No more typing reviews! Try our Samantha, our new voice AI agent.

LogRhythm SIEM vs Netwrix Auditor comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
176
Ranking in other categories
Log Management (14th)
Netwrix Auditor
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
9.2
Reviews Sentiment
7.2
Number of Reviews
8
Ranking in other categories
GRC (14th), Identity and Access Management as a Service (IDaaS) (IAMaaS) (15th), Active Directory Management (3rd)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 2.5%, down from 3.1% compared to the previous year. The mindshare of Netwrix Auditor is 0.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
LogRhythm SIEM2.5%
Netwrix Auditor0.7%
Other96.8%
Security Information and Event Management (SIEM)
 

Featured Reviews

SumitKumar20 - PeerSpot reviewer
Security Engineer at Granicus Inc.
Tool consistently aids in effective threat detection and monitoring but could benefit from improved log source management and resource optimization
One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.
RishiPandit - PeerSpot reviewer
Lead - Technical Services at Impetus
Optimizing time and effort through comprehensive auditing features
Netwrix Auditor doesn't have many competitors at the level in which it is placed. All other companies provide auditing solutions but not up to the feature list; it is very broad and robust. The best features include flexibility to interact directly with MS-SQL. Real-time alerts help identify potential security threats. The ability to streamline audits with insights into configuration states is helpful, as the access reviews and audit reports are really insightful. This is a good tool. The search functionality is available, but comparative to other vendors, this is a bit slower. Reports are effective; the compliance reports and all the reports are very insightful. That is good.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We really appreciate the new cloud functionality."
"PCI compliance was our main driver for purchasing LogRhythm, but it turns out there was just a ton of other information that really came from having that appliance, other than just being PCI compliant and checking that box for us."
"This solution has been almost like a transformative change in how we detect and then respond to incidence."
"In comparison to others, LogRhythm SIEM has certain features that other solutions are lacking; for example, user analytics and user behavior monitoring are features that some of the other SIEMs lack."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"In terms of managing workflows and cybersecurity exposure, LogRhythm SIEM is very efficient and is a good tool to use for locating and auditing any sort of activity that goes on in the network."
"It's the best solution that I've ever used."
"We went with LogRhythm because of cost, administration, and ease of use when you're in the tool."
"I am impressed with the tool's reporting feature and notifications."
"Netwrix Auditor doesn't have many competitors at the level in which it is placed; all other companies provide auditing solutions but not up to the feature list—it is very broad and robust."
"Without Netwrix, it's impossible to take control of things."
"I have found user behavior analysis and the ability to run risk assessments important features, and additionally the interface and online documentation are very good."
"Netwrix provides features that no other solution on the market does."
"Netwrix Auditor was the easiest to use, most straightforward, and it had competitive pricing."
"It maintains audit logs for the duration of time that you wish, as long as you have the storage capacity to do so."
"The most valuable feature is the real-time monitoring."
 

Cons

"LogRhythm SIEM can improve its user interface. The current interface is quite complex and can be challenging to navigate. While it offers many valuable features, understanding how to access and utilize them efficiently takes time. Simplifying the client console's user interface would significantly enhance the user experience and make it more user-friendly."
"I would like to see support added for Exchange 2016, and Check Point OPSec Lea."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
"We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades."
"It seems with all of the advanced features that we haven't quite figured them out. It is very complex."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"We run across the odd vendor which we are using that we think are large players in their environment, but there is not necessarily a native support for their log ingestion per se, where it requires customization in order to be able to parse and accept their logs."
"There is room for improvement with the introduction of AI functionality."
"I expect usability features to become more refined over time. I'm interested to see how it evolves and continues to improve."
"In the UI, we have to adjust and resize our console many times, and sometimes it appears, sometimes you have to close and open it, and sometimes it does not give a scroll bar to navigate."
"There is room for improvements when it comes to the licensing."
"When there are issues I would like remediation to be in one place."
"If you buy direct, there is a minimum of 150 licenses that must be procured. The price point and barrier of entry is a little bit higher than it would be if you purchased the solution from an authorized reseller partner, rather than buying it and managing yourself."
"An improvement would be if there was an another way to manage the logs besides email because it's not so practical."
"The solution lacks self-service on password reset. It also needs to improve its scalability."
 

Pricing and Cost Advice

"On a scale of one to ten, where one is low, and ten is high, I rate the pricing between six and seven."
"I would rate the pricing 4 out of 5. There are no additional costs to the standard licensing fees."
"If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget."
"When it comes time to renew, they say, "This is what you are using. This is what we can do for you." So, they work with you on pricing."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"There is a license for this solution and we are on an annual license. The price is reasonable."
"The tool's price is fair."
"This solution is reasonably priced. I would rate it a nine out of ten."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Financial Services Firm
10%
Manufacturing Company
7%
Comms Service Provider
7%
Financial Services Firm
10%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business38
Midsize Enterprise39
Large Enterprise83
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise4
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat bette...
What is your experience regarding pricing and costs for LogRhythm SIEM?
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar, although I have not been involved in negotiation charges; however, from the manager's approval, I see it as affordable.
What is your experience regarding pricing and costs for Netwrix Auditor?
I don't know about the pricing of this, but it is good at this price point because our organization has purchased it, which means it was in budget. We usually do not buy expensive solutions, so the...
What needs improvement with Netwrix Auditor?
The areas of improvement include the front end, as the UI should be more intuitive and there should be fewer bugs. In the UI, we have to adjust and resize our console many times, and sometimes it a...
What is your primary use case for Netwrix Auditor?
We use Netwrix Auditor for auditing, log centralizing, centralizing the logs, log management, and for permission access management, giving permission on shared folders and Active Directory groups.
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
AT&T, SanDisk, Siemens, Verizon, Electrolux, Allianz, Societe Generale
Find out what your peers are saying about LogRhythm SIEM vs. Netwrix Auditor and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.