We performed a comparison between Exabeam Fusion SIEM and LogRhythm SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation feature is valuable."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"It has a lot of great features."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The connectivity and analytics are great."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"It's a very user-friendly product and it's a very comprehensive technology."
"The solution's initial setup process is easy."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The setup is not difficult. It was easy."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"Timeline based analysis; good platform support"
"The artificial intelligence engine."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"The log analysis feature is valuable."
"Provides visibility into the network."
"It seems like it will scale easily with the way our environment is set up."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"It allows us to automate a lot of things with a smaller team."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Sentinel's reporting is complex and can be more user-friendly."
"There is room for improvement in entity behavior and the integration site."
"The product can be improved by reducing the cost to use AI machine learning."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"We'd like to see more connectors."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"We still have questions surrounding hardware deployment."
"They should provide detailed information about detecting phishing emails."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"I believe if it were more flexible it would be a better product."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"The only problem is that the UI is not very impressive."
"The organzation is rigid and not flexible in the way they operate"
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"NextGen SIEM's integration with other software is good but could be improved."
"LogRhythm NextGen SIEM is currently based only on the Windows platform. This means that some of our customers have to purchase a Windows license elsewhere. If LogRhythm can move to a Linux platform or a proprietary platform, it would be very helpful."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"Right now there is the concern about being able to gather all of the data into the system."
"The software needs to work on its pricing."
Exabeam Fusion SIEM is ranked 31st in Log Management with 4 reviews while LogRhythm SIEM is ranked 8th in Log Management with 27 reviews. Exabeam Fusion SIEM is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of LogRhythm SIEM writes "Helps with productivity, reduces administrative overhead, and offers useful dashboards". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Rapid7 InsightIDR, whereas LogRhythm SIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, Fortinet FortiSIEM and LogRhythm Axon. See our Exabeam Fusion SIEM vs. LogRhythm SIEM report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.