We performed a comparison between Logz.io and Wazuh based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It's pretty powerful and its performance is pretty good."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general."
"We use the tool to track the dev and production environment."
"The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks."
"It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want."
"The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues."
"The query mechanism for response codes and application health is valuable."
"We use the product for log collection and monitoring."
"The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"I find the PCI DSS feature the most valuable, along with the feature that monitors the compliance of Windows and the CIS benchmarks on other devices like Unix or Linux systems."
"Wazuh has very flexible and robust features."
"Its cost-effectiveness is the most valuable aspect."
"It has efficient SCA capabilities."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"Wazuh is free and easy to use. It is also adjustable, and we can use it on the cloud and on-premises."
"It offers built-in modules for file integrity and vulnerability management."
"I would like to see more AI used in processes."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"The only thing is sometimes you can have a false positive."
"Capacity planning could be a little bit of a struggle."
"The price can be cheaper and they should have better monitoring."
"I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."
"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more."
"The solution needs to expand its access control and make it accessible through API."
"I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back."
"The product needs improvement from a filtering perspective."
"The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well."
"The computing resources are consuming and do not make sense."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
"Integration with Vyara could be better."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"We would like to see more improvements on the cloud."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
Logz.io is ranked 24th in Log Management with 8 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. Logz.io is rated 8.2, while Wazuh is rated 7.4. The top reviewer of Logz.io writes "The solution is a consistent logging platform that provides excellent query mechanisms". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". Logz.io is most compared with Datadog, Coralogix, Splunk Enterprise Security, Grafana Loki and ManageEngine File Audit Plus, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and CrowdStrike Falcon. See our Logz.io vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.