Loading product reviews...

security-information-event-management logrhythm All Markets > Security Information and Event Management

LogRhythm

4.1 out of 5.0 (30 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on LogRhythm but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 5 out of 5.0, Reviewed

    Product(s): LogRhythm

    Product has a great dashboard and a great support team

    Overall Comment

    LogRhythm has been quick to respond to queries and very helpful when we've run into roadblocks.

    What one piece of advice would you give other prospective customers?

    License the product to the number of messages per second (MPS) you think you will need, but be ready to increase the MPS license as the number of logs coming in can be larger than expected.

    What do you like most about the product or service?

    The dashboard and support are excellent.


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    Don't expect overnight implementation. It is a living application requiring care/feeding

    Overall Comment

    PreSales support was great. Post sales support was lacking. MSSP and vendor spent more time finger pointing and took too long to resolve issues. There were some misses on the licensing but can be attributed to us just as much as LogRhythm.

    What one piece of advice would you give other prospective customers?

    This is a great SIEM but as with anything, requires a lot of care and feeding to get the results you need. Lean on the vendor for support and they will help.

    What do you like most about the product or service?

    User interface.

    What do you dislike most about the product?

    Modification of rules/thresholds can be cumbersome. Still easier than other SIEMs but not an easy task.

    What one thing do you wish the vendor did differently?

    I wish they had sold us what we needed, not what we budgeted. We should have increased our spend to get the capabilities we needed for our organization.

    If you could start over, what would your organization do differently?

    Chose a better MSSP for the implementation and 24x7 monitoring.

    Integration & Deployment - Overall comment

    Mostly due to MSSP, not LogRhythm.


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    Functionality good, but licensing is problematic

    Overall Comment

    The functionality is valuable, but the licensing model doesn't meet our needs.

    What one piece of advice would you give other prospective customers?

    You need to have a good understanding of the EPS before selecting a product.

    What do you like most about the product or service?

    The functionality

    What do you dislike most about the product?

    Licensing

    What one thing do you wish the vendor did differently?

    Redo their licensing model.

    If you could start over, what would your organization do differently?

    We may build an internal SIEM solution with open source tools


  • 5 out of 5.0, Reviewed

    Product(s): LogRhythm

    Great tool right out of box. Find even more use cases as I learn more about it

    Overall Comment

    It's a great SIEM product right out of box and replaced our previous SIEM tool. From the beginning we just bring in log sources, go through the core module and turn on each AI engine rule to start. As we go through training and gain more experience with the product, we find even more use case and more value to the product.

    What one piece of advice would you give other prospective customers?

    Understand your environment and log sources. You might have more hidden log sources that can be utilized by the tool that you don't know.

    What do you like most about the product or service?

    The AIE provide correlation that help identify anomaly automatically so we can be notified through alarm or email alert.

    What do you dislike most about the product?

    None so far.

    What one thing do you wish the vendor did differently?

    N/A

    If you could start over, what would your organization do differently?

    Identify all the log sources and discuss the deployment scenario with professional service at the beginning to get a full picture.

    Product capabilities - overall comment

    The product has all the capabilities we are looking for. There are several other features that we have not implemented yet/looking into implementing, such as threat intelligence feed, honeypot, File Integrity Monitoring...etc.

    Service & support - overall comment

    Support was very responsive.


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    Great tool but needs eyes on it.

    Overall Comment

    LogRhythm can do a lot. But, it takes a lot to configure it properly. If you have other responsibilities and no one dedicated to the security role, you may find yourself getting it set up just enough to give you some alerts and then leaving it alone. This can cause problems for two reasons. One, when you do get back to it you find it hard to remember what to do. Two, I have logged into the appliance after a long period of not managing it and noticed the system monitors down. This ended up being due to Windows Updates that had happened on these devices a month before. Overall, it's a great product but it does take the time to manage. It is not a drop in and forget it device. Yes, you can do that and yes it will work, but that is nowhere near ideal.

    Service & support - overall comment

    Support is usually very quick to respond and they have always been able to find an answer quickly.

    2 of 2 peer(s) found this review helpful.


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    You really need professional services to implement correctly, but well worth it.

    Overall Comment

    We transitioned from the other big-name SIEM to LogRhythm, and have been pleased with the product.

    What do you like most about the product or service?

    Much easier to use out-of-the-box than Splunk, although there is a learning curve and takes some time getting used to.

    What do you dislike most about the product?

    Could be a little more intuitive on setting up alerts.

    Service & support - overall comment

    Support is helpful land timely. Only glitch would be that it took a week to get support portal access.

    Integration & Deployment - Overall comment

    Professional services team were fantastic. Very helpful in transitioning from one SIEM to another, on the SAME infrastructure hardware (physical box)


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    Implementation is easy, but take extra time understanding your log sources.

    Overall Comment

    The non-HA solution is very simple to implement and deploy. HA brought about some degree of complexity in terms of installation and configuration. The benefits of HA, however, are noteworthy particularly when updates/patches need to be installed and log collection cannot be interrupted. The recent addition of ElasticSearch for search and analysis is phenomenal.

    What do you like most about the product or service?

