We performed a comparison between LogRhythm SIEM and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"It's reliable and the performance is good."
"Technical support is very helpful and responsive."
"As a healthcare company, what we use it for is compliance, then to protect our data from exaltation."
"I find LogRhythm's log management capabilities to be beneficial."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"The solution is quite stable."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"We can integrate threat intelligence solutions into the product."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The playbook is a bit difficult and could be improved."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The solution should allow for a streamlined CI/CD procedure."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"The product's stability needs improvement."
"Technical support could use a little work in the terms of responding back. The feedback that we received is they do need a little more staff."
"We have gone through a few versions which has caused a lot of instability. We have logged a lot of hours with professional services."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
"The solution should improve its UI."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"Sumo Logic needs to make sure integrating solutions are seamless."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
LogRhythm SIEM is ranked 8th in Log Management with 166 reviews while Sumo Logic Security is ranked 21st in Log Management with 17 reviews. LogRhythm SIEM is rated 8.4, while Sumo Logic Security is rated 8.4. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Sumo Logic Security writes "Integrates well, useful rules, and beneficial GUI". LogRhythm SIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, Fortinet FortiSIEM and LogRhythm Axon, whereas Sumo Logic Security is most compared with Wazuh, Splunk Enterprise Security, Rapid7 InsightIDR, VMware Aria Operations for Logs and Securonix Next-Gen SIEM. See our LogRhythm SIEM vs. Sumo Logic Security report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.