Amazon OpenSearch Service vs LogRhythm SIEM comparison

Amazon Web Services (AWS) and Exabeam are both solutions in the Log Management category. Amazon Web Services (AWS) is ranked #19 with an average rating of 7.3, while Exabeam is ranked #14 with an average rating of 7.4. Amazon Web Services (AWS) holds a 1.6% mindshare in Log Management, compared to Exabeam’s 2.8% mindshare. Additionally, 92% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 89% of Exabeam users who would recommend it.

Amazon OpenSearch Service

Read 13 Amazon OpenSearch Service reviews

7,500 Views
4,125 Comparison Views

92% willing to recommend

LogRhythm SIEM

Read 176 LogRhythm SIEM reviews

13,819 Views
8,982 Comparison Views

89% willing to recommend

Amazon OpenSearch Service

LogRhythm SIEM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Feb 22, 2026

LogRhythm SIEM and Amazon OpenSearch Service compete in the cybersecurity and data analytics sector. LogRhythm seems to have the upper hand in security monitoring and threat response, while Amazon OpenSearch is strong in data search and analytics.

Features: LogRhythm SIEM features the AI Engine for enhanced threat intelligence, comprehensive log aggregation, and real-time monitoring, which are crucial for effective security management. Its ease of deployment and integrated modules are well-regarded for their user-friendly compliance and auditing reports. Amazon OpenSearch Service offers powerful search capabilities, scalability, and integrated analytics, supporting vast data searches and indexing. Its integration with AWS ensures seamless data handling and retrieval.

Room for Improvement: LogRhythm SIEM users seek better integration across platforms and more efficient log management, along with enhancements in File Integrity Monitoring and real-time customized reporting. Amazon OpenSearch Service has room for improvement in configuration flexibility, cost management, and simplification of complex setups, with added desires for Elasticache integration and stronger auto-scaling capabilities.

Ease of Deployment and Customer Service: LogRhythm SIEM is praised for deployment across on-premises and hybrid clouds, though extensive integration is often required. Its customer service and technical support are highly rated as responsive and knowledgeable. Conversely, Amazon OpenSearch Service simplifies deployment being cloud-based, which is appreciated despite some users indicating higher costs to resolve deeper technical issues.

Pricing and ROI: LogRhythm SIEM's pricing model suits larger enterprises, appearing costly but justifiable by its robust features ensuring security management and compliance. Users report a solid ROI with reduced detection and response times. Amazon OpenSearch Service is viewed as more cost-effective for smaller data volumes, employing a pay-as-you-go model that is advantageous for cloud environments but less so for larger datasets due to higher ongoing costs, offering substantial benefits per their pricing structure.

To learn more, read our detailed Amazon OpenSearch Service vs. LogRhythm SIEM Report (Updated: June 2026).

Buyer's Guide

Amazon OpenSearch Service vs. LogRhythm SIEM

June 2026

Download the complete report

Helped 902,270 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Amazon OpenSearch Service

Ranking in Log Management

19th

Average Rating

7.6

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Application Performance Monitoring (APM) and Observability (22nd), Search as a Service (3rd)

LogRhythm SIEM

Ranking in Log Management

14th

Average Rating

8.2

Reviews Sentiment

6.4

Number of Reviews

176

Ranking in other categories

Security Information and Event Management (SIEM) (11th)

Mindshare comparison

As of June 2026, in the Log Management category, the mindshare of Amazon OpenSearch Service is 1.6%, down from 2.6% compared to the previous year. The mindshare of LogRhythm SIEM is 2.8%, up from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management Mindshare Distribution
Product	Mindshare (%)
LogRhythm SIEM	2.8%
Amazon OpenSearch Service	1.6%
Other	95.6%

Log Management

Featured Reviews

Md. Shahariar Hossen

Senior Software Engineer at Cefalo

Event tracking has become smoother and data analytics provide clear insights for user actions

Amazon OpenSearch Service is not providing the processing feature directly. From Amazon OpenSearch Service, we are actually maintaining the AWS SQS, the queue service, which is responsible for providing information about what data has to be modified. So using that SQS, we're actually providing it, but we're not directly using Amazon OpenSearch Service for keeping data to other data pipeline thing. So far we didn't use it for any machine learning purposes, but in future, we have plans to extend or implement this feature. Since AWS itself is secure and Amazon OpenSearch Service is a part of this entire ecosystem, it becomes much easier for security purposes. From the validation point of view, Amazon OpenSearch Service itself provides easy to communicate APIs and up-to-date documents, which is much beneficial. For example, if I'm missing anything, I can directly go and check the documentation. That is actually much easier. I would rate it as really good so far. It's much faster. For our local machine, we can also use a kind of replica of Amazon OpenSearch Service just for development purposes. That is another good feature. I would say for the encryption thing and also the user access control management, it's much faster. For some of these hashing algorithms, it also worked really well so far. To be honest, I didn't find any places where it can be improved. However, I think they could provide more abstraction. For example, still for searching, we have to write down the queries in a specific manner, such as for a specific JSON structure or in a specific way. Otherwise, they don't provide us the actual results. For at least this purpose, I think abstraction could be a bit easier or a bit improved. Other than that, right now there is the age of AI, so some kind of prompting could also work, but I'm not sure how it could be integrated. As a user, lower prices or reasonable pricing is always better. Those can be improved as well. However, it is good that most of the services including Amazon OpenSearch Service actually provide pay as you go pricing. So if there were a bit lower version or a bit less payment methodology, it might be much better.

