We performed a comparison between Sumo Logic Security and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Log aggregation and data connectors are the most valuable features."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The main benefit is the ease of integration."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"We are able to diagnose problems before our customers."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"What I like is that you can have different storage locations for different applications."
"The solution is quite user-friendly."
"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"We use the on-premises version of this solution for log analysis and to find details about certain issues."
"We are using it because we have a VMware product. It has its own built in dashboards for VMware products, and that's a good thing."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"The interface of the solution is good."
"It allows us to gain a comprehensive overview of our infrastructure."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The on-prem log sources still require a lot of development."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"Sumo Logic needs to make sure integrating solutions are seamless."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"Sumo Logic Security is expensive, and its pricing could be improved."
"The solution should improve its UI."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"Integration with other vendors is something that could be improved, they could add more vendors."
"It needs better integration with third-party analytics tools."
"Log Insight should be better at dealing with audits and security logs. We use another product called QRadar for that."
"It's great for VMware, but it would be good if they had third-party logins."
"Log retention should have more options for user control."
"The pricing of the solution could be improved."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Sumo Logic Security is ranked 22nd in Log Management with 18 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Sumo Logic Security is rated 8.6, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, IBM Security QRadar and Grafana Loki, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and ArcSight Logger. See our Sumo Logic Security vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
