What users are saying about
66 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 7.9 out of 100
47 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.7 out of 100

Feature Set Ratings

    Security Information and Event Management (SIEM)

    7.8

    LogRhythm NextGen SIEM Platform

    78%

    Netwrix Auditor

    Feature Set Not Supported
    N/A
    LogRhythm NextGen SIEM Platform ranks higher in 13/13 features

    Centralized event and log data collection

    8.5
    85%
    20 Ratings
    N/A
    0 Ratings

    Correlation

    8.3
    83%
    20 Ratings
    N/A
    0 Ratings

    Event and log normalization/management

    7.3
    73%
    37 Ratings
    N/A
    0 Ratings

    Deployment flexibility

    5.4
    54%
    19 Ratings
    N/A
    0 Ratings

    Integration with Identity and Access Management Tools

    7.8
    78%
    16 Ratings
    N/A
    0 Ratings

    Custom dashboards and workspaces

    7.6
    76%
    37 Ratings
    N/A
    0 Ratings

    Host and network-based intrusion detection

    8.2
    82%
    14 Ratings
    N/A
    0 Ratings

    Data integration/API management

    8.0
    80%
    2 Ratings
    N/A
    0 Ratings

    Behavioral analytics and baselining

    8.4
    84%
    2 Ratings
    N/A
    0 Ratings

    Rules-based and algorithmic detection thresholds

    8.2
    82%
    2 Ratings
    N/A
    0 Ratings

    Response orchestration and automation

    7.8
    78%
    2 Ratings
    N/A
    0 Ratings

    Reporting and compliance management

    7.7
    77%
    3 Ratings
    N/A
    0 Ratings

    Incident indexing/searching

    7.8
    78%
    2 Ratings
    N/A
    0 Ratings

    Attribute Ratings

    • LogRhythm NextGen SIEM Platform is rated higher in 2 areas: Likelihood to Renew, Implementation Rating
    • Netwrix Auditor is rated higher in 2 areas: Likelihood to Recommend, Support Rating
    • LogRhythm NextGen SIEM Platform and Netwrix Auditor are tied in 1 area: Usability

    Likelihood to Recommend

    8.1

    LogRhythm NextGen SIEM Platform

    81%
    20 Ratings
    8.4

    Netwrix Auditor

    84%
    20 Ratings

    Likelihood to Renew

    9.0

    LogRhythm NextGen SIEM Platform

    90%
    1 Rating
    8.0

    Netwrix Auditor

    80%
    1 Rating

    Usability

    8.0

    LogRhythm NextGen SIEM Platform

    80%
    2 Ratings
    8.0

    Netwrix Auditor

    80%
    1 Rating

    Support Rating

    8.2

    LogRhythm NextGen SIEM Platform

    82%
    18 Ratings
    8.9

    Netwrix Auditor

    89%
    5 Ratings

    Implementation Rating

    8.0

    LogRhythm NextGen SIEM Platform

    80%
    3 Ratings
    7.0

    Netwrix Auditor

    70%
    3 Ratings

    Likelihood to Recommend

    LogRhythm

    LogRhythm is good for providing a comprehensive view of the environment. It gives a great outline of whatever is going on in our servers and systems regarding security malfunctions. The SIEM sends real-time notifications when there are some occurrences; like creating a new user and inappropriate login attempts. It also avails a good use case that meets our HIPAA compliance.
    Read full review

    Netwrix

    Netwrix [Auditor] is a great tool for any SysAdmin no matter the company size. Licensing is determined by users, not employee count, and that makes it a great product from a small business to an enterprise application. The time savings coupled with the increased productivity is a key factor is determining this tool over other products.
    Read full review

