We performed a comparison between Centreon and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The analytic rule is the most valuable feature."
"Free ingestion for Azure logs (with E5 licence)"
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The Log analytics are useful."
"We have a single GUI where we can view the status of all our infrastructure."
"It supports active monitoring so we don't have to use traps. From time to time traps are not very useful because we never know if they are actually working or not. The reporting part is also valuable as are the event logs. Using them we can check right away if something has had a hiccup."
"Predetermined templates allow for simple and fast service monitoring configuration."
"The dashboards are valuable because they ease troubleshooting and viewing. It becomes easier to locate the source of a problem... The dashboards make it easier to communicate with our clients. They don't want to see the alert console, they want to see a beautiful dashboard representing their network and their business and to watch it in case something is wrong in their environment."
"The single-pane view provides us a view of all of our network infrastructure, and it is one of the most important tools that we use to see the status of our customers' networks."
"The most valuable feature is the monitoring of servers and networks, because we have a lot of them and need to maintain control."
"E-mail alert notifications are valuable."
"The customizable reports and dashboards are really flexible. We started this partnership with Centreon, when we were looking for a solution, because of the flexibility of the reporting. That's what we found to be most attractive in the solution. You can display the data as you want."
"We are able to diagnose problems before our customers."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"One key area that can be improved is by building a strong integration with our XDR platform."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"During the initial setup we faced some issues. Part of it was because we had to become more knowledgeable in the solution. There are some gray areas and if you don't know the product well you may have issues. Another part of it was some bugs that we came across, although that's part of every software solution in IT nowadays. But the initial setup could be easier."
"Centreon is very bad with auto-scanning. It's very monolithic software. It doesn't have microservices and it only has basic clustering. You cannot, for example, have six or seven nodes for Centreon's cloud processes."
"Sometimes, when the GUI and some of the search fields are being reset, and I return to the page, then I have to set them again. Therefore, some improvement on the UI and the filtering is needed."
"I would like them to improve their documentation. When I faced some issues, I was looking for more documentation on the Internet. There is official documentation on Centreon's website, which sometimes is useful. Sometimes it is not very useful, as you cannot find the information or enough examples of configuration. The answer for me was to contact the support, who helped me, but I was not able to find all the information by myself on Centreon's website. A Centreon community or blog would be helpful."
"I went through a few things with them to do with Centreon MAP, to do with active polygons, being able to draw an area and make that active. The functionality was in the older version of Centreon MAP and in the new version, which was a complete rewrite, they dropped it."
"Opening a ticket on the website of Centreon can be difficult for my colleague, but not for me because my English is good. However, my colleague doesn't speak English well, as our company is in Quebec and our first language is French."
"There is room for improvement in the area of artificial intelligence. The product gives us a lot of information, but it's only information. We want the product to do more auto-remediation."
"Centreon needs to improve the granularity of the data as well as the graphical data. It would also be better to if there was improvement to the filtering/grouping system as well as the creation of views."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"Sumo Logic Security is expensive, and its pricing could be improved."
"The integration with multiple sources could be better."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
Centreon is ranked 11th in IT Infrastructure Monitoring with 27 reviews while Sumo Logic Security is ranked 20th in Security Information and Event Management (SIEM) with 18 reviews. Centreon is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of Centreon writes "Proactive reporting guides our NOC on what needs to be fixed, saving them time". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Centreon is most compared with Zabbix, PRTG Network Monitor, Nagios Core, Icinga and Splunk Enterprise Security, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Centreon vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.