We performed a comparison between IBM Security QRadar and NNT Log Tracker Enterprise based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Free ingestion for Azure logs (with E5 licence)"
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"It's pretty powerful and its performance is pretty good."
"The product can integrate with any device."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like that it's easy to use and the performance is good."
"The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"It has a logical, user-friendly GUI."
"This is a distributed application, meaning that a customer can stack small and then scale it so that they can expand pretty effectively. You can use, basically, the same product in an SMB or a large enterprise."
"The correlation and the parsing are important features, since it is very important for a SIEM to have a good scalability and performance."
"The best part of this solution is having a third-party SOC."
"It's a state-of-the-art product for security information and event management (SIEM)."
"This is a very easy-to-use interface with a quick ramp-up time."
"File integrity monitoring is a very important function."
"The FIM features in the Change Tracker and the Log Tracker are the most valuable."
"The most valuable feature is the predefined reports for PCI compliance."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"The AI capabilities must be improved."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"The reporting could be more structured."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"IBM QRadar could improve the plugins and threat detection."
"I would like to see a better GUI."
"GUI needs to be improved."
"In terms of additional features, a mobile app would be nice. Also, the reporting is definitely okay, but you have to make sure that everybody with different roles can understand it. There is room for improvement in the reporting."
"The product needs to improve its GUI."
"The quoting and the dashboard session could be improved. It should be more user-friendly."
"The user interface is a bit difficult to get used to."
"The technical support can be improved a little bit, and the price could be cheaper."
"It is able to identify the vulnerability, however, they need an option to auto-mitigate."
"The correlation suite needs to be improved."
"I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."
"Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet."
IBM Security QRadar is ranked 6th in Log Management with 198 reviews while NNT Log Tracker Enterprise is ranked 47th in Log Management with 4 reviews. IBM Security QRadar is rated 8.0, while NNT Log Tracker Enterprise is rated 8.2. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". IBM Security QRadar is most compared with Splunk Enterprise Security, Wazuh, LogRhythm SIEM, Elastic Security and Sentinel, whereas NNT Log Tracker Enterprise is most compared with . See our IBM Security QRadar vs. NNT Log Tracker Enterprise report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.