We performed a comparison between Google Cloud's operations suite (formerly Stackdriver) and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The pricing of the product is excellent."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"I like the monitoring feature."
"Our company has a corporate account for Google Cloud and so our systems and clusters integrate really well."
"Provides visibility into the performance uptime."
"The cloud login enables us to get our logs from the different platforms that we currently use."
"It's easy to use."
"The most valuable feature is the multi-cloud integration, where there is support for both GCP and AWS."
"Google's technical support is very good."
"The features that I have found most valuable are its graphs - if I need any statistics, in Kubernetes or Kong level or VPN level, I can quickly get the reports."
More Google Cloud's operations suite (formerly Stackdriver) Pros →
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"The solution is quite stable."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The solution could improve the playbooks."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"One key area that can be improved is by building a strong integration with our XDR platform."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We are invoiced according to the amount of data generated within each log."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The product provides minimal metrics that are insufficient."
"It could be even more automated."
"It is difficult to estimate in advance how much something is going to cost."
"While we are satisfied with the overall performance, in certain cases we must add additional metrics and additional tools like Grafana and Dynatrace."
"It could be more stable."
"This solution could be improved if it offered the ability to analyze charts, such as a solution like Kibana."
"If I want to track any round-trip or breakdowns of my response times, I'm not able to get it. My request goes through various levels of the Google Cloud Platform (GCP) and comes back to my client machine. Suppose that my request has taken 10 seconds overall, so if I want to break it down, to see where the delay is happening within my architecture, I am not able to find that out using Stackdriver."
"The logging functionality could be better."
More Google Cloud's operations suite (formerly Stackdriver) Cons →
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"The solution should improve its UI."
"Sumo Logic needs to make sure integrating solutions are seamless."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
More Google Cloud's operations suite (formerly Stackdriver) Pricing and Cost Advice →
Google Cloud's operations suite (formerly Stackdriver) is ranked 27th in Log Management with 9 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Google Cloud's operations suite (formerly Stackdriver) is rated 7.8, while Sumo Logic Security is rated 8.6. The top reviewer of Google Cloud's operations suite (formerly Stackdriver) writes "Good logging and tracing but does need more profiling capabilities". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Google Cloud's operations suite (formerly Stackdriver) is most compared with AWS X-Ray, Datadog, Azure Monitor, Amazon CloudWatch and Grafana, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Google Cloud's operations suite (formerly Stackdriver) vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.