"The performance is good and it is faster than IBM QRadar."
"The interface could be more user friendly because it is sometimes hard to deal with."
What is our primary use case?
Elastic SIEM is used to monitor and deal with system log files.
What is most valuable?
The best part about this solution is that it is open-source and free to use.
The performance is good and it is faster than IBM QRadar.
What needs improvement?
The interface could be more user friendly because it is sometimes hard to deal with.
The initial setup can be made easier.
For how long have I used the solution?
I have been using Elastic SIEM for six months.
What do I think about the stability of the solution?
I am satisfied with the stability of Elastic SIEM.
How are customer service and technical support?
There is no technical support for the open-source, free version.
Which solution did I use previously and why did I switch?
I have used other SIEM solutions but this one is open-source, unlike some of the others.
It is also faster than IBM QRadar.
How was the initial setup?
The initial setup is complex and it is not easy to deploy.
It is also possible to have a cloud-based deployment.
What's my experience with pricing, setup cost, and licensing?
There is no charge for using the open-source version.
What other advice do I have?
This solution is complex and cannot be used by just anybody. That said, for people who don't want to buy a product or who want to do everything themselves, I would recommend it. The real problem is that its complexity means that it takes a lot of time to set up and learn to use. There is a lot of configuration and hard work.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Disclosure: I am a real user, and this review is based on my own experience and opinions.