We performed a comparison between Mezmo and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."LogDNA consolidates all logs into one place, which is super valuable."
"The solution aggregates all event streams, so that if there are any issues, it's all in the same interface."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"Performance and reporting are very good."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Incident management is its most valuable feature."
"The newer 11.5 version that my team is using has found it to have good mapping."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"It's quite economical compared to other solutions in the market."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"Every once in a while, our IBM cloud operational implementation gets behind. Sometimes, when we have a customer event, we do not get access to the latest logs for about 30 minutes, particularly for the sites that are heavily utilized. This is clearly not good. It is impossible to RCA when you can't look at the logs that pertain to the time period in which the event occurred. It could be more of an operational problem than a feature problem. I don't have visibility about whether it is a LogDNA issue or just an operational issue."
"No ability to encapsulate a query or a filter, and communicate or share that among the team."
"The initial setup is very complex and should be simplified."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"Security needs improvement."
"An area for improvement would be better automation and more inbuilt use cases."
Earn 20 points
Mezmo is ranked 53rd in Log Management while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Mezmo is rated 9.0, while NetWitness Platform is rated 7.4. The top reviewer of Mezmo writes "Has vastly increased our ability to reach SLA targets consistently". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Mezmo is most compared with Cribl Stream and Datadog, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Mezmo vs. NetWitness Platform report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.