We changed our name from IT Central Station: Here's why
Jason Gagnon
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
Real User
Top 20
Good support, offers customized alarms, and helps us to focus our investigative efforts
Pros and Cons
  • "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
  • "There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."

What is our primary use case?

We use multiple instances as dark sites. We have roughly 350-400 hosts per site consisting of 4K to 5K log sources.

How has it helped my organization?

It has not only helped us meet requirements on a development program, but it has also allowed us to focus on insider threats as well as provide forensics capabilities to identify potential security risks.

What is most valuable?

I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios.

What needs improvement?

There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back. I was told that this was due to processor overhead but with the amount of CPU and memory suggested, I don't see why this would be an issue.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for six years.

What do I think about the stability of the solution?

It is stable when all the resource recommendations are met.

What do I think about the scalability of the solution?

Scalability is endless with this product.

How are customer service and technical support?

Technical support has been great.

Which solution did I use previously and why did I switch?

We did not use another product prior to this one.

How was the initial setup?

The initial setup is pretty straight forward.

What about the implementation team?

Our in-house team handled deployment.

What's my experience with pricing, setup cost, and licensing?

I don't get involved with pricing.

Which other solutions did I evaluate?

We did not evaluate other options.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
security solutions integrator at a consultancy with 1-10 employees
Real User
The GUI is easy to explore, and it integrates well with other security solutions
Pros and Cons
  • "LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
  • "LogRhythm's SOAR and NDR features don't stack up well against competitors. maybe integrating theme functionality as the other do. But in general, it's okay."

What is most valuable?

LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases.

What needs improvement?

LogRhythm's SOAR and NDR features don't stack up well against competitors. 
maybe integrating theme functionality as the other do. But in general, it's okay.

For how long have I used the solution?

We started with LogRhythm about three years ago.

What do I think about the stability of the solution?

LogRhythm is stable. 

What do I think about the scalability of the solution?

Scalability is a matter of cost. LogRhythm has the technical capacity to scale if you pay for the components and licenses. 

How are customer service and support?

LogRhythm's support is good.

How was the initial setup?

Setting up LogRhythm is straightforward. It is not complicated.

What's my experience with pricing, setup cost, and licensing?

We work with French-speaking African countries, and it costs more than the average SIEM solution. Also, the pricing isn't too flexible. AlienVault, Splunk, and IBM QRadar are more suitable for customers on a tight budget.

What other advice do I have?

I rate LogRhythm eight out of 10. With any solution, you need to deploy the use cases correctly, so the customer should understand the use cases for a SIEM. An SIEM solution only collects and centralizes logs instead of detecting unknown malware. There are no use cases that are customized to fit the customers' context. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,327 professionals have used our research since 2012.
Shreenkhala Bhattarai
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Efficiently catches threats and reduces the risk of exposure

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very…

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very straightforward. We deployed LogRhythm very easily. In total, including configuration, we deployed this solution in less than one day.

What's my experience with pricing, setup cost, and licensing?

In the context of our country, the price of this solution is too high.

What other advice do I have?

Overall, on a scale from one to ten, I would give LogRhythm NextGen SIEM a rating of eight. 

I would definitely recommend this solution; my only concern is with the price — it should be lower.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions.