We performed a comparison between Snare and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The main benefit is the ease of integration."
"Log aggregation and data connectors are the most valuable features."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The product can integrate with any device."
"Snare has good agents, especially for Windows."
"The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have security value."
"The best thing about Snare is its format and consistency."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"We are able to diagnose problems before our customers."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The solution should allow for a streamlined CI/CD procedure."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The troubleshooting has room for improvement."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"We'd like to see more connectors."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Users will initially find it difficult to identify the event types and installation in Snare."
"Snare should modernize its GUI a little bit."
"The solution is now developing a SIEM-like feature on Snare Central Server, but it's not complete yet."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"Sumo Logic needs to make sure integrating solutions are seamless."
"There are some API gaps that are missing."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
Snare is ranked 41st in Log Management with 3 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. Snare is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Snare writes "A highly scalable solution that is easy to manage and super easy to set up". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Snare is most compared with Splunk Enterprise Security, syslog-ng, SolarWinds Kiwi Syslog Server, LogRhythm SIEM and ArcSight Enterprise Security Manager (ESM), whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Snare vs. Sumo Logic Security report.
See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.