We performed a comparison between Logsign Next-Gen SIEM and Sentinel based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The connectivity and analytics are great."
"Logsign provides sample logs within the product, allowing users to see how logs will appear before integration, which is a valuable feature for testing and understanding log formats."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"It makes everything easier by automating some tasks and growing with our needs."
"The tool is simple to use."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I would like to be able to monitor applications outside of the Azure Cloud."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The troubleshooting has room for improvement."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"I hope they address the pricing model for Logsign Next-Gen SIEM, especially regarding regional variations. The pricing should not differ based on the country of operation as it can lead to dissatisfaction among customers. A fixed pricing structure would be more favorable for us. I would also suggest enhancing the GUI interface and adding features similar to xFi Exchange from IBM Pure. This would streamline operations and save time for analysts."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"I rate Sentinel a six out of ten for scalability."
"Log source integration with Sentinel needs to be improved."
"It is an ancient product."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"The solution does not allow outsourced authorizations."
"I would like to see a better reporting work structure on the dashboard."
"There is no integration in the web-side of the tool."
Logsign Next-Gen SIEM is ranked 39th in Security Information and Event Management (SIEM) with 2 reviews while Sentinel is ranked 17th in Security Information and Event Management (SIEM) with 16 reviews. Logsign Next-Gen SIEM is rated 7.6, while Sentinel is rated 7.6. The top reviewer of Logsign Next-Gen SIEM writes "Easy to use and find the features that you need". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". Logsign Next-Gen SIEM is most compared with Grafana Loki, Wazuh, IBM Security QRadar, ManageEngine EventLog Analyzer and Splunk Enterprise Security, whereas Sentinel is most compared with Splunk Enterprise Security, IBM Security QRadar, Google Chronicle Suite, Wazuh and LogRhythm SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.