• Home
  • SolarWinds Security Event Manager  vs. Wazuh

SolarWinds Security Event Manager vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
SolarWinds Logo
SolarWinds Security Event Manager
Read 24 SolarWinds Security Event Manager reviews
2,981 views|1,121 comparisons
80% willing to recommend
Wazuh Logo
Wazuh
Read 38 Wazuh reviews
29,433 views|15,888 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
SolarWinds Security Event Manager vs. Wazuh
May 2024
Executive Summary

We performed a comparison between SolarWinds Security Event Manager and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed SolarWinds Security Event Manager vs. Wazuh Report (Updated: May 2024).
Download the complete report
771,170 professionals have used our research since 2012.
Featured Review
Harman Saggu
Provides valuable alerts and saves investigation time, but can use more connectors
It is crucial that Sentinel empowers us to safeguard our hybrid, cloud, and multi-cloud environments. We employ a hybrid cloud setup, and securing... Read more →
JohnTamakloe
The solution provides greater visibility into incidents and activities on the network.
SolarWinds has provided greater visibility into incidents and activities on the network. It's crucial to have visibility into user activities,... Read more →
Muhammad Muaaz Bin Zaka
Good for file integrity monitoring
There were certain tasks we couldn't carry out before. However, with Wazuh, we found a solution within a single platform. It only required a... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything.""It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly.""Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance.""The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware.""Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment.""The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."

More Microsoft Sentinel Pros →

"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use.""SolarWinds is easy to configure, and it provides timely alerts.""It performs network behavior monitoring, log monitoring, and disaster recovery monitoring.""SolarWinds Security Event Manager has been generally working well.""This tool is simple to use.""The most valuable feature of this solution is the visibility into both attempted and failed logins.""The most valuable feature is the ease of use for the end user.""The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."

More SolarWinds Security Event Manager Pros →

"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability.""It offers built-in modules for file integrity and vulnerability management.""I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch.""It's stable.""Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms.""The deployment is easy and they provide very good documentation.""The product is easy to customize.""It has efficient SCA capabilities."

More Wazuh Pros →

Cons
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook.""If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have.""Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language.""At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market.""Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products.""It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""We are invoiced according to the amount of data generated within each log.""They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."

More Microsoft Sentinel Cons →

"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them.""I imagine we will have to develop our own reports soon, this seems to be more cumbersome.""It can be difficult for users who are inexperienced with the solution.""I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture.""We'd like more customization capabilities.""The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow.""It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery.""The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."

More SolarWinds Security Event Manager Cons →

"Wazuh has a drawback with regard to Unix systems. The solution does not allow us to do real-time monitoring for Unix systems. If usage increases, it would be a heavy fall on the other SIEM solutions or event monitoring solutions.""We would like to see more improvements on the cloud.""One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs.""The tool doesn't detect anomalies or new environments.""Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs.""The biggest part that's missing is threat intelligence. It isn't inbuilt, and if a sudden incident occurs, we don't get that feedback inside the SIEM tool. That's a big gap, I see. It would be better if we could get the threat intelligence feeds integrated with the SIEM tools. That would help us push value solutions to the clients in a big way.""The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement.""The implementation is very complex."

More Wazuh Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "Licensing is on devices, so if you have many, then this may be high."
  • "We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
  • "The pricing model would benefit from having package deals with other SolarWinds products."
  • "Licenses can only be purchased in blocks of fifty at a time."
  • "It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
  • "The price of SolarWinds Security Event Manager is reasonable."

    • More SolarWinds Security Event Manager Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,170 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about SolarWinds Security Event Manager ?
    Top Answer:The solution helps you monitor database instances, application instances, other customer application things, Linux… more »
    Read all 17 answers   →
    What is your experience regarding pricing and costs for SolarWinds Securi...
    Top Answer:The cost is exorbitantly high. The trial version lasts for thirty days, but I found a subscription plan priced at four… more »
    Read all 11 answers   →
    What needs improvement with SolarWinds Security Event Manager ?
    Top Answer:One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install… more »
    Read all 16 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The… more »
    Read all 26 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
    Learn More
    Microsoft
    SolarWinds
    Wazuh
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
    Information Not Available
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company21%
    Financial Services Firm16%
    Government11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Educational Organization69%
    Computer Software Company5%
    Government4%
    Financial Services Firm3%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business65%
    Midsize Enterprise12%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business9%
    Midsize Enterprise73%
    Large Enterprise18%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise48%
    Buyer's Guide
    SolarWinds Security Event Manager vs. Wazuh
    May 2024
    Free Report: SolarWinds Security Event Manager vs. Wazuh
    Find out what your peers are saying about SolarWinds Security Event Manager vs. Wazuh and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,170 professionals have used our research since 2012.

    SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. SolarWinds Security Event Manager is rated 7.8, while Wazuh is rated 7.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and CrowdStrike Falcon. See our SolarWinds Security Event Manager vs. Wazuh report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.