We performed a comparison between Fortinet FortiSIEM and LogicMonitor based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Log analytics are useful."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The UI of Sentinel is very good and easy to use, even for beginners."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"To add workers and even collectors is pretty easy."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"The solution’s IP database is awesome."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"The most valuable feature is the visualization of the data that it is collecting. I have used many products in the past and they tend to roll up the data. So, if you're looking at data over long periods of time, they start averaging the data, which can skew the figures that you're looking at. With LogicMonitor, they have the raw data there for two years, if you are an enterprise customer. If you are looking at that long duration of data, you're seeing exactly what happened during that time."
"The dashboarding is very useful. Being able to create custom data sources is one of its biggest features which allows quick time to market with new features. If one of our vendors changes their data format or metrics that we should be monitoring, then we can quickly adjust to any changes in the environment in order to get a great user experience for our customers."
"The initial setup is very simple."
"Having a full team at LogicMonitor for support is super helpful as they are available all the time to answer any questions you may have."
"LogicMonitor saves time in terms of its ability to proxy a connection through a device. For example, if you are troubleshooting a device, which you may want to connect to, you can proxy this connection through the platform. As a support resource, I don't need to use multiple platforms to connect to a device to further investigate the issue. It is all consolidated. From that perspective, it saves time because a resource now only needs to use one platform."
"We get full visibility into whatever the customer wants us to monitor and we get it pretty rapidly. That is very important. Only having certain metrics that other platforms will give you out-of-the-box means you only get a small picture, a thumbnail picture. Whereas with LogicMonitor, you get the entire "eight by 10 picture", out-of-the-box. Rather than some availability metrics, you get everything. You get metrics on temperature, anything related to hardware failure, or up and down status."
"Whenever we reach out to our customers, we give LogicMonitor as a dashboard to them so they don't need to monitor the hardware side separately. For example, if my service is running on their hardware X, that means they don't need to monitor hardware X and our services too. LogicMonitor has the capability of monitoring their hardware as well as our services. This is how LogicMonitor helps us."
"The solution’s overall reporting capabilities are pretty powerful compared to ones that I have used previously. It seems like it has a lot of customizations that you can put in, but some of the out-of-the-box reports are useful too, like user logon duration and website latency. Those type of things have been helpful and don't require a lot of, if any, changes to get useful content out of them. They have also been pretty easy to implement and use."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The AI capabilities must be improved."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The solution should allow for a streamlined CI/CD procedure."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"I would like to see more integration with other platforms."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"The solution's interface could be modernized and improved."
"One drawback of LogicMonitor is its licensing model, which requires an additional license for each module. For example, if you need to use Azure monitoring, you'll need an additional license on top of the base license."
"Role-based permissions could be better and updating modules could be smoother."
"There is a lack of automation, especially in terms of remediating problems. The problem is seen and identified, but there is a need and a gap where LogicMonitor can help us automate the remediation of the problem."
"We are working with LogicMonitor to get flexibility to see the absolute running numbers, rather than doing an average. They can keep the average for customers who want it, but there should be a way to at least show the real numbers, which are coming every second on the screen."
"LogicMonitor should improve its logging features. It can become expensive and should be cost-effective. It would be great to see prebuilt templates for alerting methods in LogicMonitor that are similar to the prebuilt dashboards. Currently, users have to build their alerting configurations."
"The dashboards can be improved. They are good, but there is a pain point. To show things to management, to explain pain points to other customers, to show them exactly where we can do better, the dashboarding could be better. Dashboards need to show the key things. Nobody is going to go into the ample details of Excel sheets or HTML."
"The topology mapping is all based on the dynamic discovery of devices that could talk to each other. There is no real manual way that you can set up a join between two devices to say, "This is how this network is actually set up." For example, if you have a device, and you're only pinning that device and not getting any real intelligent information from it, then it can't appear on the map with other devices. Or if it can appear, then it won't show you which devices are actually joined to it."
"Some more application performance type monitoring would be nice. For example, an APM type solution, which would not necessarily completely replace it, but be able to tie into to what we're seeing on the application performance side so we can correlate what's going on with the application versus the underlying infrastructure."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while LogicMonitor is ranked 17th in Network Monitoring Software with 25 reviews. Fortinet FortiSIEM is rated 7.6, while LogicMonitor is rated 9.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of LogicMonitor writes "We went from nothing to full visibility across our internal and external estates of equipment". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas LogicMonitor is most compared with SolarWinds NPM, ScienceLogic, Zabbix, SCOM and OpsRamp. See our Fortinet FortiSIEM vs. LogicMonitor report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.