No more typing reviews! Try our Samantha, our new voice AI agent.

LogRhythm SIEM vs Panther comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
176
Ranking in other categories
Log Management (14th)
Panther
Ranking in Security Information and Event Management (SIEM)
35th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
3
Ranking in other categories
AI Data Analysis (31st)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of LogRhythm SIEM is 2.5%, down from 3.1% compared to the previous year. The mindshare of Panther is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
LogRhythm SIEM2.5%
Panther0.9%
Other96.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

SumitKumar20 - PeerSpot reviewer
Security Engineer at Granicus Inc.
Tool consistently aids in effective threat detection and monitoring but could benefit from improved log source management and resource optimization
One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.
Narendran Nair - PeerSpot reviewer
Product Security Engineer at Infoblox
AI triage has streamlined real-time alert monitoring and has improved on-call incident response
The best features Panther offers are AI Triage, the ability to comment on our activities, and seamless integration with other communication sources such as PagerDuty, Microsoft Teams, and potentially Slack, showcasing the flexibility we have in using this tool. The most valuable feature for my team is definitely AI Triage, which helps save a lot of time by eliminating the need for manual research regarding patterns that may be repeated, making our work easier and more efficient. Panther has positively impacted my organization as it serves as one of the main sources for triaging real-time incidents. Panther definitely plays a key role in the work that we do. Specific outcomes that show how Panther has helped our organization include saving a lot of time, especially since the AI Triage feature reduces the necessity to reach out to others for clarity, which it occasionally accomplishes on its own. To be honest, it does lack some aspects. For example, if it could access our organizational knowledge, including the Jira database, it might better analyze incidents and determine whether they are false positives or not by using more contextual data.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution remains a top choice for our customers because of its performance, indexing rate, and coalition engine speed."
"All in all, it's one of the best SIEMs, as a total package, that I've worked with."
"Straight away it was fairly evident that the LogRhythm application itself, and the agent roll-out, was straight out of the box."
"Customer service and technical support were both excellent, and we experienced no issues with stability or scalability while using the solution for security logging and traffic-aware reporting."
"When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet."
"It has been the easiest SIEM platform that I have worked with or seen in production."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"It’s a very powerful and robust device and application."
"The AI Triage feature saves a considerable amount of time, and if it were to incorporate organizational knowledge, it could provide finer-tuned results."
"I find Panther's detection capabilities and integrations to be highly valuable."
"We have seen a return on investment measured primarily through SOC efficiency and productivity improvements, with teams observing a twenty to thirty-five percent improvement in investigation efficiency depending on the environment and product maturity."
 

Cons

"We have had some issues that have taken a long time to resolve, various technical issues that have taken longer to resolve than we desire."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"We don't get much use out of this product because people around here consider it to be unreliable, and it's hard to do searches."
"It's not easy for someone new to the solution."
"My big thing is the easability. I don't like to go to two different systems."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"When you get LogRhythm out-of-the-box, there are so many knobs to turn and so many things to configure and set up, that it's almost impossible to do it on your own, as an enterprise senior engineer."
"Regarding Panther's accuracy and reliability of output, I would rate it at 70 percent since, at times, it identifies findings as valid when they may actually be false positives, which we have experienced in a few cases."
"The solution could be improved by providing more built-in integrations, which would reduce the need for me to build them myself."
 

Pricing and Cost Advice

"We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"I think the tool is reasonably priced. There is a need to pay per year towards the licensing costs of the tool."
"In comparison to the competition, they are more affordable. This allows us to do more with less."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"It is a very cost-effective solution."
"The setup and licensing for small and medium size businesses is straightforward, though when it comes to the enterprise it pays to keep in mind the possibility for complications given all the extras and add-ons that may be required."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
13%
Financial Services Firm
10%
Outsourcing Company
7%
Manufacturing Company
7%
Manufacturing Company
15%
Construction Company
15%
Financial Services Firm
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business38
Midsize Enterprise39
Large Enterprise83
No data available
 

Questions from the Community

What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What needs improvement with LogRhythm NextGen SIEM?
LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat bette...
What is your experience regarding pricing and costs for LogRhythm SIEM?
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar, although I have not been involved in negotiation charges; however, from the manager's approval, I see it as affordable.
What is your experience regarding pricing and costs for Panther?
I am not aware of the pricing, setup cost, and licensing details, as I handle the usage of Panther and not the setup process.
What needs improvement with Panther?
Panther could be improved by adding a feature that allows it to access organizational data, which would help produce better-tuned outputs with fewer false positives and alerts, making our jobs easi...
What is your primary use case for Panther?
My main use case for Panther is real-time monitoring of alerts, where we triage incidents that occur for our on-call duties. Panther is one of the major sources from which we receive alerts in real...
 

Also Known As

LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
No data available
 

Overview

 

Sample Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Docker, Loom, Discord, Dropbox, HubSpot, Asana, GoFundMe, Zapier, Benchling, JupiterOne, Jumio, Bitstamp, Intercom, Randori, and Cedar
Find out what your peers are saying about LogRhythm SIEM vs. Panther and other solutions. Updated: June 2026.
904,836 professionals have used our research since 2012.