We performed a comparison between Elastic Beats, LogRhythm SIEM, and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."The security aspects in general have been very useful to use."
"There's a whole spectrum of features on the solution that users can take advantage of. It's a very robust product."
"As a healthcare company, what we use it for is compliance, then to protect our data from exaltation."
"It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"The daily alerts allow me to quickly find security and operations issues which need to be addressed."
"It allows us to automate a lot of things with a smaller team."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"It's positively affected our overall rate of efficiency."
"The correlation search functions that generate all the notables are valuable. That can get pretty complicated, and it handles that pretty well."
"Splunk has improved our operations by giving us access to more information and allowing us to deploy more use cases."
"Its compatibility with other SIEMS is very useful."
"It definitely does help with both auditing and as well as regular monitoring. SOC does more monitoring, but ES also gives you other features that are auditing-related. The dashboards are also beneficial."
"It is very scalable."
"The completeness of the solution is what we like the most."
"Splunk gives my clients the ability to bring multiple, disparate types of data together, then correlate and report on them."
"I am satisfied with the support."
"The dashboard is not user-friendly. The solution, in general, isn't great from a user's perspective."
"At some level, the documentation, the information as far as the components, it's sometimes a little difficult to find the information necessary to implement aspects."
"The customer support system is time-consuming."
"Appliance-based setups can sometimes pose scalability issues"
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"I would like to see more integration with more products that are out there within the same security field."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"I would really like to see some type of group or global management for RIM policies,"
"I think there is room for improvement because the system is still running on the Windows Server platform. The problem with running on Windows is that it is not that good for scaling and providing for big deployment environments."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"We find that the maintenance process could be a lot better."
"The product is relatively expensive."
"It would be nice if they had a wizard to construct searches, including more complex searches that include math or statistics."
"More training on PetaData using artificial intelligence techniques to identify the events which are not normal and exceptions that would help the organization identify threats and malware on the go with results."
"Splunk should have more regional data centers in the Middle East."
"In terms of the interface, it could include some improvements for the look and feel."
"There are limitations with Splunk not detecting all user activity, especially on mainframes and network devices."
"The pricing can be better."
Earn 20 points