Competitors

Area Energy Logserver Elastic Stack Open Distro Splunk
Licensing • Perpetual license with professional suppoort.
• Subscription
Only subscription. Apache 2.0 Only subscription.
Licensed objects Only Data nodes • Data nodes + Master nodes
• In future: based on resources - JVM based.
None GB of data per day.
Licensed features All features included Gold features / Premium features None Standard / Premium features
Vendor support • No limits for service requests.
• Assigned engineers.
• 100% oriented on customer needs.
Limits for number of service requests. • General Git issues.
• No individual approach
• Premium only for license 500GB+
• Support depending on license plan.
• Direct contact available only for Premium clients.
• No install support.
Customer approach • Impact on end product.
• Unique functionalities on customer request.
• Dedicated solution for customer’s architecture.
• Consultancy for deployments.
• Individual approach for customer.
• Strict development.
• Limited to tools already released.
• No changes for individual clients needs.
• Limited to tools already released.
• No deployment support.
• Strict development.
• Limited to tools already released.
• No changes for individual needs.
Version 7.x 7.x 7.x Splunk 8
Update procedure • Easy update.
• Data localization depends on changes in Elasticsearch.
• Full update support.
• Stable releases.
• No update support.
• Community instructions.
No support. Only paid professional services.
Issue and bug solving • Dedicated engineer.
• Live vendor communication with customer.
• Focused on understanding issue and developing fix.
• Git issues only.
• No support.
Direct support only for Premium support plan.
Direct contact with vendor Direct contact with engineers. Option of on-site work. Engineers are not involved in the system implementation. Git / Forum communication only. No support regarding implementation. Paid professional services or Premium support plan
Feature comparison
Default parsing rules Available Not available Not available Available
Technology Dashboards Available Not available Not available Available with addons
Alerting rules Available Not available Not available Not available
Risk management Available Not available Not available Not available
Playbooks Available Not available Not available Not available
Blacklist Out of the box Needs implementation Needs implementation Needs implementation or extra license for SIEM app
Incident management Out of the box Not available Not available Extra license for SIEM app
Reporting feature Available Available Not available Available
User Management, RBAC Lokalne, AD, Radius, SSO Lokalne, AD, Radius, SSO Lokalne, AD, SSO Lokalne, AD, SSO
AD Bind password encryption Yes No No No
Internal audit Available Available Available Available
Object permission Available Podstawowy Not available Available
Clustering setup Easy Easy Easy Advanced
SIEM features Powerful functionality available in the SIEM Plan package Strong with Wazuh integration Strong with Wazuh integration Complicated and needs another license
Netflow support Out of the box Needs implementation Needs implementation Needs implementation
Central Agent Management Fully supported Basic feature, only for configuration tags Not available Fully supported
Blokada dostawcy Easy change to open source or different provider Easy change to open source or different provider Easy change to open source or different provider Full vendor lock risk with additional aggressive pricing