Try our new research platform with insights from 80,000+ expert users

LogRhythm SIEM vs SolarWinds Security Event Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
9th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
174
Ranking in other categories
Log Management (14th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
26
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 3.1%, down from 3.9% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.7%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Mokhammad Rakhman - PeerSpot reviewer
User-friendly dashboard and machine learning capabilities improve threat hunting efficiency
LogRhythm SIEM has strong machine-learning capabilities with behavioral rules and analysis. The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient. Analytics and behavioral analysis help me save time with rule creation. Its scalability allows me to add components as needed. Overall, LogRhythm SIEM offers end-to-end visibility with a reasonable price.
Rafal-Stas - PeerSpot reviewer
Helpful in areas like event management, log viewing, and information management
The product's initial setup phase on the cloud is pretty easy but on an on-premises version, I think it is of a moderate level. The solution is deployed on the cloud and on an on-premises model. The time required to deploy the solution depends on the customers' infrastructure, and it may range from a couple of weeks to a couple of months, as it depends on how many additional custom configurations are required. Around two to three engineers are usually involved in the tool's installation process.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job."
"Technical support is very helpful and responsive."
"I like LogRhythm's ease of use. The solution has improved compared to previous versions. It had many issues before, like integration, the console, creating reports, false positives, etc. The AI engine has made it stronger in the latest version."
"Their customer support is friendly and willing to help."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet."
"The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"This tool is simple to use."
"It's extremely easy to deploy."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The most valuable feature is the ease of use for the end user."
"It supports high availability, which is very helpful."
 

Cons

"I would like to see more integration with more products that are out there within the same security field."
"I would really like to see some type of group or global management for RIM policies,"
"I would probably look for more things to go into the web console that is currently on the fat client."
"The user interface needs improvement. The more the user can slide around and know what's going on, the better it will be."
"There is room for improvement with separate running sources or better integration."
"Appliance-based setups can sometimes pose scalability issues"
"The product's initial setup phase is pretty complex."
"I face stability issues every quarter that necessitate corrective maintenance."
"The company had to use a third party for the implementation of the solution."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"We have automated threat detection in the Alliance Security, Antoinette. However, if these features could be further enhanced, it would simplify my work, potentially allowing me to allocate more time to address complex issues."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
 

Pricing and Cost Advice

"In comparison to the competition, they are more affordable. This allows us to do more with less."
"I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway."
"The nice thing about LogRhythm is you can either use the agents, getting a certain number of agents with your license depending on how you want to go, and those agents do a lot of cool things, or you can use CIS Log host, then you have like an unlimited number of them."
"Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product."
"It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
"I would rate the tool's pricing around eight out of ten."
"NextGen SIEM's pricing is moderate."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"The price of SolarWinds Security Event Manager is reasonable."
"The pricing model would benefit from having package deals with other SolarWinds products."
"Licenses can only be purchased in blocks of fifty at a time."
"Licensing is on devices, so if you have many, then this may be high."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Government
9%
Manufacturing Company
8%
Educational Organization
39%
Computer Software Company
10%
Financial Services Firm
9%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
I cannot think of any specific features that LogRhythm SIEM can improve upon since it supports a wide variety of major vendors. However, they need to improve their parsing techniques; the tool shou...
What do you like most about LogRhythm SIEM?
I find LogRhythm's log management capabilities to be beneficial.
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Find out what your peers are saying about LogRhythm SIEM vs. SolarWinds Security Event Manager and other solutions. Updated: June 2025.
860,632 professionals have used our research since 2012.