    Pros

    LogRhythm

    • LogRhythm NextGen SIEM Platform has an alarm system that generates tickets based on the event and the way it has been configured in the LogRhythm console. Let's say we have a ticket for a malicious email attachment. The ticket will some information like the source of the log, the source IP, destination IP etc. It can be drilled down to obtain specific information like the recipient, source location, file attachment name, SHA hash of the file, source and destination port, time, mac address of the machine that downloaded it etc. This helps the analysts to go to the root of the cause and take actions easily without manually parsing them.
    • The second good thing about the LogRhythm NextGen SIEM Platform is that it is very easy to use with its well-structured interface. To use LogRhythm, an user barely require any technical skills. A little overview of IP, CIDR, hash, etc. is enough to get your hands on it. It requires no programming or coding skills, as everything is GUI based. It also provides a beautiful visualization dashboard. There is another beautiful feature that it provides for the classification of events, known as cases. Multiple users working on the same platform can create cases and add events to it. They also help to maintain future reference.
    • The third good feature is the search tool which is very powerful. For example, sometimes it is hard to find the users who downloaded a malware from the guest wireless of the institution and not the private network. The search tool helps us in searching the user by automatically correlating the MAC address from the current network logs and the previous logs as the MAC address is the same. It is highly scalable for parsing a large number of logs from various sources.
    • I particularly think this is one of the best software available for log parsing in an organization where non-technical users are working on incident response. This tool has a good amount of flexibility. However, it can only be configured with the LogRhythm NextGen SIEM Platform Console.
    • In terms of usability, as already mentioned, it is a very easy tool to use, with a GUI based interface.
    Read full review

    Netwrix

    • Netwrix Auditor performs the audit collection process in a method that does not burden the systems it is auditing. It usually just pulls the log and event logs data from the machine it is auditing and then performs the extraction of the information in these files on the Netwrix Auditor server. This reducing the audit processes to only pulling log data from the server but does not keep the server busy processing the data.
    • Once the log data has been pulled from a server being audited, Netwrix will store the log data in a compressed form in its Long Term Archive. This allows the database to be kept smaller than the all the data being kept in the Log Term Archive and therefore makes creating reports much faster since the database is not as big as it could be.
    • Since Netwrix Auditor uses standard Microsoft SQL Server and SQL Server Reporting Services (SSRS) to perform reporting, working with the results of the audit is much easier. Anyone who knows SQL Server and SSRS can work with the data and create their own reports.
    • The predefined reports that come with Netwrix Auditor cover most of the items required to properly report on the status of a system. They have many predefined reports for FedRamp, PCI, HIPPA, and other compliance regulations.
    Read full review

    Cons

    LogRhythm

    • LogRhythm absolutely needs to provide back end support for threat intelligence lists. Performing a linear search on massive lists of IPs on incoming web traffic can bring the SIEM to its knees.
    • LogRhythm should drop its entire code base for implementing lists and simply turn them into hash tables to avoid the excessive cost associated with referencing lists in rules. I haven't seen the code, but the performance suggests O(n).
    • The reporting feature is the worst of all SIEMs, luckily reports are not my primary service offering. LogRhythm should definitely revamp its reporting to be more intuitive.
    Read full review

    Netwrix

    • There is a bit of a learning curve. The interface is fairly intuitive, but I think there is room for improvement.
    • There is a LOT of functionality which can be quite overwhelming at first, but in and of itself, not a bad thing.
    • I think this software would benefit from a "Simple" mode and "Advanced" mode. This would ease the learning curve a bit.
    Read full review

    Pricing Details

    LogRhythm NextGen SIEM Platform

    Starting Price

    Editions & Modules

    LogRhythm NextGen SIEM Platform editions and modules pricing
    EditionModules

    Footnotes

      Offerings

      Free Trial
      Free/Freemium Version
      Premium Consulting/Integration Services

      Entry-level set up fee?

      No setup fee

      Additional Details

      Netwrix Auditor

      Starting Price

      Editions & Modules

      Netwrix Auditor editions and modules pricing
      EditionModules

      Footnotes

        Offerings

        Free Trial
        Free/Freemium Version
        Premium Consulting/Integration Services

        Entry-level set up fee?

