IT Central Station is now PeerSpot: Here's why
Systems Administrators at a tech services company with 201-500 employees
Real User
Top 5
Very helpful for monitoring and alarming, very stable and scalable, and excellent technical support
Pros and Cons
  • "File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
  • "It should have some more message monitoring features. It can also have some free message monitoring tools."

What is our primary use case?

I use LogRhythm for PCI DSS compliance. All of our devices are sending logs to LogRhythm. I have set up Silent Integrity Monitoring, Data Loss Prevention, Registry Integrity Monitoring, and other alarms for detection, and we do investigations.

How has it helped my organization?

I don't have metrics, but it has really improved the monitoring and alarming for us. 

What is most valuable?

File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting.

What needs improvement?

It should have some more message monitoring features. It can also have some free message monitoring tools.
Buyer's Guide
LogRhythm NextGen SIEM
June 2022
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,190 professionals have used our research since 2012.

For how long have I used the solution?

I have been using this solution for about two years.

What do I think about the stability of the solution?

It has been very stable. There are no major issues. It has been exactly doing what I expected it to do.

What do I think about the scalability of the solution?

It has been very scalable in terms of adding new systems and stuff like that. It has been quite good. We have plans to increase the usage of LogRhythm. We have some new solutions and new networks coming up. We might be looking to expand within the next two years to onboard new systems.

How are customer service and support?

Technical support has been excellent so far. I never had any issues with technical support. Their support has been excellent.

Which solution did I use previously and why did I switch?

I didn't use any other solution previously.

How was the initial setup?

It was pretty straightforward. The actual deployment of it took about two days, but the implementation strategy took longer. It took a couple of months for meetings and planning with different experts, project managers, and engineers. They looked at our business requirements and other things. We have two administrators and two analysts. Four of us are managing the system.

What's my experience with pricing, setup cost, and licensing?

It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that. 

Which other solutions did I evaluate?

When I was looking for a solution, I looked at Splunk and LogRhythm. There was one from SolarWinds as well. Cost-wise, LogRhythm was the one that impressed me the most. Splunk was really good as well, but it was a little too costly.

What other advice do I have?

I would definitely recommend this solution for compliance requirements, such as PCI DSS compliance. It does cost a great amount, but its pricing is competitive with some of the other vendors. If it is a necessity to have a SIEM solution, I would definitely recommend LogRhythm. I would rate LogRhythm NextGen SIEM a nine out of ten. It has been really good. So far, my experience has been seamless. They should keep doing what they're doing.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Shreenkhala Bhattarai - PeerSpot reviewer
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Stable with an easy initial setup and good security
Pros and Cons
  • "The initial setup is pretty easy."
  • "For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."

What is our primary use case?

We typically consult with our clients and help them with necessary services.

What is most valuable?

The UEBA flow is the most useful aspect of the solution.

The initial setup is pretty easy.

While the cost is high, the security provided is quite good, and for those who can afford it, they will pay for the peace of mind.

What needs improvement?

I'm not a fan of the system's user interface.

For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country.

We'd like it if the solution could be more customizable in future releases.

For how long have I used the solution?

We've been dealing with the solution for about a year.

What do I think about the stability of the solution?

The solution is quite stable. There aren't issues related to bugs or glitches. It doesn't crash. It's reliable.

What do I think about the scalability of the solution?

The solution can scale if a client needs it to.

We have clients that have 10-15 users on the solution. They are mostly security analysts. In terms of those that can actually view and escalate cases, there may only be five with such access.

At this point, there aren't any plans to increase usage.

How are customer service and technical support?

We typically are the ones that handle technical support for our clients if they run into issues.

How was the initial setup?

The initial setup is not complicated. It's quite easy and very straightforward if you follow the guides provided. I followed the guides and found it to be rather simple. It's not difficult to get everything up and running.  

The deployment doesn't take too long. You can have it ready to go in one working day. That includes installation and configuration.

We have a minimum of five people who handle maintenance and deployments.

What about the implementation team?

