Competitors

Area Energy Logserver Elastic Stack Open Distro Splunk
Licensing • Perpetual license + suppoort
• Subscription
Subscription Apache 2.0 Subscription
Licensed objects Only Data nodes • Data nodes + Master nodes
• In future: based on resources - JVM based
None GB of data per day
Licensed features All in one license Gold features / Premium None Standard / Premium features
Vendor support • No limits for service requests
• Assigned engineers
• 100% oriented on customer
• Limits for number of service requests • General Git issues
• No individual approach
• Premium only for license 500GB+
• Support depending on license
• Direct contact available only for Premium clients
• No install support
Customer approach • Impact on end product
• Unique functionalities on request
• Dedicated solution for customer
• Consultancy for deployments
• Individual approach for customer
• Strict development
• Limited to tools already released
• No changes for individual needs
• Limited to tools already released
• No deployment support
• Strict development
• Limited to tools already released
• No changes for individual needs
Version 7.x 7.x 7.x Splunk 8
Update procedure • Easy update
• Full support
• Stable releases
• No update support
• Community instructions
• No support • Only paid professional services
Issue solving • Dedicated engineer
• Live vendor communication with customer
• Focused on understanding issue and developing fix
• Git issues only
• No support
• Direct support only for Premium support plan
Direct contact with vendor • Contact with engineers
• Option of on-site work
• Engineers are not involved in the system implementation • Git / Forum communication only
• No support regarding implementation
• Paid professional services
• Only for Premium customer
Feature comparison
Parsing rules Out of the box Not available Not available Needs implementation
Dashboards Out of the box Not available Not available Addons
Alerting rules Available Not available Not available Not available
Risk management Available Not available Not available Not available
Playbooks Available Not available Not available Not available
IOC MISP Out of the box Needs implementation Needs implementation Needs implementation or extra paid SIEM app
Incident management Out of the box Not available Not available Extra paid SIEM app
Reporting feature Available Available Not available Available
User Management Lokalne, AD, Radius, SSO Lokalne, AD, Radius, SSO Lokalne, AD, SSO Lokalne, AD, SSO
AD password encryption Yes No No No
Internal audit Available Available Available Available
Object permission Available Podstawowy Not available Available
Clustering setup Easy Easy Easy Complicated
Cluster management Yes + GUI Needs implementation Needs implementation No
SIEM features SIEM Plan package Strong with Wazuh Strong with Wazuh Complicated and needs extra license
Netflow support Out of the box Needs implementation Needs implementation Needs implementation
Central Agent Management Available Basic Not available Available
Vendor lock No No No Yes