We performed a comparison between ScienceLogic and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"Provides agentless monitoring so there's no need to install the agent on each server."
"The tool is quite easy to deploy, and it offers very good support."
"Dynamic Component Mapping is key and unique."
"Its ITSM and EMS combination is really amazing. There is no need to purchase two products, one for ITSM and a second for EMS/NMS."
"Power packs."
"The power flow is great."
"Best feature of all is detailed monitoring of services, processes, ports and SSL certificates and or web content."
"Science Logic provides distributed and all-in-one concept in monitoring, you can easily customize the features in this product."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"It helps a lot because we can troubleshoot issues pretty easily."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"We can integrate threat intelligence solutions into the product."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The solution should allow for a streamlined CI/CD procedure."
"We'd like also a better ticketing system, which is older."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The product's reporting functionalities have certain shortcomings, making it an area where improvements are required."
"ScienceLogic could improve the implementation, it could be made easier."
"They should improve their support process and add chat."
"Admins do not have direct access to the reporting."
"Addressing duplicate IPs: There is the ability to edit the DB and fix this, but adding some logic to understand them would be a plus."
"The product is not user-friendly."
"It doesn't have the complete application-level topology. It could have service topology and business service monitoring. I would like to see how business service monitoring will function with agent-based installation, and how flexible and business-oriented it is for service modeling and service infrastructure. I have a lot of experience in using business service monitoring, service topology, and service hierarchy functionalities in similar products from BMC and Micro Focus (OpenView), and I want to see how these functionalities will look like in ScienceLogic."
"From a performance perspective, it needs to improve a lot."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"There are some API gaps that are missing."
"The solution should improve its UI."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"The integration with multiple sources could be better."
"Sumo Logic Security is expensive, and its pricing could be improved."
ScienceLogic is ranked 13th in IT Infrastructure Monitoring with 42 reviews while Sumo Logic Security is ranked 20th in Security Information and Event Management (SIEM) with 18 reviews. ScienceLogic is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of ScienceLogic writes "Great integrations, power flow, and good support". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". ScienceLogic is most compared with Dynatrace, LogicMonitor, SolarWinds NPM, Datadog and ServiceNow Discovery, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our ScienceLogic vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.