Our company handles the installation for our clients. We can handle the implementation ourselves. We don't need a separate consultant or integrator.

What's my experience with pricing, setup cost, and licensing?

In our market, for the price it costs, our clients aren't using this solution so much. It seems to be quite expensive in Nepal. That said, even with the fees and a rather high cost, it is the best product among other competitors. 

What other advice do I have?

We're partners with LogRhythm.

We don't technically use the solution typically. We consult with clients and advise on products. We also provide services on the solutions we offer. In this case, we do use the product as we log issues.

We use the latest version of the solution.

For our customers, the pricing will scare off many. However, if users are concerned more with the security of their account, they'll find this is a good option.

I would recommend the product. On a scale from one to ten, I'd rate it at an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
LogRhythm NextGen SIEM
June 2022
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,190 professionals have used our research since 2012.
Chamini Ellawala - PeerSpot reviewer
Associate Senior Engineer - Network & Security at Connex Information Technologies (Pvt) Ltd.
Reseller
Top 20
Enables us to alternate incident automations but reporting needs improvement
Pros and Cons
  • "The most valuable feature is that we can alternate incident automations."
  • "We need to get better training for things like creating code and playlists. The way it's done now takes a long time."

What is our primary use case?

Our primary use case is for financial companies and telcos.

What is most valuable?

The most valuable feature is that we can alternate incident automations.

What needs improvement?

We need to get better training for things like creating code and playlists. The way it's done now takes a long time. 

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for two years. 

What do I think about the stability of the solution?

The stability depends on the client we installing or integrating for based on the server's requirements. We can create them according to that defined time period. It's not that difficult but depending on the customer or the other server requirements.

We can have a dashboard in a single platform, we can get notifications via email or SMS, and we have Smart Response actions. So that kind of possibility is there.

What do I think about the scalability of the solution?

Our clients are mostly on a larger scale. 

How are customer service and technical support?

You can request support and they respond immediately. They're really good. 

How was the initial setup?

The initial setup is easy. It can take two hours. The first day of deployment is easy. Then depending on the devices and log servers, it can take time. We can give them predefined or pre-created devices and logs. The deployment depends on the devices and systems we are integrating. But the initial stage is easy.

What's my experience with pricing, setup cost, and licensing?

Because we are a developing country, the costs depend on country development. We implement it for large-scale companies because normal companies, startup companies, can't afford products at that price. We mainly focus on large-scale companies.

What other advice do I have?

I would definitely recommend this solution if you can afford it. 

We get customized reports and we get reports including all the details, but when we start using them we couldn't start with the Outlook editor. We can customize a document and we can write a report. The dashboards are very user-friendly and very attractive. But when it comes to the reporting part, I think that could use improvement in the next release. 

I would rate it a seven out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Jason Gagnon - PeerSpot reviewer
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
Real User
Top 20
Good support, offers customized alarms, and helps us to focus our investigative efforts
Pros and Cons
  • "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
  • "There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."

What is our primary use case?

We use multiple instances as dark sites. We have roughly 350-400 hosts per site consisting of 4K to 5K log sources.

How has it helped my organization?

It has not only helped us meet requirements on a development program, but it has also allowed us to focus on insider threats as well as provide forensics capabilities to identify potential security risks.

What is most valuable?

I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios.

What needs improvement?

There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back. I was told that this was due to processor overhead but with the amount of CPU and memory suggested, I don't see why this would be an issue.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for six years.

What do I think about the stability of the solution?

It is stable when all the resource recommendations are met.

What do I think about the scalability of the solution?

Scalability is endless with this product.

How are customer service and technical support?

Technical support has been great.

Which solution did I use previously and why did I switch?

We did not use another product prior to this one.

How was the initial setup?

The initial setup is pretty straight forward.

What about the implementation team?

Our in-house team handled deployment.

What's my experience with pricing, setup cost, and licensing?

I don't get involved with pricing.

Which other solutions did I evaluate?

