We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
"Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
"Our licensing fees are billed annually and per terabyte."
"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
"We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."
"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."
"It is overly expensive and overly complex in terms of licensing. They have many different appliances, which makes it extremely difficult to choose the technology. It is very difficult to choose the technology or QRadar components that you should be deploying. They have improved some of it in the last few years. They have made it slightly easy with the fact that you can now buy virtual versions of all the appliances, which is good, but it is still very fragmented. For instance, on some of the smaller appliances, there is no upgrade path. So, if you exceed the capacity of the appliance, you have to buy a bigger appliance, which is not helpful because it is quite a major cost. If you want to add more disks to the system, they'll say that you can't."
"They can give us some scalability and flexibility on pricing. If its pricing can be reduced, it would help a lot of customers in bringing in a new SIEM environment and grow business in the market. If I start a license today and take around 10,000 EPS, and after a month, there is an increase in the number of clients on my platform, I can increase the number of licenses. I can add 5,000 EPS on a yearly basis."
"There are different types of subscriptions available. We were on an annual subscription, but our customers typically choose the two years subscription option."
"The price of this solution is reasonable."
"We use QRadar as a managed service and we pay licensing fees to the partner."
"There is a license required for this solution. There are some limitations depending on what license you purchase."
"It's not expensive for the resources that it gives you."
"IBM QRadar is a little bit expensive compared to other products."
Earn 20 points
Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.
Change Auditor for Windows File Servers helps you control and audit changes to Microsoft Windows file servers efficiently and cost-effectively. It proactively tracks, audits, reports and alerts on vital changes in real time and without the overhead of native auditing.
You will instantly know the “who, what, when, where and originating workstation” details, and get the original and current values for fast troubleshooting. You can then automatically generate intelligent, in-depth forensics for auditors and management, reducing the risks associated with day-to-day modifications and ensuring confidence at your next audit.
The IBM QRadar security and analytics platform is a lead offering in IBM Security's portfolio. This family of products provides consolidated flexible architecture for security teams to quickly adopt log management, SIEM, user behavior analytics, incident forensics, and threat intelligence and more. As an integrated analytics platform, QRadar streamlines critical capabilities into a common workflow, with tools such as the IBM Security App Exchange ecosystem and Watson for Cyber Security cognitive capability.
With QRadar, you can decrease your overall cost of ownership with an improved detection of threats and enjoy the flexibility of on-premise or cloud deployment, and optional managed security monitoring services.
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Change Auditor for Windows File Servers is ranked 35th in Log Management while IBM QRadar is ranked 2nd in Log Management with 57 reviews. Change Auditor for Windows File Servers is rated 0.0, while IBM QRadar is rated 8.2. On the other hand, the top reviewer of IBM QRadar writes "Provides a single window into your network, SIEM, network flows, and risk management of your assets". Change Auditor for Windows File Servers is most compared with Splunk, LogRhythm NextGen SIEM, Fortinet FortiAnalyzer, Quest InTrust and ManageEngine File Audit Plus, whereas IBM QRadar is most compared with Splunk, LogRhythm NextGen SIEM, ELK Logstash, Microsoft Sentinel and ArcSight Enterprise Security Manager (ESM).
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.