We performed a comparison between LogRhythm SIEM and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We should be able to response to threats and gain visibility into our environment that we don't currently have."
"The security operation center is excellent."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot."
"The log analysis feature is valuable."
"The Web Console is my favorite. It enables me, at a glance, to see the health of the environments."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"It is a very useful tool if you have a VMware environment."
"The system's management and its alerts are the most valuable aspects of the solution."
"I like the interface."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"The solution is quite user-friendly."
"For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"Scalability-wise, it's not that great."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"Technical support could use a little work in the terms of responding back. The feedback that we received is they do need a little more staff."
"I would like to see more integration with more products that are out there within the same security field."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"I don't use the solution on a day to day basis, so I'm not sure what specifically can be improved."
"The solution should be more user-friendly. The user interface and dashboard could be simplified."
"Technical support should be improved."
"The tool is expensive."
"The product's price falls on the higher end of the spectrum, making it an area of concern."
"The tool does not provide a centralized pane for monitoring."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
More VMware Aria Operations for Logs Pricing and Cost Advice →
LogRhythm SIEM is ranked 7th in Log Management with 166 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. LogRhythm SIEM is rated 8.4, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and CrowdStrike Falcon, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, Graylog, IBM Security QRadar and Fortinet FortiAnalyzer. See our LogRhythm SIEM vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.