We performed a comparison between Quest InTrust and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Sentinel pricing is good"
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"I would rate the technical support very well as they are knowledgeable and quick to respond."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"We are able to diagnose problems before our customers."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The solution is quite stable."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The solution could be more user-friendly; some query languages are required to operate it."
"I would like to see more AI used in processes."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"We'd like also a better ticketing system, which is older."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"It needs to have better reporting. "
"It was very complex. There was poor native correlation. "
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The initial setup is the most stressful, like learning how to use it."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"There are some API gaps that are missing."
Earn 20 points
Quest InTrust is ranked 54th in Log Management while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Quest InTrust is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Quest InTrust writes "Technical support is knowledgeable and quick to respond". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Quest InTrust is most compared with Change Auditor for Windows File Servers and syslog-ng, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.