We performed a comparison between Fortinet FortiSIEM and ScienceLogic based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The analytic rule is the most valuable feature."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"It's very easy for anyone to work with."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"The most valuable feature is the anomaly-reporting alarms."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"FortiSIEM is a great tool for making security processes transparent."
"Best feature of all is detailed monitoring of services, processes, ports and SSL certificates and or web content."
"One of the valuable features is rapid dashboards."
"The tool is quite easy to deploy, and it offers very good support."
"Power packs."
"Dynamic Component Mapping is key and unique."
"The most valuable features of ScienceLogic are AI and machine learning."
"The solution provides good infra-monitoring features."
"The flexibility to support most technologies. The way ScienceLogic gathers data from multiple sources is vital to our customers. As we work with new customers (often with different technology requirements), ScienceLogic is flexible enough to support our clients’ varying network needs."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."
"The graphs on the user interface could be improved as we often experience glitches."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"There is no proper guide for integration or configuration."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"From a performance perspective, it needs to improve a lot."
"The product is not user-friendly."
"The product's reporting functionalities have certain shortcomings, making it an area where improvements are required."
"They should improve database issues in HA and Failover mode, and provide documentation for all users , even if they are not customers."
"Admins do not have direct access to the reporting."
"ScienceLogic should provide detailed documents to customer as the current documents are not sufficient."
"One important area we feel could be improved is the UI. It takes a lot of clicks to do very simple tasks."
"They should add CLI command modes and scripts for high performance."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ScienceLogic is ranked 13th in IT Infrastructure Monitoring with 42 reviews. Fortinet FortiSIEM is rated 7.6, while ScienceLogic is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ScienceLogic writes "Great integrations, power flow, and good support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas ScienceLogic is most compared with Dynatrace, LogicMonitor, SolarWinds NPM, Datadog and ServiceNow Discovery.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
