We performed a comparison between Logz.io and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The UI of Sentinel is very good and easy to use, even for beginners."
"We use the product for log collection and monitoring."
"It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want."
"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general."
"The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues."
"We use the tool to track the dev and production environment."
"The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks."
"The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive."
"The query mechanism for response codes and application health is valuable."
"The support I have received from the vendor has been great."
"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."
"The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it."
"I like the ease of deployment."
"It is user-friendly. The notification part of McAfee ESM is very easy."
"The most valuable feature is the correlation rules."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"Trellix ESM is very user-friendly."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The reporting could be more structured."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"One key area that can be improved is by building a strong integration with our XDR platform."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"I think the number one area of improvement for Sentinel would be the cost."
"The solution needs to expand its access control and make it accessible through API."
"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more."
"The price can be cheaper and they should have better monitoring."
"Capacity planning could be a little bit of a struggle."
"I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back."
"The product needs improvement from a filtering perspective."
"I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."
"The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."
"Product-wise, adding accounts on a single data source by batch would be a really great help."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"The support from McAfee ESM could improve. They could improve the speed."
"I would like to see improvements to the user interface."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
Logz.io is ranked 27th in Security Information and Event Management (SIEM) with 8 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Logz.io is rated 8.2, while Trellix ESM is rated 7.4. The top reviewer of Logz.io writes "The solution is a consistent logging platform that provides excellent query mechanisms". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Logz.io is most compared with Datadog, Wazuh, Coralogix and Splunk Enterprise Security, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Splunk Enterprise Security and SQRRL. See our Logz.io vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.