Alert Logic Log Correlation and Analysis

1 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

SolarWinds Log & Event Manager

36 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.7 out of 101

Add comparison

Likelihood to Recommend

Alert Logic Log Correlation and Analysis

Alert Logic is ideally placed to support and protect cloud infrastructure and services such as AWS hosted services. It is less appropriate for platform as a service as this would be addressed by the provider in question. It would also be ideally suited to on-premise and hybrid cloud scenarios to protect services from attacks and breaches.
No photo available

SolarWinds Log & Event Manager

SolarWinds Log & Event Manager (LEM) is a SIEM that is very well suited for environments where you have a small team managing your technology and need a powerful tool that is easy to set up and requires little maintenance and care to continue doing it's job. In the time that we have had LEM deployed, it has been very solid and has required very little intervention to resolve issues. It comes pre-packaged with some great correlations to get up and running right out of the box as soon as log sources are pointed at it. If you need a SIEM and either don't have the expertise in house, or don't want to spend the resources for professional services, this may be a good fit. There are only a handful of situations where we have run into LEM's limitations when trying to setup functionality or correlations. Otherwise, it is an excellent SIEM that offers some great features.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
6.7
Centralized event and log data collection
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
8.7
Correlation
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
8.0
Event and log normalization
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
7.7
Deployment flexibility
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
5.2
Integration with Identity and Access Management Tools
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
5.3
Custom dashboards and views
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
4.7
Host and network-based intrusion detection
Alert Logic Log Correlation and Analysis
SolarWinds Log & Event Manager
7.0

Pros

  • Alert Logic provides very technical solutions to address security risks. However much of the benefit is from a human level understanding of the threats seen.
  • As a company, they are profiling thousands of companies and are better able to predict threats such as denial of service attacks and warn organisations ahead of time.
No photo available
  • Incredibly easy to set up. It was deployed and had log sources pointed to it and performing basic correlations within a day.
  • Auto-response. The automated responses that are available after deploying the agent give you incredible control to respond to events on your network.
  • User-friendly interface. Some SIEMs can be daunting to learn how to use and get acclimated to, but LEM has an intuitive layout and is very easy to pick up and use.
No photo available

Cons

  • Overall the product and service works well and addresses all our key requirements so we have no real negatives to share.
No photo available
  • In order to navigate the console smoothly and set alerting in place, you need to go through their training.
  • All your configuration is done by hand. There are no built in analytics or alerting to help you.
  • I've found the reporting, real time and otherwise, to be slow and unruly. There are some updates and work a rounds that we have applied to help optimize the process, but if you try to pull to many logs, or over too long a period of time it will often time out.
  • The logging and reporting is dependent on the server automatically determining the type of server and logs it is getting. If it doesn't properly tag the logs, then they are essentially gone, lost, unsearchable. There is no good way to manually tell the server to classify the logs, which makes the process either difficult or impossible at times.
No photo available

Alternatives Considered

There are alternatives some of which have a greater overhead and require more in-house technical skills. Alert Logic provide a full service so for us this was a better solution.
No photo available
In the past I have used Qradar, McAfee ESM, and RSA Security Analytics.
PROS:Compared to these products, LEM is by far the most user friendly and easiest to deploy. LEM's ability to automate response and remediation also seems a cut above these products. LEM also ranks up at the top in terms of reliability. Very rarely have we had to resolve issues that prevented LEM from doing it's job.
CONS: LEM is unfortunately lacking in the ability to create custom parsers like other SIEM solutions can. This means if LEM is unable to parse logs coming from a network appliance, you won't be able to view them until Solarwinds releases their official parser for that product. Complex correlations can also test the limits of LEM due to the way that logs are parsed into event type rather than log source type. Trying to correlate all of your IPS events in a complex correlation? This my prove to be difficult in LEM.
No photo available

Return on Investment

  • Return on Investment is measured in how protected our reputation is and Alert Logic contributes to this is a large way.
  • Alert Logic provides excellent information security assurance to the business and allows us to feel more proactive.
No photo available
  • It has helped to give us an insight into our accounts and has been valuable to alert us to attacks.
  • It has been valuable to manually correlate logs after there have been incidents and server issues.
  • For the price, it has not given us any preventative analytics. Some of our alerting is based off of events that caused problems after the fact, so not really helpful at the time.
No photo available

Pricing Details

Alert Logic Log Correlation and Analysis

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

SolarWinds Log & Event Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details