Read full review

SumitKumar20

Security Engineer at Granicus Inc.

Tool consistently aids in effective threat detection and monitoring but could benefit from improved log source management and resource optimization

One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"AWS has now made our life easy."

"Amazon OpenSearch Service has enhanced our organization's ability to store and search large amounts of data efficiently."

"Regarding valuable features of the solution, we found with the process, which we have used in both cases where we used the solution that while you're seeing the streaming of data, you can analyze in the initial phase what sort of data you are streaming and whether it is valuable."

"It enables us to efficiently search and retrieve our event data, offering us a versatile approach to locate specific information within these logs."

"The business analytics capabilities are the most important feature it provides."

"It's actually easier to collaborate since it is already deployed in the AWS cloud itself."

"This service already sorts data like vectors. They have classified the storage pre-defined."

"They have the good documentation in the help text and that is the reason the Amazon Elasticsearch is the perfect solution for the current market."

More Amazon OpenSearch Service pros

"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."

"It allows us to automate a lot of things with a smaller team."

"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."

"The feature that makes it usable is the web interface."

"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."

"The most valuable feature I get out of the LogRhythm platform is being able to take machine data and present it in a format that's easy to understand, easy to analyze, easy to pivot through to get answers to the questions that I had that I'm investigating, whether they're security related or operationally related."

"Regarding meeting those goals, in the last two months that we've had LogRhythm it's been very good."

"LogRhythm's correlation capabilities (part of the AIE component) is much better than Splunk's, and the solution as a whole is generally cheaper and easier to implement than ArcSight."

More LogRhythm SIEM pros

Cons

"One improvement I would like to see is support for auto-scaling."

"We faced documentation challenges during integration after migrating from Elasticsearch to Amazon OpenSearch Service. Better documentation on integration, query handling, and a more user-friendly UI could enhance the product."

"As a user, lower prices or reasonable pricing is always better."

"I want to see a new feature in Amazon Elasticsearch Service that allows users to create default filters for filtered levels."

"In terms of data handling capabilities with Amazon OpenSearch Service, they can be complex and managing data in comparison to other SIM solutions is a major drawback, as it is very hard to handle the data."

"They can enhance data visualization."

"I would say that, basically, the configuration part is an area with a shortcoming...Some upgradation is required on the configuration side so that we can get to use it."

"The pricing aspect is a concern. The service is way too costly. For the past month, I used only 30 to 40 MB of data, and the cost was $500. AWS could improve pricing."

More Amazon OpenSearch Service cons

"We have a lot of issues with stability."

"My main thing I'd like to see is, when you're using canned reports, that they're not blank."

"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."

"The main challenge with setting up LogRhythm is you cannot just put LogRhythm in and let it run."

"The initial setup is complex and I rate it a six out of ten."

"This product is in general for medium-sized companies. For bigger companies with millions of logs coming in, it just cannot support them."

"I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason."

"I work in a highly regulated industry. I know the product has compliance mechanisms, but being able to get more governance surrounding some of the compliance would be helpful."

More LogRhythm SIEM cons

Pricing and Cost Advice

"There is a community edition available and the price of the commercial offering is reasonable."

"You only pay for what you use."

"The solution is not expensive, but priced averagely, I will say."

"Compared to other cloud platforms, it is manageable and not very expensive."

"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."

"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."

"In the context of our country, the price of this solution is too high."

"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."

"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."

"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."

"The product is inexpensive than other tools."

"NextGen SIEM's pricing is moderate."

More LogRhythm SIEM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

902,270 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Manufacturing Company

10%

Computer Software Company

10%

Government

Construction Company

13%

Financial Services Firm

10%

Manufacturing Company

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	7
Midsize Enterprise	2
Large Enterprise	4

By reviewers
Company Size	Count
Small Business	38
Midsize Enterprise	39
Large Enterprise	83

Questions from the Community

What is your experience regarding pricing and costs for Amazon OpenSearch Service?

I would consider the pricing as a six based on how much data we are handling; if we handle minimal data, it's cheap, but for large data, it becomes costly. Our clients usually pay between $1,000 to...

See all answers

What needs improvement with Amazon OpenSearch Service?

See all answers

What is your primary use case for Amazon OpenSearch Service?

Amazon OpenSearch Service is a user-friendly version of Elasticsearch, as per my understanding. I have been using it for our volunteer management system where around 5,000 to 6,000 users are using ...

See all answers

What is the difference between log management and SIEM?

Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...

See all answers

What needs improvement with LogRhythm NextGen SIEM?

LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat bette...

See all answers

What is your experience regarding pricing and costs for LogRhythm SIEM?

I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar, although I have not been involved in negotiation charges; however, from the manager's approval, I see it as affordable.

