We performed a comparison between Google Cloud's operations suite (formerly Stackdriver) and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We find the solution to be stable."
"The features that I have found most valuable are its graphs - if I need any statistics, in Kubernetes or Kong level or VPN level, I can quickly get the reports."
"Google's technical support is very good."
"Offers a valuable logging transport feature"
"Our company has a corporate account for Google Cloud and so our systems and clusters integrate really well."
"It's easy to use."
"The cloud login enables us to get our logs from the different platforms that we currently use."
"Provides visibility into the performance uptime."
More Google Cloud's operations suite (formerly Stackdriver) Pros →
"The tool is already automated in many ways, but there are some additional functions which should be automated, like sending an email, mobile notification, and integration of XFS."
"This solution has allowed us to correlate logs from multiple sources."
"This console gives you the entire view, which makes life easier and allows you to take precautionary measures."
"When it comes to QRadar, they can do the correlation and not only in networks but also endpoints. This is one of the good features that we have noticed."
"I like the graphical interface. It's so good and easy."
"One very useful feature is the plug-in offering that allows you to integrate it with other solutions, such as integrating it with plug-ins like Scout, Carbon Black, and the rest."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"The most valuable feature currently is security behaviors and the pdf files."
"It could be more stable."
"It is difficult to estimate in advance how much something is going to cost."
"It could be even more automated."
"Lacking sufficient operations documentation."
"While we are satisfied with the overall performance, in certain cases we must add additional metrics and additional tools like Grafana and Dynatrace."
"If I want to track any round-trip or breakdowns of my response times, I'm not able to get it. My request goes through various levels of the Google Cloud Platform (GCP) and comes back to my client machine. Suppose that my request has taken 10 seconds overall, so if I want to break it down, to see where the delay is happening within my architecture, I am not able to find that out using Stackdriver."
"The product provides minimal metrics that are insufficient."
"The process of logging analytics can be improved"
More Google Cloud's operations suite (formerly Stackdriver) Cons →
"I would like to see a more user-friendly product."
"In terms of additional features, a mobile app would be nice. Also, the reporting is definitely okay, but you have to make sure that everybody with different roles can understand it. There is room for improvement in the reporting."
"I would like for them to develop a detection management solution. It does not have a detecting management solution in it, you have to buy it as it is, on top of the extended solution."
"I'd like them to improve the offense. When QRadar detects something, it creates what it calls offenses. So, it has a rudimentary ticketing system inside of it. This is the same interface that was there when I started using it 12 years ago. It just has not been improved. They do allow integration with IBM Resilient, but IBM Resilient is grotesquely expensive. The most effective integration that IBM offers today is with IBM Resilient, which is an instant response platform. It is a very good platform, but it is very expensive. They really should do something with the offense handling because it is very difficult to scale, and it has limitations. The maximum number of offenses that it can carry is 16K. After 16K, you have to flush your offenses out. So, it is all or nothing. You lose all your offenses up until that point in time, and you don't have any history within the offense list of older events. If you're dealing with multiple customers, this becomes problematic. That's why you need to use another product to do the actual ticketing. If you wanted the ticket existence, you would normally interface with ServiceNow, SolarWinds, or some other product like that."
"I have noticed the interface has room for improvement."
"QRadar needs to be improved on the storage side, particularly when the disc exceeded the maximum threshold."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"The user interface needs improvement."
More Google Cloud's operations suite (formerly Stackdriver) Pricing and Cost Advice →
Google Cloud's operations suite (formerly Stackdriver) is ranked 26th in Log Management with 10 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Google Cloud's operations suite (formerly Stackdriver) is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Google Cloud's operations suite (formerly Stackdriver) writes "Good logging and tracing but does need more profiling capabilities". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Google Cloud's operations suite (formerly Stackdriver) is most compared with AWS X-Ray, Datadog, Azure Monitor, Amazon CloudWatch and New Relic, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our Google Cloud's operations suite (formerly Stackdriver) vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.