We performed a comparison between Amazon CloudWatch and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Monitoring time and ensuring ease in it is the most valuable feature."
"The detection is the most valuable feature."
"We can set CPU thresholds using the solution."
"The solution gives us very good real-time data."
"We can create events and alerts. We use the information to dive down into the infrastructure performance."
"CloudWatch immediately hooks up and connects to the KPIs and all the metrics."
"It's a very simple logging system."
"The tool's UI is good. One can scroll through the logs very easily."
"We are able to diagnose problems before our customers."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Technical support is always great."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"I think the number one area of improvement for Sentinel would be the cost."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The playbook is a bit difficult and could be improved."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Better reporting is always something needed. That could be an answer to just about anything. But you always want better reporting, better dashboards, things that are just more dynamic and more accessible."
"The solution should provide human-readable metrics."
"The solution's pricing is a bit higher."
"Right now, in relation to monitoring services, there are too many services and too many metrics per service."
"I found several areas for improvement in Amazon CloudWatch. First is that it's tough to track issues and find out where it's going wrong. The process takes longer. For example, if I get an exception error, I read the logs, search, go to AWS Cloud, then to the groups to find the keyword to determine what's wrong. Another area for improvement in Amazon CloudWatch is that it's slow in terms of log streaming. It requires an entire twenty-four hours for scanning, rather than just one hour. This issue can be solved with Elasticsearch streaming with Kibana, but it requires a lot of development effort and integration with Kibana or Splunk, and this also means I need a separate developer and software technical stack to do the indexing and streaming to Kibana. It's a manual effort that you need to do properly, so log streaming should be improved in Amazon CloudWatch. The AWS support person should also have a better understanding of the logs in Amazon CloudWatch. What I'd like added to the solution is a more advanced search function, particularly one that can tell you more information or special information. Right now, the search function is difficult to use because it only gives you limited data. For example, I got an error message saying that the policy wasn't created. I only know the amount the customer paid for the policy, the mobile number, and the customer name, but if I use those details, the information won't show up on the logs. I need to enter more details, so that's the type of fuzzy matching Amazon CloudWatch won't provide. If this type of search functionality is provided, it will be very helpful for businesses and companies that provide professional services to customers, like ours."
"For monitoring applications or for APM, CloudWatch has some limitations. You cannot monitor application performance from CloudWatch, and you have to go for a third-party tool."
"Incorporating a straightforward method or a plug-and-play solution for integrating these databases with our systems, facilitating smooth data transfer, and enabling the creation of dashboards for monitoring and analysis would be beneficial."
"The product's configuration has some challenges. The solution needs to be more user-friendly."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"There are some API gaps that are missing."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The initial setup is the most stressful, like learning how to use it."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Amazon CloudWatch is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Devo. See our Amazon CloudWatch vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
