LogRhythm SIEM Pros review quotes

it_user756429 - PeerSpot reviewer
Oct 17, 2017
Provides visibility into the network.
RC
Oct 16, 2022
The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation.
Joseph W. - PeerSpot reviewer
Oct 18, 2022
One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us.
Learn what your peers think about LogRhythm SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
JM
Oct 28, 2018
We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products.
AS
May 9, 2019
The feature that makes it usable is the web interface.
it_user756333 - PeerSpot reviewer
Oct 17, 2017
The PCI compliance pieces that help us produce reports for our external auditor, and their support.
KM
Oct 17, 2017
The ability for me to go into the Web UI, and just learn what's going on in my environment.
EE
Oct 17, 2017
It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast.
it_user769692 - PeerSpot reviewer
Nov 8, 2017
LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts.
it_user769659 - PeerSpot reviewer
Nov 8, 2017
The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources.
 

LogRhythm SIEM Cons review quotes

it_user756429 - PeerSpot reviewer
Oct 17, 2017
I would probably look for more things to go into the web console that is currently on the fat client.
RC
Oct 16, 2022
We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM.
JB
Oct 28, 2018
My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue.
Learn what your peers think about LogRhythm SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Joseph W. - PeerSpot reviewer
Oct 18, 2022
When we originally got LogRhythm, their tech support was fantastic, and I loved them. Now, we don't quite get as quick of a response. I've been disappointed in the more recent tech support. When you call in, they'll say that they will get you somebody, and you'll finally get someone who will contact you back a day or so later. Whereas before, I would get help right away.
JM
Oct 28, 2018
I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that.
AS
May 9, 2019
It is a product that is very hard to use.
it_user756333 - PeerSpot reviewer
Oct 17, 2017
I would really like to see some type of group or global management for RIM policies,
KM
Oct 17, 2017
I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm.
EE
Oct 17, 2017
I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph.
it_user769692 - PeerSpot reviewer
Nov 8, 2017
Right now there is the concern about being able to gather all of the data into the system.