No more typing reviews! Try our Samantha, our new voice AI agent.

Snare vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Snare
Ranking in Log Management
48th
Ranking in Security Information and Event Management (SIEM)
54th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Sumo Logic Security
Ranking in Log Management
21st
Ranking in Security Information and Event Management (SIEM)
21st
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
25
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Snare is 0.8%, up from 0.5% compared to the previous year. The mindshare of Sumo Logic Security is 1.6%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Sumo Logic Security1.6%
Snare0.8%
Other97.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

Frank Eargle - PeerSpot reviewer
Information Security Engineer at Glasshouse Systems
A highly scalable solution that is easy to manage and super easy to set up
We use Snare for picking up Windows logs, and we used to use it for SQL as well. We had used it for Linux once or twice. We're mainly using it for Windows and Windows flat files The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have…
MR
Senior Security Analyst at City Electric Supply Company
Security insights have enabled faster incident response and streamlined cross-team collaboration
To improve Sumo Logic Security, I would appreciate the tool being easier to use from a search perspective. For example, we have a few teams that want to use the tool itself, but they are not as savvy when it comes to creating searches from the core platform. I understand that Mobot has come out and is in the works, and it really does assist non-savvy users when it comes to querying the platform. As far as that is concerned, I wish that could be improved a bit more, but I do know that that is in the works. I would add that I wish for improved documentation. For example, we are using Sumo Playbooks and automation integrations along with that, but I have found that there has been a lack of documentation, very little to none at all when it comes to that. With regards to automation integrations as well, there are very few details included in them. I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS. I chose eight out of ten because to make it a nine or ten, I would lean heavily on the documentation. A lot of the times when we get around to configuring things such as playbooks or trying to understand playbooks, what I found was that documentation sometimes is not up to date or documentation is lacking. There are instances also where some security best practices are not being followed. So, if we are able to set up an integration that is not only secure, following security best practices, and has complete documentation, I believe it would alleviate the issue of having to go back and forth with support to check the documentation and things of that nature. My impression of the built-in threat intelligence feature in Sumo Logic Security is that it is comprehensive, but I would say that it could do a little bit better. For example, we have the TAXI feeds, which is STIX and TAXI integrated into the core platform, but the issue I am running into is that I am able to use that feed into a CSE alert; however, I am not able to see the contents of that feed. If I integrate CISA, which we do have integrated, I cannot see what IOCs are in that feed in the core platform, and I hope that is the case because, in order for us to better tune our alerts, we need to be able to see what is in the contents of that threat intelligence feed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Snare has good agents, especially for Windows."
"The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have security value."
"The best thing about Snare is its format and consistency."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"My SOC analysts were crushed under Splunk, but Sumo has actually eased the workload and made it tolerable for three people."
"The features I find most useful in Sumo Logic Security are the ease of implementation and connectors; they have a very easy connection and many connectors to important systems, making it very easy to implement and fast to start running in production."
"I have no concerns about the stability of the product, and I feel it handles the stress we put on it very well."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"The Log Analytics platform is the most effective. If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic."
"Sumo Logic Security offers a single dashboard and customization, which are the most valuable features."
 

Cons

"Snare should modernize its GUI a little bit."
"Users will initially find it difficult to identify the event types and installation in Snare."
"The solution is now developing a SIEM-like feature on Snare Central Server, but it's not complete yet."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"The integration with multiple sources could be better."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk."
"If you want to up your subscription through the AWS Marketplace, it can be difficult."
 

Pricing and Cost Advice

"Snare is a cheap solution because a lot of customers are using it."
"Snare has reasonable pricing."
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate Snare's pricing a four out of ten."
"The pricing is good. It's not an issue for us."
"The product is costly."
"Purchasing the solution through the AWS Marketplace is very easy."
"We chose to go through the AWS Marketplace because it makes it a lot easier when we bill our customers. Rather than having to get multiple different sources of information then correlate a monthly bill for our customers, it is just included in the AWS usage charges."
"The license pricing model is based on the events that are processed through the solution."
"The only limit to the scalability of the product for us is how much we are willing to pay."
"The price scaling comes in a bit expensive."
"The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price. For some small organizations, the price might be a little high."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Outsourcing Company
9%
Manufacturing Company
8%
Construction Company
8%
Manufacturing Company
12%
Financial Services Firm
11%
Outsourcing Company
10%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise16
 

Questions from the Community

Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Sumo Logic Security?
I would say that the pricing for Sumo Logic Security is in the medium part of the market. If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to fin...
What needs improvement with Sumo Logic Security?
I would say there are a few more things that Sumo Logic Security can improve on. It is not the tool; it is a technical part. From the app point of view, I would say when we need to include a few la...
 

Overview

 

Sample Customers

Military, Defence and Security Agencies, Banking Finance and Insurance companies, Retail, Health and Utilities.
Information Not Available
Find out what your peers are saying about Snare vs. Sumo Logic Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.