• Home
  • Elastic Observability vs. Wazuh

Elastic Observability vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Elastic Logo
Elastic Observability
Read 22 Elastic Observability reviews
4,094 views|3,400 comparisons
90% willing to recommend
Wazuh Logo
Wazuh
Read 38 Wazuh reviews
38,600 views|20,925 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Observability vs. Wazuh
April 2024
Executive Summary

We performed a comparison between Elastic Observability and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Elastic Observability vs. Wazuh Report (Updated: April 2024).
Download the complete report
772,127 professionals have used our research since 2012.
Featured Review
Anonymous User
Ensures that the data is searchable and maintainable but it requires additional configuration and expertise to fully...
We're capable of monitoring fleet-based applications as well as custom applications effectively. This capability provides us with robust... Read more →
Md Salim Hossain Hossain
An open-source platform to integrate various products
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product has connectors to many services.""For full stack observability, Elastic is the best tool compared with any other tool .""We use AppDynamics and Elastic. The reason why we're using Elastic APM is because of the license count. It's very favorable compared to AppDynamics. It's inexpensive; it's economical.""It is a powerful tool that allows users to collect and transform logs as needed, enabling flexible visualization and analysis.""Machine learning is the most valuable feature of this solution.""It's easy to deploy, and it's very flexible.""It has always been a stable solution.""The ability to ensure that the data is searchable and maintainable is highly valuable for our purposes."

More Elastic Observability Pros →

"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful.""It is a stable solution.""Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation.""The deployment is easy and they provide very good documentation.""It's stable.""Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.""If they support a solution, it is easy to do an integration.""It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."

More Wazuh Pros →

Cons
"They need more skills in the market. There are not enough skills in the market. It is not pervasive enough on the market, in my opinion. In other words, there isn't a big enough user base.""Elastic APM's visualization is not that great compared to other tools. It's number of metrics is very low.""The price is the only issue in the solution. It can be made better and cheaper.""Elastic Observability is difficult to use. There are only three options for customization but this can be difficult for our use case. We do not have other options to choose the metrics shown, such as CPU or memory usage.""If we had some pre-defined templates for observability that we could start using right away after deploying it – instead of having to build or to change some of the dashboards – that would be helpful.""The solution needs to use more AI. Once the product onboards AI, users would more effectively be able to track endpoints for specific messages.""Elastic Observability is an excellent product for monitoring and visibility, but it lacks predictive analytics. Most solutions are aligned with the AIOps requirements, but this piece is missing in Elastic and should be included.""Improving code insight related to infrastructure and network, particularly focusing on aspects such as firewalls, switches, routers, and testing would be beneficial."

More Elastic Observability Cons →

"There could be a hardware monitoring tool for the solution.""They could include flexibility and customization capabilities by modifying for customers based on partner agreements.""Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs.""The only challenge we faced with Wazuh was the lack of direct support.""The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement.""The tool doesn't detect anomalies or new environments.""They need to go towards integrating with more cloud applications and not just OS like Windows and Linux.""I have yet to find the same capability in Wazuh to get logs from different sources into the system"

More Wazuh Cons →

Pricing and Cost Advice
  • "So far, there are just the standard licensing fees. Several of the components are embedded in the license or are even open source. They're even free depending on what you use, which makes it even more appealing to someone that is discussing pricing of the solution."
  • "There are two types: cloud and SaaS. They charge based on data ingestion, ingest rate, hard retention, and warm retention. I believe it costs around $25,000 annually to ingest 30GB of data daily. That is the SaaS version. There is also a self-managed license where the customer manages their own infrastructure on-prem. In such cases, there are three license tiers that respectively cost $5,000 annually per node, $7,000 per node, and $12,500 per node."
  • "Pricing is one of those situations where the more you use it, the more you pay."
  • "The price of Elastic Observability is expensive."
  • "Users have to pay for some features, like the alerts on different channels, because they are unavailable in different source versions."
  • "One needs to pay for the licenses, and it is an annual subscription model right now."
  • "Since we are a huge company, Elastic Observability is an affordable solution for us."
  • "We will buy a premium license after POC."

    • More Elastic Observability Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    772,127 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Elastic Observability?
    Top Answer:Elastic Observability significantly improves incident response time by providing quick access to logs and data across various sources. For instance, searching for specific keywords in logs spanning… more »
    Read all 16 answers   →
    What is your experience regarding pricing and costs for Elastic Observabi...
    Top Answer:I rate the pricing a five out of ten. The product is not that cheap.
    Read all 12 answers   →
    What needs improvement with Elastic Observability?
    Top Answer:The tool's scalability involves a more complex implementation process. It requires careful calculations to determine the number of nodes needed, the specifications of each node, and the configuration… more »
    Read all 16 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
    Read all 26 answers   →
    Ranking
    14th
    out of 95 in Log Management
    Views
    4,094
    Comparisons
    3,400
    Reviews
    16
    Average Words per Review
    445
    Rating
    7.9
    2nd
    out of 95 in Log Management
    Views
    38,600
    Comparisons
    20,925
    Reviews
    31
    Average Words per Review
    479
    Rating
    7.6
    Comparisons
    Learn More
    Elastic
    Wazuh
    Overview
    To effectively monitor and gain insights across your distributed systems, you need to have all your observability data in one stack. Break down silos by bringing together application, infrastructure, and user data into a unified solution for end-to-end observability and alerting.
    Rely on the most widely deployed observability platform available, built on the proven Elastic Stack (also known as the ELK Stack) to converge silos, delivering unified visibility and actionable insights.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    PSCU, Entel, VITAS, Mimecast, Barrett Steel, Butterfield Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Manufacturing Company18%
    Healthcare Company9%
    Insurance Company9%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company15%
    Manufacturing Company8%
    Healthcare Company6%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise66%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    Buyer's Guide
    Elastic Observability vs. Wazuh
    April 2024
    Free Report: Elastic Observability vs. Wazuh
    Find out what your peers are saying about Elastic Observability vs. Wazuh and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    772,127 professionals have used our research since 2012.

    Elastic Observability is ranked 14th in Log Management with 22 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Elastic Observability is rated 7.8, while Wazuh is rated 7.4. The top reviewer of Elastic Observability writes "The user interface framework lets us do custom development when needed. ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Elastic Observability is most compared with Dynatrace, New Relic, AppDynamics, Azure Monitor and Sentry, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our Elastic Observability vs. Wazuh report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.