Alert Logic Log Correlation and Analysis

1 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Logstash

11 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.6 out of 101

Add comparison

Likelihood to Recommend

Alert Logic Log Correlation and Analysis

Alert Logic is ideally placed to support and protect cloud infrastructure and services such as AWS hosted services. It is less appropriate for platform as a service as this would be addressed by the provider in question. It would also be ideally suited to on-premise and hybrid cloud scenarios to protect services from attacks and breaches.
No photo available

Logstash

Logstash is a must in an ELK stack, which I am sure is going to be the #1 case. At any point when you have several sources, Logstash can be the common point to aggregate, and categorize those data. Then send this new data to its destination. Very handy. It is free and open source.It may not be appropriate to analyze data-sets dependent on each other but from a different data source. Reason being Logstash works on data at hand, and not wait for other data to arrive. It would be unwise for Logstashh to handle complicated, long-running transformations because this is injected and ejected. The faster you do it, the safer.
Rahul Chaudhary profile photo

Pros

  • Alert Logic provides very technical solutions to address security risks. However much of the benefit is from a human level understanding of the threats seen.
  • As a company, they are profiling thousands of companies and are better able to predict threats such as denial of service attacks and warn organisations ahead of time.
No photo available
  • Logstash design is definitely perfect for the use case of ELK. Logstash has "drivers" using which it can inject from virtually any source. This takes the headache from source to implement those "drivers" to store data to ES.
  • Logstash is fast, very fast. As per my observance, you don't need more than 1 or 2 servers for even big size projects.
  • Data in different shape, size, and formats? No worries, Logstash can handle it. It lets you write simple rules to programmatically take decisions real-time on data.
  • You can change your data on the fly! This is the CORE power of Logstash. The concept is similar to Kafka streams, the difference being the source and destination are application and ES respectively.
Rahul Chaudhary profile photo

Cons

  • Overall the product and service works well and addresses all our key requirements so we have no real negatives to share.
No photo available
  • Logstash is all command line, and it can become overwhelming for new developers. If it has any sort of UI, then I don't know about it.
  • Documentation could have been better. But this is a work in progress, and with time I am sure community will help with documentation.
  • Community support! Being a relatively new tool, the adoption is still mature, and finding answers can be challenging sometimes.
Rahul Chaudhary profile photo

Alternatives Considered

There are alternatives some of which have a greater overhead and require more in-house technical skills. Alert Logic provide a full service so for us this was a better solution.
No photo available
Logstash is similar to any service which can be the single point to collect and transform data. Kafka is a very good candidate, but it fails for applications not using Kafka. Kafka streams do pretty much the same thing. On one hand, I personally trust Kafka more, but then Kafka can only handle Kafka messages, whereas Logstash, can inject from any source e.g. databases. So any application can send data to Logstash. Another benefit of Logstash over Kafka is the ability to add plugins. If there is some source which is not supported by core Logstash, you can add other plugins.
Rahul Chaudhary profile photo

Return on Investment

  • Return on Investment is measured in how protected our reputation is and Alert Logic contributes to this is a large way.
  • Alert Logic provides excellent information security assurance to the business and allows us to feel more proactive.
No photo available
  • Positive: Learning curve was relatively easy for our team. We were up and running within a sprint.
  • Positive: Managing Logstash has generally been easy. We configure it, and usually, don't have to worry about misbehavior.
  • Negative: Updating/Rehydrating Logstash servers have been little challenging. We sometimes even loose data while Logstash is down. It requires more in-depth research and experiments to figure the fine-grained details.
  • Negative: This is now one more application/skill/server to manage. Like any other servers, it requires proper grooming or else you will get in trouble. This is also a single point of failure which can have the ability to make other servers useless if it is not running.
Rahul Chaudhary profile photo

Pricing Details

Alert Logic Log Correlation and Analysis

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Logstash

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details