What users are saying about
42 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.5 out of 101

Likelihood to Recommend

LogRhythm NextGen SIEM Platform

It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

LogRhythm NextGen SIEM Platform
8.5
Centralized event and log data collection
LogRhythm NextGen SIEM Platform
9.4
Correlation
LogRhythm NextGen SIEM Platform
8.9
Event and log normalization
LogRhythm NextGen SIEM Platform
8.7
Deployment flexibility
LogRhythm NextGen SIEM Platform
7.8
Integration with Identity and Access Management Tools
LogRhythm NextGen SIEM Platform
8.1
Custom dashboards and views
LogRhythm NextGen SIEM Platform
8.9
Host and network-based intrusion detection
LogRhythm NextGen SIEM Platform
7.5

Pros

LogRhythm NextGen SIEM Platform

  • LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
  • The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
  • LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Joel Eng profile photo

Cons

LogRhythm NextGen SIEM Platform

  • While searching for log events is quick, the interface isn't as user-friendly as other SIEM products.
  • Many of the administrative/management functions are only available through the full LogRhythm desktop console, not through the web console.
  • The LogRhythm agent, when used for FIM and RIM, is very memory intensive.
No photo available

Likelihood to Renew

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 9.0
Based on 1 answer
LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases.
James Harrison profile photo

Usability

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 2 answers
LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful.
No photo available

Support

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 7 answers
Support has always been fantastic for this product compared to many other support providers I've worked with. They are always very friendly and seem to be well trained and knowledgeable and never have to wait long for a solution. We usually get the issue fixed in the first call, but also we really haven't had to use support a ton so that's also a plus
No photo available

Implementation

LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform 8.0
Based on 1 answer
  • Buy professional services.
  • Buy and implement the system if possible.
  • Remember that the end point log configuration may require other teams in your company to assist you in getting the desired logs from all resources.
  • Attend the end user and daily operations training after a period of usage so you are not overwhelmed with information on concepts not yet seen.
  • Don't be afraid to call for help during your first months of use.
  • Don't close any ticket until you are sure the expected results are verified.
  • Use the community forums to discuss issues with your peers.
  • Watch the training videos offered by L R University.
James Harrison profile photo

Alternatives Considered

LogRhythm NextGen SIEM Platform

We researched Splunk as well but it seemed to require more programming experience than LogRhythm which we currently do not have and could not support another FTE for. SolarWinds SIEM product was another product we researched, although it's basic functionality was good, it was not really a full enterprise-grade solution, but rather a value adds for compliance and audit purposes.
No photo available

Return on Investment

LogRhythm NextGen SIEM Platform

  • The ability to search through logs in a centralized location really helps us to provide RCA (Root Cause Analysis) to management for outages. This helps us to quickly identify the cause of outages and thus saves money due to reduced downtime.
  • Being able to configure the alarms to provide real-time notification (and responses) to security events helps to prevent potential loss due to compromises (such as a fraudulent wire transfer).
  • The initial investment in LogRhythm SIEM is somewhat expensive, however, the appliance is built to your specific needs so you won't have to constantly be upgrading the device as your company grows.
No photo available

Pricing Details

LogRhythm NextGen SIEM Platform

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Add comparison