LogRhythm SIEM Reviews

Name: LogRhythm SIEM
Brand: Exabeam
Rating: 4.1 (176 reviews)

Vendor: Exabeam

4.1 out of 5

176 reviews
89% willing to recommend

Leave a review

What is LogRhythm SIEM?

LogRhythm SIEM offers advanced threat intelligence, scalable deployment, and streamlined log management. It enhances security posture with AI-driven threat detection and comprehensive monitoring.

Get the LogRhythm SIEM Buyer's Guide and find out what your peers are saying about LogRhythm SIEM, CrowdStrike Falcon, Wazuh and more!

LogRhythm SIEM is the #11 ranked solution in top Security Information and Event Management (SIEM) solutions and #13 ranked solution in Log Management Software. PeerSpot users give LogRhythm SIEM an average rating of 8.2 out of 10. LogRhythm SIEM is most commonly compared to CrowdStrike Falcon: LogRhythm SIEM vs CrowdStrike Falcon. LogRhythm SIEM is popular among the large enterprise segment, accounting for 39% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 10% of all views.

Helped 890,088 peers since 2012

Featured LogRhythm SIEM reviews

SaiKrishna2

Cyber Security Engineer at Diyar United Company

I cannot think of any specific features that LogRhythm SIEM can improve upon since it supports a wide variety of major vendors. However, they need to improve their parsing techniques; the tool should understand various devices and present data in a human-readable format. For example, if a personal Android mobile needs to be integrated, LogRhythm SIEM should be able to parse that data effectively. They also need to improve their database of supported devices to cover smaller vendors alongside the major players, allowing for better global reach and usability. I have noticed some problems with parsing errors, event mismatches, and data mismatching, so ensuring accurate parsing and continuous improvement according to device updates are my basic expectations as a detection engineer.

Read full review

SumitKumar20

Security Engineer at Granicus Inc.

One major area for improvement in LogRhythm SIEM is the lack of volume measurement capability in terms of storage. There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments. This information is crucial for planning future storage needs and scalability. The system monitor (collector) agent has issues with resource consumption. Even when not actively collecting data, the agent continues to consume significant CPU and memory resources, which can be particularly problematic for small business environments with limited resources. LogRhythm SIEM could improve by adding more default device support. While they have good default settings for devices such as Palo Alto firewalls, custom log sources often require extensive work. Increasing the number of supported devices with built-in policies and functionality would reduce the need for custom work. Competitive SIEM tools often provide more comprehensive coverage for various devices and vendors.

Read full review

Rajin Sandira

Engineer Information Security at N-Able (Pvt) Ltd

LogRhythm SIEM could learn from Wazuh, as Wazuh has a built-in mechanism that allows you to write custom scripting and scripts through languages that Wazuh can then trigger, which is somewhat better and more matured in Wazuh compared to LogRhythm SIEM. Additionally, the parsers that I write for LogRhythm SIEM tend to get quite complex for log parsing, while with Wazuh, I can achieve a similar parser with much less complexity. Those are some of the pain points that some of our customers have been expressing. If LogRhythm SIEM could make a lightweight version of their solution, that would be quite competitive because some of my customers have a very large need but refuse to go with LogRhythm SIEM due to its complexity and high resource intensity. Therefore, they have been moved to Wazuh, which I am deploying for them. Even though LogRhythm SIEM has extremely good capabilities, their resource utilization is too heavy for certain customers, so if they could make a separate, lightweight version, that would be quite beneficial.

Read full review

LogRhythm SIEM mindshare

Product category:

As of April 2026, the mindshare of LogRhythm SIEM in the Security Information and Event Management (SIEM) category stands at 2.5%, down from 3.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Mindshare Distribution
Product	Mindshare (%)
LogRhythm SIEM	2.5%
Splunk Enterprise Security	7.0%
IBM Security QRadar	5.2%
Other	85.3%

Security Information and Event Management (SIEM)

PeerResearch reports based on LogRhythm SIEM reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	Apr 26, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 26, 2026	Download
Comparison	LogRhythm SIEM vs Splunk Enterprise Security	Apr 26, 2026	Download
Comparison	LogRhythm SIEM vs Wazuh	Apr 26, 2026	Download
Comparison	LogRhythm SIEM vs IBM Security QRadar	Apr 26, 2026	Download

Valuable Features

LogRhythm SIEM offers comprehensive security management with features like AI Engine for threat intelligence, easy-to-use web console, and advanced alerting mechanisms. Its log collection and aggregation from various sources provide centralized visibility, enabling quick identification of threats. Users appreciate customizable dashboards, robust analytics, compliance reporting, and seamless integration with other security tools. Its intuitive interface simplifies administration, making it accessible even without expert knowledge. LogRhythm is scalable, reliable, and praised for excellent technical support.

"LogRhythm is a perfect example of "Garbage In, Garbage Out" in Information Security—LogRhythm reports on the Cardholder Data Environment (CDE) activity are only as reliable as the data coming in."
"SOAR is integrated with the dashboard that we use for threat management, and because it's all integrated, it is useful for us when we deploy something on-prem."
"LogRhythm NextGen SIEM covers all our primary security analysis needs, makes it easier for us to analyze threats and improves our response times, and is a versatile platform that performs queries fast compared to other SIEM solutions."

