LogRhythm UEBA OverviewUNIXBusinessApplication

LogRhythm UEBA is the #12 ranked solution in XDR Security products and #14 ranked solution in top User Behavior Analytics - UEBA tools. PeerSpot users give LogRhythm UEBA an average rating of 7.0 out of 10. LogRhythm UEBA is most commonly compared to Darktrace: LogRhythm UEBA vs Darktrace. LogRhythm UEBA is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Buyer's Guide

Download the User Behavior Analytics - UEBA Buyer's Guide including reviews and more. Updated: December 2022

What is LogRhythm UEBA?

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm UEBA was previously known as LogRhythm UserXDR, LogRhythm Enterprise UEBA.

LogRhythm UEBA Video

Archived LogRhythm UEBA Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
PeerSpot user
Team Lead - Network and Security at a tech services company with 51-200 employees
Real User
Top 10
Good file and registry activity monitoring capability, and the support team is helpful
Pros and Cons
  • "The most valuable features are file activity monitoring and registry activity monitoring."
  • "It would be helpful if there were more guidance provided for integrating with unsupported devices."

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients.

Customers in Sri Lanka generally purchase this product for network monitoring. 

How has it helped my organization?

Implementing this provides greater visibility into the network, as well as client activities.

What is most valuable?

This solution is really easy to configure.

The most valuable features are file activity monitoring and registry activity monitoring. Users like to have insight as to what is being modified while certain processes are running.

There is a large number of supported devices.

What needs improvement?

It would be helpful if there were more guidance provided for integrating with unsupported devices.

Buyer's Guide
User Behavior Analytics - UEBA
December 2022
Find out what your peers are saying about LogRhythm, Splunk, Securonix Solutions and others in User Behavior Analytics - UEBA. Updated: December 2022.
657,397 professionals have used our research since 2012.

For how long have I used the solution?

I have been working with this solution from LogRhythm for about three years.

What do I think about the stability of the solution?

We have had no bugs, glitches, or other problems with stability.

What do I think about the scalability of the solution?

Scalability has not been an issue for us.

How are customer service and support?

I have been in contact with technical support and they are really good. They have guided us when we've had problems with misconfiguration.

How was the initial setup?

It took us about a month and a half to deploy this solution. The first month involved the setup and then there were two weeks of fine-tuning. In total, after six weeks we were able to bring up the system without any issues.

The deployment for our customers is usually on-premises, although there is a cloud version as well.

What's my experience with pricing, setup cost, and licensing?

The pricing is nice when compared to other products in the industry.

What other advice do I have?

Overall, this is a really good product and I recommend it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
HananSyed - PeerSpot reviewer
Cyber Security Consultant at Mideast Data Systems
Real User
Top 20
Has many valuable features but consumes too many resources
Pros and Cons
  • "It has a lot of features. It has file integration monitoring."
  • "It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."

What is our primary use case?

Our primary use case is to identify the identities and anomalous user behavior and to enhance visibility. 

What needs improvement?

It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved. 

For how long have I used the solution?

I have been using LogRhythm Enterprise UEBA for five years. 

What do I think about the scalability of the solution?

The scalability is quite good. We don't have any issues with it. The only problem is that the agents consume too much memory and system resources. The memory and resource consumption is high. 

How are customer service and technical support?

We have contacted technical support. On a scale from one to ten, I would rate them a six. They respond but it's time-consuming to contact support. We repeatedly call them and they don't respond. They're not as good as other support in the industry. 

How was the initial setup?

It's straightforward. It takes a few days to find anomalies and abnormal behavior. In general, it's of medium level complexity. 

What's my experience with pricing, setup cost, and licensing?

Licensing is on a yearly basis. It's not expensive compared to its competitors. 

Which other solutions did I evaluate?

We also evaluated CrowdStrike. 

What other advice do I have?

I would rate it a seven out of ten. 

I would recommend this solution so long that LogRhythm does something about the memory and resource consumption. It has a lot of features. It has file integration monitoring but when it's applied it consumes too many resources. It's a big problem with the agents. 

They should improve the interface to make it a better rating. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
User Behavior Analytics - UEBA
December 2022
Find out what your peers are saying about LogRhythm, Splunk, Securonix Solutions and others in User Behavior Analytics - UEBA. Updated: December 2022.
657,397 professionals have used our research since 2012.
Senior Solutions Specialist (Network & Security) at a comms service provider with 1,001-5,000 employees
Real User
Top 5
A solution with a good interface and great reporting features but in need of better technical support

What is most valuable?

The solution's most valuable features are the graphical user interface and the reporting.

What needs improvement?

The search feature needs to be improved. 

The solution needs better filtering in the next versions.

For how long have I used the solution?

I've been using the solution for more than three years.

What do I think about the stability of the solution?

The stability isn't very good, but it's okay.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

Technical support is okay. It's not great. The problem is being able to reach the right people at the right time. This is what needs to be improved.

How was the initial setup?

The initial setup is very complex.

What's my experience with pricing, setup cost, and licensing?

The solution is very expensive. There are also costs beyond the standard licensing fee.

What other advice do I have?

We use the private cloud deployment model.

I would rate the solution six out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Rob Haller - PeerSpot reviewer
Security Engineer at US Acute Care Solutions
Real User
It watches everything to tell you what you don't know, and gives you a second opinion

What is most valuable?

Like they say, you don't know what you don't know. So, with CloudAI, it's just watching everything to see what you don't know, and it gives you a second opinion.

An ever-changing landscape, in medical, we deal with a lot of doctors in all sorts of places. So, they're always changing, moving, and using Macs. So, it makes it interesting. I definitely think that it's good at finding things automatically, versus trying to define it.

How has it helped my organization?

Not yet, but it's still working on it, it's still maturing. Right now, we were having some issues with some things, but as it continues, it will definitely.

What needs improvement?

Better dashboarding. At the moment, the dashboard only has an hour. It will give you one period of time, versus being an active dashboard like the rest of the dashboards. It doesn't give you an active tally of what's going on. It just gives you a snapshot.

Also, better automation and response.

What do I think about the scalability of the solution?

So far, so good. We haven't needed to scale yet.

How are customer service and technical support?

We've been working with their Beta team, not really technical support. I would say their Beta team is good, a seven on a scale of one to 10.

Which solution did I use previously and why did I switch?

No. We've been using the AI rules within LogRhythm for UABE. This is just on top of it.

Users are always the hard part. They're the biggest vulnerability in any environment. For us, we needed to go through and find something that would help us keep better track. And this does that.

How was the initial setup?

Straightforward. We had to do a couple of changes in a couple of places that were very specific, but the applications were already precompiled and we just had to run it in the various locations. So it was pretty straightforward.

Which other solutions did I evaluate?

We looked into LightCyber, which is a Palo Alto product. At the moment, LightCyber requires an on-premises box, and we didn't want to go with that.

What other advice do I have?

We're at about 2000 logs per second. We have about 42 locations and around 4000 users.

In terms of important criteria when selecting a vendor, whichever one works the best, whether it be the newest or whatever. Whichever one has the best feature set would probably be the winner.

If I were advising someone looking at this solution or something similar, I would say there are a lot of log collectors out there, but LogRhythm's the only one that incorporates intelligence into the solution, versus just being something that collects.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free User Behavior Analytics - UEBA Report and find out what your peers are saying about LogRhythm, Splunk, Securonix Solutions, and more!
Updated: December 2022
Buyer's Guide
Download our free User Behavior Analytics - UEBA Report and find out what your peers are saying about LogRhythm, Splunk, Securonix Solutions, and more!