We performed a comparison between IBM Security QRadar, LogRhythm SIEM, and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."The tool's most valuable feature is log source management. It enables us to connect to various log sources, including content, authentications, or other customized integrations. These integrations can be tailored for use with other platforms that don’t already have built-in IBM add-ons."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"The most valuable features are the AI assistant, which is good at detecting known types of behavior."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"I have found IBM QRadar to be stable."
"The feature that I have found most valuable is its artificial intelligence component, Watson. Its contribution is pretty good from a machine-learning artificial intelligence perspective. This compliments the orchestration automation component, as well."
"The most valuable features are the versatility of this solution and the variety of things you can do with it."
"There is a single dashboard that gives us a complete overview of what is happening around the globe."
"The product is great for medium to large-scale organizations."
"This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard instead of having to look at several different applications and dashboards. I can see information across our entire environment and every aspect of our network."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"Their customer support is friendly and willing to help."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"Technical support is very helpful and responsive."
"The solution is quite user-friendly."
"It is a very useful tool if you have a VMware environment."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"The setup and installation are very easy."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"The tool helps my company deal with security and log analysis, which are very important areas for us...It is a scalable solution."
"We are using it because we have a VMware product. It has its own built in dashboards for VMware products, and that's a good thing."
"It is very scalable and can handle a large workload."
"They should provide more manual examples online so that I can learn it myself."
"I would like to see a better GUI."
"Certain updates—especially when using Azure—don't apply directly. Our engineering team must invest additional effort to implement these updates. However, the tool's cloud-based version poses no issues. However, upgrading the product can sometimes be challenging for on-premises instances."
"The solution is expensive compared to other products."
"Some UI enhancements would be nice, such as exporting custom event properties and the ability to export rules."
"They need to improve their threat intelligence feed and they need to improve their user behavior analytics modules."
"There could be improvements made to the UI, the user interface. Though the newer version, 7.3.2, might already have this improvement in place."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"Move it to Linux. I would like to see it get off the SQL Server."
"In the next release, I would certainly like to see more HIPAA compliance. I would also like to see more integration with Palo Alto Networks, particularly their Traps, which is their endpoint solution."
"It's not easy for someone new to the solution."
"Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution."
"The customer support system is time-consuming."
"The software needs to work on its pricing."
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"It needs better integration with third-party analytics tools."
"In the VMware environment, one area for improvement is the handling of VM failovers due to host failures, such as unexpected shutdowns from hardware issues. Currently, High Availability (HA) doesn't seem to recognize whether the VMs are online during failover, treating them as offline or unavailable."
"The tool is expensive."
"The pricing of the solution could be improved."
"Integration with other vendors is something that could be improved, they could add more vendors."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
"The tool does not provide a centralized pane for monitoring."
More VMware Aria Operations for Logs Pricing and Cost Advice →