Room for Improvement

LogRhythm SIEM faces challenges in report building, customization, and integration. There are concerns about interface usability, efficiency in log retrieval, and lack of pre-built templates. Users report limitations with Windows-based operations, insufficient support, and scalability for large organizations. Improvements are needed in automation, parser development, and dashboard features. Users also express dissatisfaction with documentation, support services, and data parsing accuracy. Enhanced cloud capabilities and streamlined user interfaces are essential for better user experience.

"If there are interruptions in the data downloads or hosts that don't report to LogRhythm from the CDE, the utility of the LogRhythm Reports declines dramatically."
"When we are on-prem, it's a little complicated and has a lot of challenges that the customer doesn't want."
"Setting up LogRhythm SIEM is complex. Everything is complicated — the activity, integration, and analysis."

ROI

Users express significant benefits from implementing LogRhythm SIEM, noting improved detection and response times, increased staff productivity, and enhanced security capabilities. Although quantifying ROI proves challenging for some, others report nearly immediate returns, with some cutting team sizes significantly and observing shorter detection times. Many consider it a cost-effective investment, especially for medium-sized organizations, and report satisfaction due to its powerful toolset and contribution to a secure environment.

Pricing

LogRhythm SIEM pricing is perceived as competitive, especially for medium to large enterprises. Users find the licensing straightforward and appreciate the bundle that includes essential licenses. While some report higher initial setup costs, the value is justified by robust features and support. Cost depends on log volume, and licenses are available on a perpetual basis, avoiding annual renewals. However, for small businesses and certain regions, it is considered expensive. Discounts and flexible options can be negotiated.

"The license cost is around $10 per MPS."
"I think the tool is reasonably priced. There is a need to pay per year towards the licensing costs of the tool."
"On a scale of one to ten, I'd rate the pricing of this solution as a seven - not too expensive but not cheap either.Regarding licensing costs, it varies depending on factors like being a partner or an end user, but there are no additional costs aside from standard licensing fees for the basic SIEM solution."

Popular Use Cases

LogRhythm SIEM is predominantly used for log analysis, compliance, and threat detection across geographically diverse networks. Users leverage it for centralized log management, event correlation, and security investigations. It's vital for maintaining regulatory requirements like HIPAA and PCI, monitoring server and firewall activities, and ensuring incident response capabilities. The platform is integral for SOC operations, supporting user behavior analytics, threat hunting, and providing insights into security postures.

Service and Support

Customers generally find LogRhythm SIEM's customer service and support teams to be knowledgeable and responsive, often resolving issues quickly. Callbacks are timely, and technical staff shows expertise, though response speed sometimes varies. While initial contact can be slow, escalation to higher tiers usually resolves this. Staff demonstrates professionalism and offers strong knowledge transfer, with periods of extended resolution due to staff learning curves or complex inquiries. LogRhythm SIEM's automation and resource consumption are also highlighted favorably.

Deployment

Many found LogRhythm SIEM's initial setup straightforward and easy to manage, especially with the help of Professional Services. Some described it as seamless for straightforward environments, but noted complexity for more intricate setups involving multiple components or integrations. Despite technical challenges, users were generally positive about the setup experience. Integration hurdles were common when involving multiple log sources or complex networks, but support from LogRhythm and external expertise often mitigated these issues.

Scalability

LogRhythm SIEM's scalability receives positive feedback, with many appreciating its ease of expansion and adaptability. Users find it scalable, supporting varying organizational sizes without major issues. Some note improvements in newer versions. A few challenges exist, such as specific setup complexities and hardware needs. Generally, it's viewed as performing well across diverse environments, adapted for high message rates while maintaining functionality. Its design supports various environments, including cloud and on-premise settings.

Stability

Users find LogRhythm SIEM to be largely stable once properly configured, with occasional issues related to hardware or updates. Support effectively resolves challenges, and users appreciate its scalability and reliability. However, large deployments may face stability and performance concerns, particularly under high data loads. Although there are minor bugs, patches improve functionality. Some users rate its stability favorably, while others mention stability as an area needing enhancement for heavy data environments, rating it around seven to eight out of ten.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our LogRhythm SIEM Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	30
Midsize Enterprise	34
Large Enterprise	66

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	367
Midsize Enterprise	217
Large Enterprise	377

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

10%

Construction Company

Computer Software Company

Comms Service Provider

Manufacturing Company

Government

Marketing Services Firm

Educational Organization

Performing Arts

Healthcare Company

University

Outsourcing Company

Transportation Company

Media Company

Insurance Company

Real Estate/Law Firm

Retailer

Energy/Utilities Company

Legal Firm

Pharma/Biotech Company

Wholesaler/Distributor

Recreational Facilities/Services Company

Hospitality Company

Consumer Goods Company

Logistics Company

Non Profit

Aerospace/Defense Firm

Compare LogRhythm SIEM with alternative products

Learn more about LogRhythm SIEM

LogRhythm SIEM stands out for its AI-driven threat correlation, ease of log aggregation, and robust reporting. Offering real-time visibility and analytics through consistent navigation and dashboards, it integrates with security components for enhanced monitoring and response. Advanced threat intelligence and customizable alerts streamline processes and bolster security. While it faces challenges with log parsing, reporting, and dashboard intuitiveness, plans to enhance cloud integration and transition to Linux are noted.

