We performed a comparison between Rapid7 InsightOps and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The pricing of the product is excellent."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It has basic out-of-the-box integrations with multiple log sources."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"Integration of InsightOps with other tools, especially SIEM solutions, has generally improved operational efficiency."
"The most valuable feature of Rapid7 InsightOps is the search functionality."
"We can save logs as plain text."
"It has the ability to alert and track logs from different sources."
"The ability to browse logs from multiple sources at the same time really speeds up root cause analysis."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"It helps a lot because we can troubleshoot issues pretty easily."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"We are invoiced according to the amount of data generated within each log."
"The solution could improve the playbooks."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Since I used the beta, improvements are to be expected. The dashboard options could have been clearer, but I believe it is more a problem with the limited documentation available at the time."
"The solution takes a little bit of time when we load the website for the first time."
"Improvement is needed in the dashboard of InsightOps, especially for less technical users."
"There are a few things I would like to do with a few more complex queries which I am not able to do right now, because it is a SaaS solution."
"Rapid7 InsightOps could improve by making the search query better. There are times when the search query is broken and it does not find anything."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"Sumo Logic Security is expensive, and its pricing could be improved."
"The integration with multiple sources could be better."
"The initial setup is the most stressful, like learning how to use it."
"Sumo Logic needs to make sure integrating solutions are seamless."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
Rapid7 InsightOps is ranked 35th in Log Management with 9 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Rapid7 InsightOps is rated 8.8, while Sumo Logic Security is rated 8.6. The top reviewer of Rapid7 InsightOps writes "Useful search functionality, easy to use, and reliable". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Rapid7 InsightOps is most compared with Wazuh, Datadog, New Relic, Splunk Enterprise Security and Dynatrace, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Rapid7 InsightOps vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
