zoo, Medic Mobile, IBM, Seventy Seven Energy, Baystate Health, Osis, Oxford University, Columbia University, Siemens, Cardinal Health, Ashdod Port, Vasakronan, Sydney Adventist Hospital, University of Derby
Find out what your peers are saying about Security Onion vs. VMware Aria Operations for Logs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.