Coming October 25: PeerSpot Awards will be announced! Learn more
2018-10-28T08:38:00Z
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
  • 0
  • 19

What do you like most about LogRhythm NextGen SIEM?

Hi Everyone,

What do you like most about LogRhythm NextGen SIEM?

Thanks for sharing your thoughts with the community!

37
PeerSpot user
37 Answers
RJ
Consultant at a tech services company with 11-50 employees
Consultant
2022-08-08T19:32:53Z
08 August 22

NextGen SIEM's most valuable feature is its user-friendliness.

RO
FSE at a computer software company with 1,001-5,000 employees
Reseller
Top 10
2022-07-24T07:16:36Z
24 July 22

As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed.

AG
Cybersecurity Solutions Architect at Unisys
Real User
Top 20
2022-05-19T11:00:56Z
19 May 22

SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem.

AW
Principal Consultant at ITSEC Asia
Consultant
2022-04-27T10:55:38Z
27 April 22

LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions.

Haitham AL-Sarmi - PeerSpot reviewer
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
Top 5
2022-02-06T07:20:05Z
06 February 22

LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it.

YI
security solutions integrator at a consultancy with 1-10 employees
Real User
2021-12-27T19:55:08Z
27 December 21

LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases.

Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,952 professionals have used our research since 2012.
SB
Technology Solutions Head at MANTRA TECHNOLOGIES LTD
Real User
Top 20
2021-12-13T21:14:00Z
13 December 21

The user interface is good.

PeerSpot user
Head Of Technical Services at a tech services company with 51-200 employees
Real User
Top 10
2021-11-02T20:01:00Z
02 November 21

I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages.

Sadat Mohammad  Rifat - PeerSpot reviewer
Senior System Engineer at a tech services company with 11-50 employees
Reseller
Top 20
2021-10-08T13:41:36Z
08 October 21

The product is great for medium to large-scale organizations.

SS
Systems Administrators at a tech services company with 201-500 employees
Real User
Top 5
2020-12-31T17:15:06Z
31 December 20

File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting.

MC
Information Security Officer, Network Analyst at a university with 1,001-5,000 employees
Real User
Top 20
2020-12-03T23:38:34Z
03 December 20

Automations are very valuable. It provides the ability to automate some of our small use cases.

The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools.

Shreenkhala Bhattarai - PeerSpot reviewer
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
2020-12-01T13:08:03Z
01 December 20

In terms of security, LogRhythm NextGen SIEM is great.

Chamini Ellawala - PeerSpot reviewer
Associate Senior Engineer - Network & Security at Connex Information Technologies (Pvt) Ltd.
Reseller
Top 20
2020-10-30T17:04:00Z
30 October 20

The most valuable feature is that we can alternate incident automations.

Shreenkhala Bhattarai - PeerSpot reviewer
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
2020-10-29T11:41:42Z
29 October 20

The initial setup is pretty easy.

Jason Gagnon - PeerSpot reviewer
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
Real User
Top 10
2020-10-05T14:30:00Z
05 October 20

I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios.

KM
Sr IT Security Engineer at Puget Sound Energy
Real User
2019-05-31T15:24:00Z
31 May 19

We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior.

Avraham Sonenthal - PeerSpot reviewer
Senior Network Engineer at a government with 5,001-10,000 employees
Real User
Top 5Leaderboard
2019-05-09T13:12:00Z
09 May 19

The feature that makes it usable is the web interface.

JD
Vice President at a financial services firm with 201-500 employees
Real User
2019-03-24T08:52:00Z
24 March 19

The ability to investigate a particular period of time where you can analyze logs is its most valuable feature.

MN
Information Security Analyst at Endicott College
Real User
2018-10-28T08:38:00Z
28 October 18

When it comes to dealing with support, all my interactions have been great. Everyone has known what they're doing and have been quick to respond. They seem to always know the answer. I haven't stumped anybody yet.

HM
IT Security Architect at a construction company with 10,001+ employees
Real User
2018-10-28T08:38:00Z
28 October 18

It has centralized monitoring for our security operations. Therefore, it improves our analysts' work.

AB
Senior Security Analyst at a consultancy with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner.

MS
Senior Network Engineer with 201-500 employees
Real User
2018-10-28T08:38:00Z
28 October 18

It allows us to automate a lot of things with a smaller team.

JM
Principal Security Analyst at a healthcare company with 501-1,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products.

SK
Security Engineer Analyst Admin at a aerospace/defense firm with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing.

AB
Manager of Information Security at a real estate/law firm with 51-200 employees
Real User
2018-10-28T08:38:00Z
28 October 18

The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market.

