We performed a comparison between syslog-ng and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"Syslog-ng has a separate config file in addition to the core configuration."
"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"It has powerful threat detection, incident response, and compliance management."
"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"It allows for a lot of out-of-the-box features: vuln scanning, HIDS/HIPS, and IDS."
"The filtering has room for improvement."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"There is always the potential for additional integration and protocol extensions."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
"There is room for improvement in terms of observability."
"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."
"The solution is a bit complicated. It could be simplified quite a bit."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"The dashboard could be improved as well as the level of customization."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
syslog-ng is ranked 17th in Log Management with 5 reviews while USM Anywhere is ranked 15th in Log Management with 113 reviews. syslog-ng is rated 8.6, while USM Anywhere is rated 8.4. The top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Graylog, Grafana Loki, Logstash and Elastic Security, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our USM Anywhere vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