        No setup fee

        Additional Details

        Likelihood to Renew

        LogRhythm

        LogRhythm is focused on SIEM. That is their core business. Cost of operations, feature set and ease of use. The Log Rhythm support team is outstanding. Overall reliability is good. Reporting module needs some improvement and LR is promising that there will be significant improvements in future releases.
        Read full review

        Netwrix

        We have renewed already the licensing of the product minus SQL Server and Oracle Database because the organisation believes the modules are very expensive and have identified a different product for auditing Databases Other modules are very important like the User Activity monitor, AD queries that we can not get from the native AD itself or you have to run complicated powershell scripts! Easy to use interface Pre-defined Reports Easy way to subscribe to important alerts e.g Privilege account group membership changes
        Read full review

        Usability

        LogRhythm

        LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful.
        Read full review

        Netwrix

        The product has user friend pre-defined queries which takes off the stress and horrors of having to query Active Directory with complex Powershell scripts! You can subscribe to certain functions when they are done and you get an alert e.g privileged accounts actions and you don't need to have programming skills The product has a desktop version of the software and donot have to login to the server all the time you need to use it. You can see very fast the posture of your environment of the overview screen and deduce what exactly is wrong and what has to be done
        Read full review

        Support Rating

        LogRhythm

        While LogRhythm support is generally quick to respond, the initial response is usually from a first line support engineer with general knowledge of the product. Any advanced or complex issues have always required the assistance of a higher tier of support, directly or indirectly. For a few occasions we actually used our PS hours to work on the issue.
        Read full review

        Netwrix

        Customer support has always been fast and helpful when we run into any issues. The smaller issues are usually resolved within a day or two. It is great support and I feel like I am in good hands anytime an issue comes up. However, we don't run into many issues
        Read full review

        Implementation Rating

        LogRhythm

        • Buy professional services.
        • Buy and implement the system if possible.
        • Remember that the end point log configuration may require other teams in your company to assist you in getting the desired logs from all resources.
        • Attend the end user and daily operations training after a period of usage so you are not overwhelmed with information on concepts not yet seen.
        • Don't be afraid to call for help during your first months of use.
        • Don't close any ticket until you are sure the expected results are verified.
        • Use the community forums to discuss issues with your peers.
        • Watch the training videos offered by L R University.
        Read full review

        Netwrix

        Make sure you trial the software and understand the fundamentals of each module that you are interested in Make sure you get the buy in from both Management and most importantly your team members (the product users) for a successful implementation Watch the webinars of the product from the product website
        Read full review

        Alternatives Considered

        LogRhythm

        LogRhythm was simpler to set up and configure as well as extract information from. It also was less intrusive in terms of how many appliances were needed to implement. We were up and running within 5 hours to start accepting log sources. We selected LogRhythm as well since support is based in the USA in Colorado.
        Read full review

        Netwrix

        I can only compare it to SolarWinds. Their similar products have larger foot prints and seem a little clumsy in comparison. The Netwrix product turns on a lot of the auditing options that were required for the product to work properly where it seemed I had to do a lot of manual tweeking with the SolarWinds product.
        Read full review

        Return on Investment

        LogRhythm

        • The ability to search through logs in a centralized location really helps us to provide RCA (Root Cause Analysis) to management for outages. This helps us to quickly identify the cause of outages and thus saves money due to reduced downtime.
        • Being able to configure the alarms to provide real-time notification (and responses) to security events helps to prevent potential loss due to compromises (such as a fraudulent wire transfer).
        • The initial investment in LogRhythm SIEM is somewhat expensive, however, the appliance is built to your specific needs so you won't have to constantly be upgrading the device as your company grows.
        Read full review

        Netwrix

        • Positive: Greater confidence from management to the engineering team as pro-active monitoring is taking place.
        • Positive: Engineers have a tool that can look into logs across the fleet of servers/network devices.
        • Negative: Can be quite time consuming to set up/ train to be competent in the software.
        Read full review

        Screenshots

        Add comparison