What are the standout features?

AI Threat Correlation: Employs AI to correlate threats for efficient detection.
Log Aggregation: Simplifies the collection of logs from multiple sources.
Scalable Deployment: Offers flexible scaling to accommodate growth.
Robust Reporting: Provides detailed analysis for informed decisions.
Advanced Threat Intelligence: Engages cutting-edge techniques to assess threats.

What benefits and ROI can users expect?

Improved Security Posture: Enhanced threat detection and response.
Streamlined Processes: Automation leads to efficiency gains.
Comprehensive Compliance: Facilitates adherence to regulatory standards.
Centralized Log Management: Unified log overview aids in quick insights.

In industries like banking and finance, organizations utilize LogRhythm SIEM for centralized log management, security monitoring, and compliance. It helps detect insider threats, analyze server logs, correlate events, and monitor user behaviors. Appreciated for log ingestion and anomaly identification, it ensures robust cybersecurity and incident response by integrating data from multiple sources.

LogRhythm SIEM was previously known as LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM.

LogRhythm SIEM customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill

Product Categories

Security Information and Event Management (SIEM)

Log Management

Popular Comparisons

CrowdStrike Falcon vs LogRhythm SIEM

Wazuh vs LogRhythm SIEM

Datadog vs LogRhythm SIEM

Splunk Enterprise Security vs LogRhythm SIEM

Dynatrace vs LogRhythm SIEM

IBM Security QRadar vs LogRhythm SIEM

Microsoft Sentinel vs LogRhythm SIEM

Cribl vs LogRhythm SIEM

Elastic Security vs LogRhythm SIEM

Grafana Loki vs LogRhythm SIEM

Graylog Enterprise vs LogRhythm SIEM

Security Onion vs LogRhythm SIEM

Rapid7 InsightIDR vs LogRhythm SIEM

Fortinet FortiSIEM vs LogRhythm SIEM

Amazon OpenSearch Service vs LogRhythm SIEM

See all alternatives

LogRhythm SIEM Reviews Summary
Author info	Rating	Review Summary
Cyber Security Engineer at Diyar United Company	3.5	I work with LogRhythm SIEM mainly in detection engineering. The tool is customizable and easier than QRadar but can be unstable. Improvements are needed in parsing techniques. Despite limitations, it provides significant resource savings of around 30%.
Security Engineer at Granicus Inc.	3.5	I've used LogRhythm SIEM for five years; it's effective for log retention and threat detection, with useful custom parsing and alert features, though it lacks storage visibility, full device support, and struggles with resource use in large environments.
Engineer Information Security at N-Able (Pvt) Ltd	3.5	I recommend LogRhythm SIEM for large enterprises due to its strong threat detection and customization, though it's complex and resource-heavy; I prefer Wazuh for smaller clients needing simplicity, despite LogRhythm’s excellent support and behavioral analytics.
Product Development - Security Solutions Manager at Aplikanusa Lintasarta	4.5	I primarily use LogRhythm SIEM in the financial sector for its strong machine-learning capabilities, seamless integration, and user-friendly interface, though its SOAR features need improvement. My clients appreciate its secure, cost-effective environment and scalability.
Senior Security Consultant at ITSEC Asia	3.5	I use LogRhythm SIEM primarily in Indonesia for government agencies requiring an on-prem solution. It's comprehensive, also offering EDR and XDR. However, it's slow, especially when retrieving logs with multiple filters using Logstash.
Network and Security Specialist at Ajman Digital Government	4.0	I use LogRhythm SIEM to enhance threat detection and response capabilities, appreciating its easy configuration, user behavior analysis, and compliance features. It provides better ROI than Splunk, though improvements in custom dashboard tools are needed for security.
Cyber Security Senior Consultant at Inspira Enterprise	4.0	I use LogRhythm SIEM for event monitoring due to its excellent dashboard and smooth operation, making event analysis easy. However, integration with other technologies is challenging, and its backend and technical support could improve compared to IBM QRadar.
Global Security Manager at Chart Industries Inc	4.5	As the core of my SOC, LogRhythm drastically cuts investigation time and provides immense ROI, reducing detection from weeks to minutes. Despite challenges integrating new log sources, its ease of use, excellent support, and competitive pricing are key.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	3.3%	97%	140 interviews Add to research
Wazuh	3.7	5.1%	81%	50 interviews Add to research

LogRhythm SIEM Reviews

What is LogRhythm SIEM?

Featured LogRhythm SIEM reviews

LogRhythm SIEM mindshare

PeerResearch reports based on LogRhythm SIEM reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare LogRhythm SIEM with alternative products

Learn more about LogRhythm SIEM

LogRhythm SIEM customers

Related questions

Product Categories

Popular Comparisons