Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
9th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
174
Ranking in other categories
Log Management (14th)
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Endpoint Detection and Response (EDR) (25th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (16th)
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.1%, down from 3.9% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.6%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"LogRhythm SIEM has some valuable features, including its ability to maintain backups of events and manage alerts separately through an engine that handles content and administration tasks."
"It has centralized monitoring for our security operations. Therefore, it improves our analysts' work."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"It improves because several sensors are deployed within the on-premise environment. It can be very efficient if the customer implements and operates it effectively."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"Dashboards, including the main screen, provide much-needed information at a glance, without hours of coding and sifting through logs to find it. In case of an actual security incident, I have faith that insightIDR has retained all logs in a secure manner that prevents log tampering as well."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The solution is very scalable in terms of the licensing model."
 

Cons

"The main problem I have with LogRhythm SIEM is its stability; the solution is not stable."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"Granted, we haven't enabled the UEBA module, but we're forwarding all our proxy logs to LogRhythm and we have a really hard time pulling those proxy logs back out of LogRhythm. However, when we take LogRhythm and forward the same logs into somebody else's user-based analytics software, we get the majority of what we were missing... If we've got all our proxy logs and I go out to Google or Facebook or the like, we should be able to go in and pull that information out ten minutes later, but it's a big challenge to do that."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"The responses provided by the cloud team are inefficient."
"The pricing is the only problem."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"There is a future in AI with Rapid7, however, it is not fully operated. There are certain limitations with Rapid7 that I am working on."
"The solution's XDR agents cannot compete with the XDR solutions out there yet."
"Inability to get access to compliance reports within the solution."
"The main problem lies in the processes within the client's operating systems."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses.​"
"They should add more configuration and security features to it."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
 

Pricing and Cost Advice

"If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation."
"In comparison to the competition, they are more affordable. This allows us to do more with less."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either. Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."
"We have seen a measurable decrease in the mean time to detect and respond to threats. As it comes out new features and new releases, the window is becoming a lot narrower because you can pivot a lot more with the data. Therefore, the new features and enhancements are reducing that."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"The license cost is around $10 per MPS."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"The pricing and licensing are competitive."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"I rate Rapid7 InsightIDR's price a four on a scale of one to ten, where one is cheap, and ten is expensive."
"​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Government
9%
Financial Services Firm
9%
Manufacturing Company
8%
Computer Software Company
15%
Financial Services Firm
8%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
I cannot think of any specific features that LogRhythm SIEM can improve upon since it supports a wide variety of major vendors. However, they need to improve their parsing techniques; the tool shou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
InsightIDR
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about LogRhythm SIEM vs. Rapid7 InsightIDR and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.