We performed a comparison between Sumo Logic Security and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Free ingestion for Azure logs (with E5 licence)"
"The Log analytics are useful."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The initial setup is very simple and straightforward."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"We can integrate threat intelligence solutions into the product."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"The solution is quite stable."
"The product is easy to customize."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh has very flexible and robust features."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The product can be improved by reducing the cost to use AI machine learning."
"The playbook is a bit difficult and could be improved."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"The integration with multiple sources could be better."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The deployment is a bit complex."
"There could be a hardware monitoring tool for the solution."
"A lack of certain features creates limitations."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
Sumo Logic Security is ranked 22nd in Log Management with 18 reviews while Wazuh is ranked 3rd in Log Management with 38 reviews. Sumo Logic Security is rated 8.6, while Wazuh is rated 7.4. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Sumo Logic Security is most compared with Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs, IBM Security QRadar and Grafana Loki, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Fortinet FortiAnalyzer. See our Sumo Logic Security vs. Wazuh report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.