We performed a comparison between Sumo Logic Security and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The product can integrate with any device."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"We are able to diagnose problems before our customers."
"We can integrate threat intelligence solutions into the product."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"The system's management and its alerts are the most valuable aspects of the solution."
"The most valuable feature is server virtualization. It's been very useful."
"The tool helps my company deal with security and log analysis, which are very important areas for us...It is a scalable solution."
"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"The root cause analysis feature is very valuable."
"It is a very useful tool if you have a VMware environment."
"The trace log is the solution's most valuable feature. It's very helpful in troubleshooting problems."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The on-prem log sources still require a lot of development."
"I think the number one area of improvement for Sentinel would be the cost."
"Sumo Logic Security is expensive, and its pricing could be improved."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"There are some API gaps that are missing."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The tool does not provide a centralized pane for monitoring."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
"What I'd like to improve in vRealize Log Insight is the licensing model. VMware provides vRealize Log Insight along with the VMware Cloud Foundation, but customers who would like to go for the native VMware would have to procure vRealize Log Insight separately. Today, vRealize Log Insight is offered on two different licenses, one is based on the number of VMs, and the other is based on the number of physical codes on the machine. If VMware can provide a bundle offer for customers who procure more than ten licenses, where you can have an option to run, for example, three hundred machines on vRealize Log Insight with no extra cost, this would encourage more people to adopt the solution. What I'd like to see in the next release of vRealize Log Insight is for a cloud option to be available, which would be a pay-as-you-go licensing model that would allow me to pick and choose what I'll monitor. For example, I have one thousand and three hundred critical servers, and the seven hundred servers for basic development, I don't want to monitor on vRealize Log Insight today, so I should be able to pick what I need to monitor on the solution and only pay for that specific instance. If VMware can apply these changes, it would help VMware customers to procure more or adopt more of vRealize Log Insight even in smaller projects."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
"Technical support should be improved."
"Integration with other vendors is something that could be improved, they could add more vendors."
"Paid or free does not matter, but it is complex to find good training material for vRealize Log Insight."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Sumo Logic Security is ranked 22nd in Log Management with 18 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Sumo Logic Security is rated 8.6, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, IBM Security QRadar and Grafana Loki, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and ArcSight Logger. See our Sumo Logic Security vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.