2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9 out of 101
13 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101

Likelihood to Recommend

Alert Logic Log Correlation and Analysis

Alert Logic is ideally placed to support and protect cloud infrastructure and services such as AWS hosted services. It is less appropriate for platform as a service as this would be addressed by the provider in question. It would also be ideally suited to on-premise and hybrid cloud scenarios to protect services from attacks and breaches.
No photo available

Logstash

Logstash is a must in an ELK stack, which I am sure is going to be the #1 case. At any point when you have several sources, Logstash can be the common point to aggregate, and categorize those data. Then send this new data to its destination. Very handy. It is free and open source.It may not be appropriate to analyze data-sets dependent on each other but from a different data source. Reason being Logstash works on data at hand, and not wait for other data to arrive. It would be unwise for Logstashh to handle complicated, long-running transformations because this is injected and ejected. The faster you do it, the safer.
Rahul Chaudhary profile photo

Pros

Alert Logic Log Correlation and Analysis

  • Alert Logic provides very technical solutions to address security risks. However much of the benefit is from a human level understanding of the threats seen.
  • As a company, they are profiling thousands of companies and are better able to predict threats such as denial of service attacks and warn organisations ahead of time.
No photo available

Logstash

  • Modern: most Admin, Server and/or DevtyOps-Centric software worth it's salt will have the ability to configure it's services and features from a small webpage and REST API. Logstash is no exception
  • Speed: Logstash configuration is just a reload away. While you CAN use the gui (see point above), editing the configuration files directly is also a great option. Our configuration files are hosted on an internal Repository, that once we make a change, we and track them as we do a reload, and those changes are reflected in Logstash almost immediately (dependent on the Data Source's speed and flow of Data)
  • Configuration: Logstash is very simple to configure, and fulfills our desire to keep configuration files in a plantext format.
  • OpenSource friendly: Logstash is opensource, and built with open source tools
No photo available

Cons

Alert Logic Log Correlation and Analysis

  • Overall the product and service works well and addresses all our key requirements so we have no real negatives to share.
No photo available

Logstash

  • Memory: Logstash is a HOG, if you are deploying it on commodity (i.e. cheap and old) hardware: You will need at least 2GB, just for Logstash. So don't expect to run your entire ELK stack on one AMD Athlon machine.
  • Overlap: Logstash fills in an area of the ELK stack that makes the most sense: as a log file transformer / shipper. However, if you start breaking that stack, with the addition of other components- you start seeing where features of Logstash may be implemented or solved in the additional components much easier (or better, or to a higher degree of resolution)
  • More Overlap: Since my team employs Syslog-ng extensively- Logstash can sometimes get in the way (and this may be a problem for DevOps stacks overall): You can configure Syslog to record certain information from a source, filter that data, and even export that data in a particular format. Logstash will pick that data up, and then parse it. However, if you don't keep your Syslog-ng configuration files, and your Logstash configuration files in sync, your results will not be what you expected, and this will translate into (sometimes) hours/days of work, hunting down a line item in a configuration file.
No photo available

Alternatives Considered

Alert Logic Log Correlation and Analysis

There are alternatives some of which have a greater overhead and require more in-house technical skills. Alert Logic provide a full service so for us this was a better solution.
No photo available

Logstash

Logstash is similar to any service which can be the single point to collect and transform data. Kafka is a very good candidate, but it fails for applications not using Kafka. Kafka streams do pretty much the same thing. On one hand, I personally trust Kafka more, but then Kafka can only handle Kafka messages, whereas Logstash, can inject from any source e.g. databases. So any application can send data to Logstash. Another benefit of Logstash over Kafka is the ability to add plugins. If there is some source which is not supported by core Logstash, you can add other plugins.
Rahul Chaudhary profile photo

Return on Investment

Alert Logic Log Correlation and Analysis

  • Return on Investment is measured in how protected our reputation is and Alert Logic contributes to this is a large way.
  • Alert Logic provides excellent information security assurance to the business and allows us to feel more proactive.
No photo available

Logstash

  • Positive: Learning curve was relatively easy for our team. We were up and running within a sprint.
  • Positive: Managing Logstash has generally been easy. We configure it, and usually, don't have to worry about misbehavior.
  • Negative: Updating/Rehydrating Logstash servers have been little challenging. We sometimes even loose data while Logstash is down. It requires more in-depth research and experiments to figure the fine-grained details.
  • Negative: This is now one more application/skill/server to manage. Like any other servers, it requires proper grooming or else you will get in trouble. This is also a single point of failure which can have the ability to make other servers useless if it is not running.
Rahul Chaudhary profile photo

Pricing Details

Alert Logic Log Correlation and Analysis

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Logstash

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Add comparison