We did not evaluate other options.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Principal Consultant at ITSEC Asia
Consultant
It improves response times and makes it easier for us to analyze threats
Pros and Cons
  • "LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
  • "The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."

What is our primary use case?

LogRhythm is a cybersecurity solution. It's used for detection, lateral movement or initial access. 

How has it helped my organization?

LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.

What is most valuable?

LogRhythm's dashboard can link to many other kinds of information.

What needs improvement?

The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read. 

For how long have I used the solution?

I used the product for the first time last year, and we deployed it for one of our clients about five months ago.

What do I think about the stability of the solution?

LogRhythm's performance is average. We don't have many issues. There are a few at the moment, but I think it's because the message per second is above the design. If we reduce that, the solution will perform well

How are customer service and support?

We haven't had any issues with support so far. It's okay.

How was the initial setup?

Setting up LogRhythm SIEM is complex. Everything is complicated — the activity, integration, and analysis. 

What other advice do I have?

I rate LogRhythm NextGen SIEM nine out of 10. People should consider LogRhythm. Take a close look and try it. It's one of the best SIEM solutions in the world.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Haitham AL-Sarmi - PeerSpot reviewer
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
Top 5
Simple to manage, use-friendly, and helpful support
Pros and Cons
  • "LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
  • "LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."

What is most valuable?

LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it.

What needs improvement?

LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time.

For how long have I used the solution?

I used LogRhythm NextGen SIEM within the last 12 months.

What do I think about the stability of the solution?

The stability of LogRhythm NextGen SIEM is good.

What do I think about the scalability of the solution?

LogRhythm NextGen SIEM is scalable.

How are customer service and support?

The solution has good technical support. 

I would rate the technical support from LogRhythm NextGen SIEM a four out of five.

Which solution did I use previously and why did I switch?

I have used previously ELK Logstash. In my country, LogRhythm NextGen SIEM is used more than ELK Logstash.

How was the initial setup?

The installation is straightforward.

I rate the installation of LogRhythm NextGen SIEM a four out of five.

What's my experience with pricing, setup cost, and licensing?

The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee.

The price of LogRhythm NextGen SIEM engineers is expensive, but when comparing them to ELK, ELK engineers are more expensive.

What other advice do I have?

My advice to others is for the initial deployment it should be done by certified engineers or the authorized vendor.

I rate LogRhythm NextGen SIEM a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
security solutions integrator at a consultancy with 1-10 employees
Real User
The GUI is easy to explore, and it integrates well with other security solutions
Pros and Cons
  • "LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
  • "LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."

What is most valuable?

LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases.

What needs improvement?

LogRhythm's SOAR and NDR features don't stack up well against competitors. 
maybe integrating theme functionality as the other do. But in general, it's okay.

For how long have I used the solution?

We started with LogRhythm about three years ago.

What do I think about the stability of the solution?

LogRhythm is stable. 

What do I think about the scalability of the solution?

Scalability is a matter of cost. LogRhythm has the technical capacity to scale if you pay for the components and licenses. 

How are customer service and support?

LogRhythm's support is good.

How was the initial setup?

Setting up LogRhythm is straightforward. It is not complicated.

What's my experience with pricing, setup cost, and licensing?

We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget.

What other advice do I have?

I rate LogRhythm eight out of 10. With any solution, you need to deploy the use cases correctly, so the customer should understand the use cases for a SIEM. An SIEM solution only collects and centralizes logs instead of detecting unknown malware. There are no use cases that are customized to fit the customers' context. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Shreenkhala Bhattarai - PeerSpot reviewer
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Efficiently catches threats and reduces the risk of exposure

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very straightforward. We deployed LogRhythm very easily. In total, including configuration, we deployed this solution in less than one day.

What's my experience with pricing, setup cost, and licensing?

In the context of our country, the price of this solution is too high.

What other advice do I have?

Overall, on a scale from one to ten, I would give LogRhythm NextGen SIEM a rating of eight. 

I would definitely recommend this solution; my only concern is with the price — it should be lower.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2022
Buyer's Guide
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions.