2020-12-01T13:08:03Z

What advice do you have for others considering LogRhythm SIEM?

Miriam Tover - PeerSpot reviewer
  • 0
  • 9
PeerSpot user
35

35 Answers

SR
Real User
Top 20
2024-02-13T07:56:06Z
Feb 13, 2024

LogRhythm SIEM is a good product for a small SOC. Overall, I rate the solution an eight out of ten.

Search for a product comparison
LV
MSP
Top 5
2023-11-22T11:19:08Z
Nov 22, 2023

People who want to use the solution must not do any big searches. Overall, I rate the product a six out of ten.

MR
Real User
Top 5
2023-11-15T10:16:23Z
Nov 15, 2023

I rate LogRhythm SIEM an eight out of ten. In comparison, IBM has more features that are essential at the moment. However, it costs three times more than LogRhythm SIEM.

YI
Reseller
Top 20
2023-07-31T13:04:49Z
Jul 31, 2023

To those planning to use the solution, I suggest they get trained before starting the use and deployment of the solution. I rate the overall solution a nine out of ten.

NC
Reseller
Top 5
2023-04-20T11:28:45Z
Apr 20, 2023

I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting.

Muhammad Ahtsham - PeerSpot reviewer
Real User
Top 20
2023-03-30T09:12:11Z
Mar 30, 2023

I give the solution an eight out of ten. The solution is for medium and large organizations.

Learn what your peers think about LogRhythm SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Rahul Kate - PeerSpot reviewer
Real User
Top 5
2023-03-09T12:43:15Z
Mar 9, 2023

I give the solution an eight out of ten. The solution can meet the most mature customer's requirements.

MohamedKarram - PeerSpot reviewer
Real User
Top 10
2023-01-26T16:25:24Z
Jan 26, 2023

I rate LogRhythm SIEM 7.5 out of 10.

KM
Real User
Top 10
2022-10-18T09:17:00Z
Oct 18, 2022

The nice thing about LogRhythm is that they continue to innovate and come up with new capabilities like their NDR solution that we recently invested in. They continue to stay relevant. I would rate LogRhythm a nine out of ten. The on-prem version of the solution is fantastic and is the core of my SOC. It's our daily tool for all of our investigations.

Joseph W. - PeerSpot reviewer
Real User
Top 10
2022-10-18T09:15:00Z
Oct 18, 2022

If you are one who thinks that SIEM is an outdated security tool, I would be very curious to know what other solution would be better than a SIEM to accomplish the same goals. A SIEM tool gives you such an open perspective into what is going on in your network and gives you the ability to dig in if you really need to. Whereas if you have a completely managed solution or one that uses AI and does everything for you but doesn't provide you the logs, you might know what's wrong but won't know what else is going on out there. With a SIEM tool, you can dig in as far as you want to, and specifically with LogRhythm, you can be as hands-free as you want to be. It'll tell you what's wrong, and you can address those problems. You have a lot more flexibility with LogRhythm SIEM. Overall, I'd rate LogRhythm SIEM a nine out of ten. I really enjoyed the solution. If you have to program anything yourself, there is a little bit of a learning curve. They've got lots of guides that you can use, and depending on your skill set, you may be able to figure it out sooner rather than later. The resources are all there, and the community is there to help you, which makes the product really great and easy to use.

TG
Real User
Top 10
2022-10-16T09:11:00Z
Oct 16, 2022

You would be wrong to think that LogRhythm SIEM is an outdated solution. I use it every day, and it has helped me fix or see vulnerabilities or compromises in our network that I wouldn't have seen before. It's still definitely around. On a scale from one to ten, I'd rate LogRhythm SIEM an eight.

RC
Real User
Top 10
2022-10-16T09:09:00Z
Oct 16, 2022

I'm a senior security analyst. I work at a government organization that employs between 500 and 1000 people. We are on-prem with high availability, so we have two self-contained systems, sequel logs, and everything, and they can run either box. In terms of helping us manage workflows and cybersecurity exposure, we haven't leveraged smart responses in the SIEM. It looks like a powerful asset. We have some automated responses with a different tool for ransomware detection and prevention. However, the workflow ability in the SIEM is actually quite powerful. We just haven't leveraged it since we haven't felt that the right use case presented itself to us yet. When it comes to affecting our rate of efficiency, we don't measure those metrics, so it's kind of hard to say there's a measurable amount or how much it's improved. It has given us a threat-hunting tool previously unavailable to us. We are very happy to have the SIEM be our primary threat-hunting tool. Those who say SIEM is an outdated security solution should note that SIEM technology has been around for a very long time. It's still relevant thanks to the continual development that companies have done to bring more usability to extracting threats from logs. That's timeless. That's not something that's going to go away over time. The LogRhythm SIEM continues to add features, and improvements and makes finding and presenting data from raw logs easier. Digging through logs before we had a SIEM was tedious and very time-consuming. It's made it a big-time saver. To have the way it presents the logs in a usable manner has been a tremendous help for us. I'd rate it a solid nine out of ten.