KW
Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

The Web Console is my favorite. It enables me, at a glance, to see the health of the environments.

CO
Senior Architect at a energy/utilities company with 201-500 employees
Real User
2018-10-28T08:38:00Z
28 October 18

We have NetFlow information going into it, so we can examine a lot of traffic patterns and anomalies, especially if something stands out and is not the baseline. This helps a lot.

MB
IT Specialist at a healthcare company with 51-200 employees
Real User
2018-10-28T08:38:00Z
28 October 18

It seems like it will scale easily with the way our environment is set up.

Kurt Schroeder - PeerSpot reviewer
Senior Security Engineer at a manufacturing company with 5,001-10,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system.

Briane Harris - PeerSpot reviewer
SOC Analyst at a financial services firm with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice.

AW
Enterprise Information Technology Security Engineer at a government with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

The most valuable features would be the automation, reporting, and the support.

JH
Security Engineer at Managed Technology Services LLC
Real User
2018-10-28T08:38:00Z
28 October 18

We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program.

Gordon Wallum - PeerSpot reviewer
IT Security Administrator at a energy/utilities company with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

We integrated Azure logs with it and that makes it simpler. Rather than having to log into the portal, we can just check everything in one place. We can compare those to our Windows and host logs to see if any problems correlate between them.

Alex Wood - PeerSpot reviewer
Systems CSO at a manufacturing company with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

The alarm functions have helped us cut down on the manual work. They bubble things up to us instead of our having to go look for stuff. Also, from an operational perspective, day to day, the Case Management functions are really useful for us. They allow us to track what we see in the incidents that we have.

Rob Haller - PeerSpot reviewer
Security Engineer at US Acute Care Solutions
Real User
2018-10-28T08:38:00Z
28 October 18

Its benefits are broad. The solution isn't necessarily made to do any one thing, but it can do anything you tell it to. It is able to tackle any different type or size of job.

it_user545001 - PeerSpot reviewer
Security Operations Center Manager at a financial services firm with 1,001-5,000 employees
Real User
2018-10-28T08:38:00Z
28 October 18

Its ability to work with all different sorts of log sources has been extremely valuable.

Wadson Fleurigene - PeerSpot reviewer
Information Security Engineer at Seminole Tribe of Florida
Real User
2018-10-28T08:38:00Z
28 October 18

It has allowed us to dive deeper into our network and figure out what is going on by parsing logs properly and being able to reduce the time it takes to work cases down from seven days to approximately two days.

Related Questions
Monsur Ahmed - PeerSpot reviewer
Software Management at Midland Bank
Apr 27, 2020
I work as an information technology security specialist for a mid-sized bank. I am currently researching SIEM solutions. Does LogRhythm NextGen SIEM offer good security? Would you recommend it? Thanks! I appreciate your help. 
2 out of 3 answers
SA
AVP at Cyber Internet Services (Pvt) Ltd.
27 April 20
LogRhythm offers in depth visibility and an integrated platform that allows us to bring context into events efficiently. Definitely recommended!
Nizar Hedhili - PeerSpot reviewer
General Manager at Global Solutions Services
27 April 20
yes logarythm offers good security , If you look to a full feature solution with suitable price you have to look for ibm qradar or splunk , personnaly I can explain to you the features of qradar and how to atke full benefit from it
Nurit Sherman - PeerSpot reviewer
Content Operations Manager at PeerSpot (formerly IT Central Station)
Sep 23, 2021
Hi community members, We know it's important to conduct a trial and/or proof of concept as part of the buying process.  Do you have any advice for our community about the best way to conduct a trial or PoC? How do you conduct a trial effectively?  Are there any mistakes to avoid?
2 out of 10 answers
it_user791052 - PeerSpot reviewer
Managing Director with 11-50 employees
13 August 18
Stick with the tried and true SIEM/Log Management Vendor that offers a free, online download and trial, easy to install and operate piece of software with proper documentation. A good example of that can be found here: https://www.snaresolutions.com/try-snare-free-for-45-days/
Kent Gladstone-USA - PeerSpot reviewer
Principal Solutions Architect at SAIC
13 August 18
Mark is correct but there are things to look for. Do you have a set of requirements? Not all log managers collect the information, not all log managers are easy to navigate, and not all log managers provide the reports your are looking for. Check to see how much data it collects so you can plan storage. Does the log manager compress the data or does it dependent on a third party tool? Do you know what you are collecting, and why? Are the logs used for security, sox audits or something else? My advise, before testing, is to gather and review you're requirements and test against that. There are lots of free trials. In fact if there isn't one on the web, contact the vendor and they'll give you something to try out for 30 days.
Download Free Report
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
DOWNLOAD NOW
633,952 professionals have used our research since 2012.