We performed a comparison between LogRhythm SIEM and Logsign Next-Gen SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The automation feature is valuable."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"It's pretty powerful and its performance is pretty good."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The pricing of the product is excellent."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The GUI is very intuitive and the solution has good integration."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"The user interface is pretty good compared to other SIEM tools."
"It allows us to automate a lot of things with a smaller team."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"NextGen SIEM's most valuable feature is its user-friendliness."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The product can be improved by reducing the cost to use AI machine learning."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"We would like to see more things out of the console into the web UI. I guess this is what they are doing in 7.4."
"It is a product that is very hard to use."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"One area for improvement in LogRhythm NextGen SIEM is that it's a Windows-based tool, and I feel it should be on the Linux operating system instead. Another area for improvement in the tool is the UI. There should be minor changes in the UI to make it better, though I like the dashboards in LogRhythm NextGen SIEM."
"I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm."
"It should be improved for automated setup and auto-configuration. There should be ease of integration and ease of setup."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
LogRhythm SIEM is ranked 8th in Log Management with 166 reviews while Logsign Next-Gen SIEM is ranked 42nd in Log Management with 2 reviews. LogRhythm SIEM is rated 8.4, while Logsign Next-Gen SIEM is rated 7.6. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". LogRhythm SIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, Fortinet FortiSIEM and LogRhythm Axon, whereas Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, Sematext Logs and Splunk Enterprise Security.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.