DH
Real User
2022-10-11T08:50:00Z
Oct 11, 2022

I'd rate the solution ten out of ten. Those that say SIEM is an outdated security system, don't understand cyber security. SIEM is what allows analysts like myself to be successful. Without a SIEM, how can we see everything? We can't.

AS
Real User
Top 10
2022-10-11T08:43:00Z
Oct 11, 2022

I would rate LogRhythm an eight out of ten.

Mohammed Jamous - PeerSpot reviewer
Real User
Top 10
2022-10-03T12:30:00Z
Oct 3, 2022

I rate LogRythm Siem at 10 out of 10.

PC
Real User
Top 5
2022-09-28T10:06:21Z
Sep 28, 2022

When choosing a solution, it is important to determine what you want to achieve instead of how the solution works. Most solutions have a method for collecting logs, relaying information, and identifying issues so selection is more about the speed and accuracy of end results. I rate the solution an eight out of ten.

AA
Real User
Top 20
2022-09-27T11:13:51Z
Sep 27, 2022

I work in the enterprise security department or the SOC, and I just have to deal with the logs. The tool being used within the organization for log management is LogRhythm NextGen SIEM, particularly the N-1 version. My organization uses the on-premise version of the tool, and it's been applied to the data center. I belong to a very small organization with a data center that has sixty people using LogRhythm NextGen SIEM. In terms of maintenance, the tool isn't difficult to maintain. The only advice I have for anyone who'd like to start using LogRhythm NextGen SIEM is that it's a very good tool, with good features and functions. My rating for LogRhythm NextGen SIEM is seven out of ten. I didn't give it a ten because it's Windows-based, plus I also don't like its UI that much. LogRhythm NextGen SIEM is also not as good as IBM QRadar.

Lahiru Prabath - PeerSpot reviewer
Real User
Top 10
2022-09-21T10:06:11Z
Sep 21, 2022

When you implement, you need to know LogRhythm's architecture because it is quite difficult and different from that of other SIEM solutions. So, you need to know the architecture, how the processes work, and how the logs are processed. Overall, I would rate LogRhythm at eight on a scale from one to ten.

RJ
Consultant
Top 10
2022-08-08T19:32:53Z
Aug 8, 2022

I would recommend NextGen SIEM to those considering implementing it and would rate it eight out of ten.

RO
Reseller
Top 5
2022-07-24T07:16:36Z
Jul 24, 2022

Don't do it without managed services, but I would say that for any SIEM. In SIEM technology, the setup and maintenance side is different from the monitoring and alerting side. I recommend all of our customers to always go with a managed service provider to take care of the monitoring and alerting side, or at the very least, to fill in for off hours because you only have so many people on your staff. Small and medium-sized customers are our bread and butter, and most of our customers don't have the staffing for this. If you don't have the expertise to set it up, manage it, or the time to learn it, a managed service can help you get it set up. For most SIEMs, LogRhythm included, for the first six months, you probably need one to one half of an FTE for doing the setup, getting it operationalized, and doing all the tuning. You're going to need one-quarter of an FTE for ongoing operations, maintenance, and support. That doesn't include monitoring of alerts and the response to the alerts. If you've got it well tuned, you don't need a lot of staff to do the monitoring and the alerting during the regular daytime hours. That's where having a managed service provider during off hours and weekends is handy. It is beneficial to have a managed service to do the operational work for maintenance. It is good, but there is room for improvement. There are plenty of solutions on the market that do a lot of what it does. It is not a huge product differentiator or market differentiator. I would rate it an eight out of ten.

MR
Real User
2022-07-19T18:22:54Z
Jul 19, 2022

I would recommend NextGen SIEM to other users as it is a leading solution with new features at a better price than competitors like Splunk and QRadar.

MR
Real User
Top 5
2022-07-19T10:48:04Z
Jul 19, 2022

I rate LogRhythm NextGen SIEM a nine out of ten.

JM
Real User
Top 20
2022-06-15T13:37:29Z
Jun 15, 2022

We are an integrator and service provider. We are not currently using the latest update. I'm not sure if I would recommend the solution to others as they still need to improve a few things. For example, support, at least on the local level, is lacking. I'd rate the solution five out of ten.

AG
Real User
Top 10
2022-05-19T11:00:56Z
May 19, 2022

I would rate this solution 8 out of 10. My advice is that if the requirement is to have someone on-prem, for example, someone that is working in a financial entity, it is a requirement to have all the information in their own data centers and using specific connections. If you have that case, you can use it. It is convenient. And you can use it if you have a case where the evolution of the environment is not going to change for the next three years. Otherwise, if you have a lot of changes during the time that you are going to be using this solution, you need to include different components that will probably be complicated to architect.

AW
Consultant
Top 10
2022-04-27T10:55:38Z
Apr 27, 2022

I rate LogRhythm NextGen SIEM nine out of 10. People should consider LogRhythm. Take a close look and try it. It's one of the best SIEM solutions in the world.