See all answers

Comparisons

Grafana Loki vs Amazon OpenSearch Service

Compared 8% of the time

Xapien vs Amazon OpenSearch Service

Compared 5% of the time

Azure AI Search vs Amazon OpenSearch Service

Compared 5% of the time

Grafana vs Amazon OpenSearch Service

Compared 5% of the time

Datadog vs Amazon OpenSearch Service

Compared 4% of the time

More Amazon OpenSearch Service Competitors

IBM Security QRadar vs LogRhythm SIEM

Compared 7% of the time

Splunk Enterprise Security vs LogRhythm SIEM

Compared 6% of the time

Devo vs LogRhythm SIEM

Compared 4% of the time

USM Anywhere vs LogRhythm SIEM

Compared 4% of the time

VMware Aria Operations for Logs vs LogRhythm SIEM

Compared 3% of the time

More LogRhythm SIEM Competitors

Product Reports

Buyer's Guide

Amazon OpenSearch Service

June 2026

Download Amazon OpenSearch Service product report

Buyer's Guide

LogRhythm SIEM

June 2026

Download LogRhythm SIEM product report

Also Known As

Amazon Elasticsearch Service

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM

Overview

Amazon OpenSearch Service provides scalable and reliable search capabilities with efficient data processing, supporting easy domain configuration and integration with numerous systems for enhanced performance.

Amazon OpenSearch Service offers advanced features for handling JSON, diverse search grammars, quick historical data retrieval, and ultra-warm storage. It also includes customizable dashboards and seamless tool integration for large enterprises. With its managed infrastructure, OpenSearch Service supports efficient system analysis and business analytics, improving overall performance and flexibility. Despite these features, areas like configuration complexity, lack of auto-scaling, and integration with Kibana require attention. Users seek enhanced documentation, better pricing options, and more flexible data handling. Desired improvements include default filters, mapping configuration, and alerting capabilities. Enhanced data visualization and Compute Optimizer Service integration are also recommended for future updates.

What features define Amazon OpenSearch Service?

Scalable Search: Offers reliable search capabilities across vast datasets.
JSON Handling: Supports efficient management of JSON data.
Ultra-warm Storage: Enables cost-effective historical data retrieval.
Dashboard Customization: Supports tool integration and tailored visuals.
System Upgrades: Allows for seamless infrastructure upgrades.

What benefits and ROI should users consider?

Performance Enhancement: Significant improvement in search and data retrieval.
Cost-Effectiveness: Provides a cloud-native solution optimized for AWS environments.
Comprehensive Analytics: Delivers detailed insights for business applications.

Amazon OpenSearch Service is utilized in various industries for log management, data storage, and search capabilities. It supports infrastructure and embedded management, analyzing logs from AWS Lambda, Kubernetes, and other services. Companies use it for application debugging, monitoring security and performance, and customer behavior analysis, integrating it with tools like DynamoDB and Snowflake for a cost-effective solution.

Amazon Web Services (AWS)

LogRhythm SIEM offers advanced threat intelligence, scalable deployment, and streamlined log management. It enhances security posture with AI-driven threat detection and comprehensive monitoring.

LogRhythm SIEM stands out for its AI-driven threat correlation, ease of log aggregation, and robust reporting. Offering real-time visibility and analytics through consistent navigation and dashboards, it integrates with security components for enhanced monitoring and response. Advanced threat intelligence and customizable alerts streamline processes and bolster security. While it faces challenges with log parsing, reporting, and dashboard intuitiveness, plans to enhance cloud integration and transition to Linux are noted.

What are the standout features?

AI Threat Correlation: Employs AI to correlate threats for efficient detection.
Log Aggregation: Simplifies the collection of logs from multiple sources.
Scalable Deployment: Offers flexible scaling to accommodate growth.
Robust Reporting: Provides detailed analysis for informed decisions.
Advanced Threat Intelligence: Engages cutting-edge techniques to assess threats.

What benefits and ROI can users expect?

Improved Security Posture: Enhanced threat detection and response.
Streamlined Processes: Automation leads to efficiency gains.
Comprehensive Compliance: Facilitates adherence to regulatory standards.
Centralized Log Management: Unified log overview aids in quick insights.

In industries like banking and finance, organizations utilize LogRhythm SIEM for centralized log management, security monitoring, and compliance. It helps detect insider threats, analyze server logs, correlate events, and monitor user behaviors. Appreciated for log ingestion and anomaly identification, it ensures robust cybersecurity and incident response by integrating data from multiple sources.

Exabeam

Sample Customers

VIDCOIN, Wyng, Yellow New Zealand, zipMoney, Cimri, Siemens, Unbabel

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill

Buyer's Guide

Amazon OpenSearch Service vs. LogRhythm SIEM

June 2026

Free Report: Amazon OpenSearch Service vs. LogRhythm SIEM

Find out what your peers are saying about Amazon OpenSearch Service vs. LogRhythm SIEM and other solutions. Updated: June 2026.

DOWNLOAD NOW

902,270 professionals have used our research since 2012.

See our Amazon OpenSearch Service vs. LogRhythm SIEM report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.