We performed a comparison between LogRhythm SIEM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Technical support is always great."
"This solution has improved our organization in many different ways. The biggest benefit is being able to view all information in one dashboard instead of having to look at several different applications and dashboards. I can see information across our entire environment and every aspect of our network."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"The user interface is good."
"The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"Splunk would be my choice for the presentation layer because it comes with inbuilt reports and a dashboard that you can customize."
"The scalability is good."
"Splunk incorporates a lot of elements that help to reduce security risks. For it to reach certain compliance, we need to have some security insight. Splunk is a very good SIEM, it’s a top solution, but the best feature is its cost of visibility. We have all the most important features to detect vulnerabilities or risks."
"The additional vendors we've brought on board, particularly the elastic, have been quite beneficial."
"The varied prebuilt feature is the most valuable because it ensures that we have complete coverage over all of the key questions."
"Great platform with user-friendly interface and GUI."
"We can easily configure things as required in relation to our use cases."
"It is very easy to use and integrate. There are connectors for every technology."
"The integration with multiple sources could be better."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"NextGen SIEM's integration with other software is good but could be improved."
"The customer support system is time-consuming."
"We've had issues with scaling and local support."
"LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."
"There is room for improvement with separate running sources or better integration."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"One area for improvement in LogRhythm NextGen SIEM is that it's a Windows-based tool, and I feel it should be on the Linux operating system instead. Another area for improvement in the tool is the UI. There should be minor changes in the UI to make it better, though I like the dashboards in LogRhythm NextGen SIEM."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"Splunk is more expensive than other solutions."
"Its user interface for everything other than the charts can be improved. Some parts of it can be simplified a bit, such as when importing documents that have the network traffic. When you're going through the information about the network traffic, you have to have the expertise, but even if a program is supposed to be for IT support, it is good to make it user-friendly because it gets easier to train people. When something goes wrong, the more difficult a program is in terms of UI, the harder it is to fix the issue."
"From the commercial point of view, they have to bring down their costs."
"You do need a lot of training and certification with this product."
"Technical support needs to be more responsive."
"The threat management part is still lagging. There are some gaps in threat management. Other vendors have built-in threat management systems, but Splunk lacks the threat management component in its portal. The UEBA and everything else is perfect, but it lacks a unified threat intelligence and management part."
"There can be a bit of complexity around some fields during the initial setup."
"This solution could be improved by better pricing in general and by easier installation."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 28 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 47 reviews. LogRhythm SIEM is rated 8.2, while Splunk Enterprise Security is rated 8.2. The top reviewer of LogRhythm SIEM writes "Helps with productivity, reduces administrative overhead, and offers useful dashboards". On the other hand, the top reviewer of Splunk Enterprise Security writes "Very versatile for many use cases". LogRhythm SIEM is most compared with IBM Security QRadar, Microsoft Sentinel, Elastic Security, Wazuh and Graylog, whereas Splunk Enterprise Security is most compared with Microsoft Sentinel, Wazuh, Dynatrace, Elastic Security and AppDynamics. See our LogRhythm SIEM vs. Splunk Enterprise Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.