KB
Real User
2022-02-15T15:09:30Z
Feb 15, 2022

I would rate this solution 7 out of 10. When you integrate a log source by default, you have to know what the customer needs or the process that is wanted, because we did the reconfiguration multiple times for log sources. So, they have to also follow the MITRE ATT&CK Framework, because by default LogRhythm collects the common logs, so you have to enable this. To estimate it in the licensing sizing exercise, it must be done correctly. Sometimes I see customers sizing away from the current situation. Customers sometimes buy a license that is not enough for their implementation, because they didn't expect what they would be adding in the future during the implementation. Sometimes the implementation takes one year, and the customer adds more devices, so it exceeds their license. I think it's the presales' job to do the sizing correctly. And the customer must be aware of how or what to implement during, so that implementation doesn't take long. It took some customers two years to implement a SIEM solution. I don't remember the solution, but it was a waste of two years' time.

Haitham AL-Sarmi - PeerSpot reviewer
Real User
2022-02-06T07:20:05Z
Feb 6, 2022

My advice to others is for the initial deployment it should be done by certified engineers or the authorized vendor. I rate LogRhythm NextGen SIEM a nine out of ten.

YI
Real User
2021-12-27T19:55:08Z
Dec 27, 2021

I rate LogRhythm eight out of 10. With any solution, you need to deploy the use cases correctly, so the customer should understand the use cases for a SIEM. An SIEM solution only collects and centralizes logs instead of detecting unknown malware. There are no use cases that are customized to fit the customers' context.

SB
Real User
2021-12-13T21:14:00Z
Dec 13, 2021

I of course would recommend LogRhythm NextGen SIEM to others. On a scale of one to ten, I would give LogRhythm NextGen SIEM definitely a nine.

GN
Real User
2021-11-02T20:01:00Z
Nov 2, 2021

My advice is to take a look at the account directly with the account manager of LogRhythm and find a value-added distributor to support you with the sizing, consulting, use case discovery, and building up the operation maturity roadmap, in order to be truly aligned with the LogRhythm deployment in the long term. I would rate LogRhythm NextGen SIEM a nine out of ten.

SR
Reseller
2021-10-08T13:41:36Z
Oct 8, 2021

We are a distributor and we have around 15 to 20 partners who are working with LogRhythm in this region. We work for the end-user and we implement it and handle presentations for the customer. We are working with the latest version of the solution. I can't speak to the exact version number, however. I'd rate the solution at a ten out of ten. It's a very good product overall. Clients have been very happy with it. In terms of the feedback we've received from the end-user and our own experience with the deployment process and manageability, everything is great.

KA
Real User
2021-03-13T09:32:28Z
Mar 13, 2021

We are using the solution for our own infrastructure and we are also offering it as a service. We are the largest service provider, cloud service provider, in Pakistan. However, we use a variety of deployment models - including cloud and hybrid. We have an ISO position for government-certified infrastructure. We have a PCI-certified infrastructure as well as a GDPI compliant infrastructure. We work closely with this product in particular. We have a lot of hands-on experience. I'd rate the solution eight out of ten. If it weren't for some parsing limitations in the product, I would rate it even higher.

SS
Real User
2020-12-31T17:15:06Z
Dec 31, 2020

I would definitely recommend this solution for compliance requirements, such as PCI DSS compliance. It does cost a great amount, but its pricing is competitive with some of the other vendors. If it is a necessity to have a SIEM solution, I would definitely recommend LogRhythm. I would rate LogRhythm NextGen SIEM a nine out of ten. It has been really good. So far, my experience has been seamless. They should keep doing what they're doing.

MC
Real User
2020-12-03T23:38:34Z
Dec 3, 2020

I would definitely advise giving it a look. If you're able to deal with it in your environment and just give it a chance, it'll grow on you. It is not Splunk, but it's getting there. They're gaining visibility with other vendors. The integration with third parties is starting to light up a little bit for them, unlike IBM QRadar that has already created that bond with third parties to bring in their services into the product. LogRhythm is definitely getting there, and it is a quick way to leverage in-house talent. So, if you want to do automation and you have someone who is good at Python scripting or PowerShell, you can easily build something in-house to automate some of those use cases that you may want to do. I would rate LogRhythm NextGen SIEM an eight out of ten.

SB
Real User
2020-12-01T13:08:03Z
Dec 1, 2020

Overall, on a scale from one to ten, I would give LogRhythm NextGen SIEM a rating of eight. I would definitely recommend this solution; my only concern is with the price — it should be lower.

LogRhythm SIEM Platform is an award-winning platform in security analytics. With more than 4,000 customers globally, LogRhythm SIEM is an integrated platform that helps security operations teams protect critical infrastructure and information from emerging cyberthreats. Ultimately, LogRhythm SIEM is an integrated set of modules that contribute to the security team’s fundamental mission: rapid threat monitoring, threat detection, threat investigation, and threat neutralization. LogRhythm SIEM...
Download LogRhythm SIEM ReportRead more

Related Q&As

Related articles