ELK LogStash and Sumo Logic: Which is the best log management solution?

Real users summarise the most valuable features of two of the leading log management solutions

Today, businesses are increasingly looking towards log management solutions to help them deal with ever larger volumes of computer-generated log messages. Yet, as the market matures, there are more and more vendors to choose from and it can be difficult to know which solution can best meet specific business needs.

Over 388,000 professionals have used IT Central Station research to inform their purchasing decisions. Its latest paper looks at ELK LogSmash and Sumo Logic, two of the highest reviewed solutions in the log management solutions market.

Below is a brief summary of the report, highlighting what real IT Central Station users think of each solution - from their most valuable features, to how they've improved individual businesses, as well as what each solution could do better.

ELK LogStash

An open source, server-side data processing pipeline that ingests data, transforms it and sends it to you favourite ‘stash'

With an average rating of 8.0 from 7 reviews, ELK LogStash is clearly a well-regarded log management solution. Of interest to customers across a range of industries, software R&D, comms service providers, and manufacturing companies have all considered the product when searching for the right solution. This is further reflected in the size of companies wishing to purchase the solution, with both smaller companies and larger organisations showing a keen interest.

The solution's simplicity and ease of use make it a very attractive solution to potential customers. Its advocates also point to its ability to collect authentication information from service providers as a key feature that helps set it apart from the competition. Yet despite its benefits, ELK Logstash suffers because it cannot do predictive maintenance, instead customers must build their own modules for doing it. Critics also lament that machine learning is not included in the free version of the solution and argue that if it were it would become a much more attractive option.

Sumo Logic

Simplifies how you collect and analyse machine data to gain visibility into your application and infrastructure stack  

Achieving an average rating of 8.6 from 10 reviews, Sumo Logic's solution fares slightly better than ELK LogStash. Like the previous product, Sumo Logic appeals to a wide-ranging audience, with comms service providers and software R&D vendors again expressing a desire to implement the solution at their organisations. However, where ELK Logstash appeals to organisations of all sizes fairly evenly, it is larger companies that prefer to make use of Sumo Logic. The report found that organisations with over 1000 employees were overwhelmingly more likely to consider the product compared to companies with less than 200 employees.  

Admirers of Sumo Logic agree that the solution allows them to find the root cause of a live issue very easily and gives them the option to fix said problem in the application itself. It also offers excellent trouble shooting support and provides easy visibility which helps to simplify the solution simple. However, the solution could still be improved. Reviewers would prefer to see better UI-driven functionality to assist in the creation of alerts and reports. They would also like to have some type of predefined setup for the logs, which would help to make initial setup easier.