    We had a central Syslog collector that was hard to use, and by replacing it with LogRhythm, security incident investigations became a lot easier.

    Product capabilities - overall comment

    HA is of great benefit and would provide the optimum benefit when it becomes automated in terms of switch over.

    Service & support - overall comment

    The support team has been very responsive to our cases and provided acceptable solutions.

    Integration & Deployment - Overall comment

    Syslog collection is the easiest to set up. Windows logs require an agent that is easy to install.


  • 5 out of 5.0, Reviewed

    Product(s): LogRhythm

    Customer driven to deliver a solution that fulfilled our requirements.

    Overall Comment

    Excellent experience.

    What do you like most about the product or service?

    Willingness to work with their customers to deliver what they need.


  • 5 out of 5.0, Reviewed

    Product(s): LogRhythm

    An unbeatable solution that beats all others in technology, customer service, and cost.

    Overall Comment

    Over the years LogRhythm has been extremely helpful and attentive. We have utilized this product since 2009, and while it was a better product at the time than the rest, it has only improved with age, and at the same time as the company has grown so large, they have managed to keep the loyalty to its customers by acknowledging the importance of customer service. Every upgrade has been well documented, easily performed, and team members have been in constant contact making sure we were satisfied. All tickets are addressed in a timely manner, with great knowledge. LogRhythm is an unbeatable solution whose capability keeps growing and improving while offering customer service and technical solutions of equal caliber.

    What do you like most about the product or service?

    The product is highly scalable and allows us to collect millions of logs each day, only to be limited by our personal resources (RAM/Storage).

    What do you dislike most about the product?

    Nothing.

    Product capabilities - overall comment

    We can't even keep up with the capabilities, but upon release, capabilities fuction as advertised or are annotated and disclosed.


  • 4 out of 5.0, Reviewed

    Product(s): LogRhythm

    Great out of the box capabilities, Powerful features to customize for your company.

    Overall Comment

    Great organization to work with. It grows with my company and leverages peer groups to look at business functions.

    What one piece of advice would you give other prospective customers?

    Use a LogRyhtm TAM and configure the system to what your initial needs are. Then speak to your peers.

    What do you like most about the product or service?

    The hunting capabilities. It will go through 1.7 million logs and show me the few anomalies to focus on.

    What do you dislike most about the product?

    Support is great and the company is led by innovators.

    What one thing do you wish the vendor did differently?

    I invested in a SOC, Not sure I see the value.

    If you could start over, what would your organization do differently?

    You need to completely bring in all log sources the more sources the greater value.

    Service & support - overall comment

    great support.


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(28)
4.4

Ability to understand your organization's needs

(24)
3.8

Timely and complete response to product questions

(25)
4.2

Pricing and contract flexibility (pricing and terms)

(25)
4.2
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(30)
4.2

How long did your deployment take?

0 - 3 months (<3)

6 - 9 months (<9)

3 - 6 months (<6)

9 - 12 months (<12)

12 months or more


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(17)
4.1

Ease of integration using standard APIs and tools

(20)
4.0

Quality and availability of end-user training

(23)
3.8

Ease of deployment

(25)
4.0
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(27)
4.3

Did you purchase a support package from the vendor?

Yes

No


Timeliness of vendor's response

(22)
4.5

Quality of technical support

(23)
4.2

Quality of peer user community

(21)
3.9
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(30)
4.3

Real-Time Monitoring

(25)
4.4

Threat Intelligence

(21)
4.0

Behavior Profiling

(19)
3.9

Data and User Monitoring

(21)
3.7

Application Monitoring

(21)
3.9

Analytics

(24)
4.1

Log Management and Reporting

(24)
4.6

Deployment/Support Simplicity

(25)
4.2
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Vendor/Product Selection

Executive Sponsor

Functional Assessment

Rollout and Install

Technical Assessment

Vendor Management

Application Lead

Maintenance and Support

Development/Integration

User Training

Other...


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Enable/improve log collection, reporting and retention capabilities

Meet regulatory or commercial compliance requirements

Enable/improve security incident workflow and reporting

Enable/improve behavioral analysis of users and other entities

Enable/improve tracking access to and activities related to databases, applications

Enable/improve security incident workflow and reporting

Meet customer or business partner expectations about your security monitoring program

Reduce costs for threat management operations

Reduce costs for meeting compliance mandates


What other vendors were considered?

Splunk

IBM

Intel Security (McAfee)

RSA, The Security Division of EMC

SolarWinds

Hewlett Packard Enterprise

AlienVault

LogRhythm

NetIQ

EventTracker

ManageEngine

SecureWorks

SecureWorks (Dell)

Symantec

AccelOps

CheckPoint Software Technologies

Cisco

Dell (RSA)

Elasticsearch

Graylog

Security Onion

Other...


What were the key factors that drove your decision for selecting the vendor?

Product functionality and performance

Overall cost

Strong technical/product support

Product roadmap and future vision

Strong customer focus

Strong consulting partnership

Availability of managed services

Financial/organizational viability

Pre-existing relationships

Other...


In which region(s) did your deployment take place?

North America

Europe, Middle East and Africa

North Amerca

Asia/Pacific