IBM Security QRadar is security information and event management (SIEM) Software.
N/A
SolarWinds Loggly
Score 7.2 out of 10
Mid-Size Companies (51-1,000 employees)
Loggly is a cloud-based log management service provider. It does not require the use of proprietary software agents to collect log data. The service uses open source technologies, including ElasticSearch, Apache Lucene 4 and Apache Kafka.
$79
per month/billed annually
Pricing
IBM Security QRadar SIEM
SolarWinds Loggly
Editions & Modules
No answers on this topic
Standard
$79
per month/billed annually
Pro
$159
per month/billed annually
Enterprise
$279
per month/billed annually
Offerings
Pricing Offerings
IBM Security QRadar SIEM
SolarWinds Loggly
Free Trial
Yes
Yes
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
Yes
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
Free trial for Standard and Pro plans for 14 days with all features.
More Pricing Information
Community Pulse
IBM Security QRadar SIEM
SolarWinds Loggly
Features
IBM Security QRadar SIEM
SolarWinds Loggly
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
IBM Security QRadar SIEM
8.5
69 Ratings
7% above category average
SolarWinds Loggly
-
Ratings
Centralized event and log data collection
9.927 Ratings
00 Ratings
Correlation
8.769 Ratings
00 Ratings
Event and log normalization/management
9.527 Ratings
00 Ratings
Deployment flexibility
7.827 Ratings
00 Ratings
Integration with Identity and Access Management Tools
I would only recommend IBM Security QRadar SIEM in a few situations. For one, it's very easy to setup and use if all your log sources are generic from known vendors. It's also significantly cheaper than Splunk, which is nice if you're trying to save money or be more efficient. I would not recommend IBM Security QRadar SIEM for environments with a lot of custom logs and complicated detection requirements.
SolarWinds Loggly is great for capturing and organizing logs from 3rd party sources such as NGINX. Without SolarWinds Loggly it's really difficult to manage the logs overtime, find traffic patterns, and identify issues before they become a problem. Anyone who is routinely searching through massive log files could quickly benefit from the SolarWinds Loggly and it's capabilities.
Putting our logs in one place and making them searchable. We use AWS, and CloudWatch has always been a little frustrating in this regard (though it has gotten better recently).
Deriving metrics from our logs. I think log-based metrics is such a good idea because your logs are the ultimate source for truth in regards to what the hell is going on inside your app. I have really loved the simplicity with which I can just count certain statements and call that a metric because just through the normal course of development certain log statements just naturally become a straightforward recording of an event having occurred.
Alerts. I actually have a few complaints about email alerts, but just the way I was able to set them up so easily has been huge. Since we started using Loggly, there have been at least 3 bugs that Loggly exposed that were frankly very bad. And withoutt Loggly or without a user reporting them, we would have never known they were happening! This is stuff I tried to set up in CloudWatch in various ways, but because of my own ignorance or perhaps the complexity/limitations of CloudWatch (or the complexity of my stack?), I wasn't getting the information that I needed until I was able to just tell Loggly to send me an email whenever the word "error" showed up.
Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources.
While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete.
IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting.
We have to use a log aggregating device to ship our logs to Loggly as our network devices can not connect on an encrypted protocol. I would prefer if we could use some sort of VPN-based connector to ship logs securely.
Sometimes when drilled down, it can be difficult to fully reset a search term to back all the way out of a drill down.
QRadar is an established and stable product, we have been using it for many years and want to continue to focus on it. Anyone who has used the product and knows it knows how reliable it is and how it facilitates continuous monitoring of threats from outside and inside. it is an exceptional product that is very useful for us.
As a grade I give 8 as QRadar is not easy to learn. It requires some time to master it. It also needs a team of people actively working on the product. Once you learn to use it the software works very well and it is easy to correlate and understand detected threats. It only takes time to learn how to use it well and configure it properly.
Loggly's easy setup, very good customer support, and intuitive interface make Loggly very easy to use. User access management is also very easy as we can tailor the experience for each of our developers to access the information they need without having to wade through other information. While there was a slight learning curve in how to view the logs the way some specifically wanted, everything was possible and quite easy to do.
Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm
The support team have been great when we have logged tickets or had issues, most of the time it is down to user training, however we have had a couple of bugs that they have been able to iron out for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
The training was very useful and the people who taught us were very knowledgeable. Although the software may initially seem difficult to learn they made things much easier for us.
Initial patience is required to learn how to use the product, and it takes a dedicated team to use it. One person is not enough, and it's not enough to just set it up and check it once in a while. It has to be used daily and kept under control to be used effectively
IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world.
We were using Zabbix. While it is an open-source solution that you can install for free the following things were limitations of the solution. 1) The scale and uptime of the solution are now your own problem. Since we were hosting at AWS this meant we still had a cost of the AWS solution. 2) The product is complicated from a configuration standpoint. In order to get anything meaningful out of it, you had to invest a lot of time and effort. We did consider NewRelic. I have experience with that product and do think that it is a solid alternative. Ultimately experience with the simplicity and speed of deployment with Loggly encouraged me to suggest using this again.
Unfortunately, we hit our logging cap on a weekly basis and we lose logs after that.
We have lost logs after hitting the maximum during service outages. We have become accustomed to not being able to rely on having them, then things go poorly.
