Microsoft Sentinel vs. Sumo Logic

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Microsoft Sentinel
Score 8.2 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Sumo Logic
Score 8.0 out of 10
N/A
Sumo Logic is a log management offering from the San Francisco based company of the same name.
$3
Per GB Logs
Pricing
Microsoft SentinelSumo Logic
Editions & Modules
Azure Sentinel
$2.46
per GB ingested
100 GB per day
$123.00
per day
200 GB per day
$221.40
per day
300 GB per day
$319.80
per day
400 GB per day
$410.00
per day
500 GB per day
$492.00
per day
More than 500 GB per day
$492.00 + $98.40
per day/plus each additional 100 GB increment
Essentials
$3.00
Per GB Logs
Enterprise
$4.00
Per GB Logs
Enterprise Security
$4.25
Per GB Logs
Enterprise Suite
$4.75
Per GB Logs
Offerings
Pricing Offerings
Microsoft SentinelSumo Logic
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details——
More Pricing Information
Community Pulse
Microsoft SentinelSumo Logic
Top Pros
Top Cons
Features
Microsoft SentinelSumo Logic
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Microsoft Sentinel
7.6
26 Ratings
2% below category average
Sumo Logic
-
Ratings
Centralized event and log data collection8.326 Ratings00 Ratings
Correlation7.326 Ratings00 Ratings
Event and log normalization/management7.426 Ratings00 Ratings
Deployment flexibility7.625 Ratings00 Ratings
Integration with Identity and Access Management Tools7.325 Ratings00 Ratings
Custom dashboards and workspaces7.326 Ratings00 Ratings
Host and network-based intrusion detection6.423 Ratings00 Ratings
Data integration/API management7.024 Ratings00 Ratings
Behavioral analytics and baselining7.122 Ratings00 Ratings
Rules-based and algorithmic detection thresholds7.824 Ratings00 Ratings
Response orchestration and automation8.123 Ratings00 Ratings
Reporting and compliance management9.04 Ratings00 Ratings
Incident indexing/searching8.124 Ratings00 Ratings
Best Alternatives
Microsoft SentinelSumo Logic
Small Businesses
AlienVault USM
AlienVault USM
Score 7.9 out of 10
InfluxDB
InfluxDB
Score 8.7 out of 10
Medium-sized Companies
InsightIDR
InsightIDR
Score 9.1 out of 10
GitLab
GitLab
Score 8.7 out of 10
Enterprises
InsightIDR
InsightIDR
Score 9.1 out of 10
GitLab
GitLab
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Microsoft SentinelSumo Logic
Likelihood to Recommend
8.4
(45 ratings)
8.0
(16 ratings)
Likelihood to Renew
8.2
(1 ratings)
-
(0 ratings)
Usability
7.3
(4 ratings)
9.0
(4 ratings)
Support Rating
8.0
(3 ratings)
8.7
(6 ratings)
Implementation Rating
-
(0 ratings)
9.0
(1 ratings)
Professional Services
5.0
(1 ratings)
6.2
(3 ratings)
User Testimonials
Microsoft SentinelSumo Logic
Likelihood to Recommend
Microsoft
I'll go with where it's very suited in certain industries, including ours where the data resides or where it's being sent is incredibly important. So because the data stays within Microsoft World Garden, we are able to piggyback off of a lot of those certifications and meet certain requirements that allow us to expand where we sell our product to outside of scopes that we couldn't reach ourselves.
Read full review
Sumo Logic
SumoLogic is a fantastic log aggregator and analysis tool, a fine alternative to Splunk. Searching is powerful and mostly intuitive and results come fast. If you have application logs in clusters or Kubernetes pods that lose their logs every time they're restarted, Sumo is the solution for you
Read full review
Pros
Microsoft
  • It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers.
  • It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines.
  • One good thing about this tool is automated incident response thereby increasing the security of servers.
Read full review
Sumo Logic
  • Sumo Logic allowed for our InfoSec team to ingest logs from our CDN directly, in real-time, instead of massive compressed archives that were sent every two-hours (the only alternative at the time). Sumo Logic had an app for these logs, that allowed us to easily get an immediate payoff from the data, with canned dashboard and saved searches.
  • Sumo Logic has a fairly extensive REST API when it comes to log sources, source configurations, dashboard data, searches, etc. Their wiki for the API is usually kept up to date.
  • Sumo Logic, during the period of time I had used their product, had added the ability to configure agents via configuration files. This allowed customers to configure their endpoints, and modify the endpoints, with configuration management tools like Chef / Puppet / Salt. Beforehand, the only option was to always make changes either via the web portal or REST API.
  • The solutions engineers were extremely helpful, and easily reachable when issues would occur.
  • Users at our company found it easy to get started, working on new dashboards, scheduled searches, and alerting. The alerting worked well with our third-party paging tool.
Read full review
Cons
Microsoft
  • 'Notebook' has always been a very hard to use feature for me in Sentinel. From my experience, there have been a very selective use cases for this feature across the industry.
  • 'Entity Behavior' has some scope to be improved further since it is a feature that gives some useful insights but needs to be accessed separately. I think it should be re-worked in a way to be used within the incident investigation page.
  • I'd like to see a more user-friendly version of the 'Content Hub' menu which was the earlier version! The new UI is somewhat confusing to use and is dependent on a lot of filters being applied which do not even lasts for a single session. With each refresh, we have to apply the filters again.
Read full review
Sumo Logic
  • I like the help center, but I think if it had more GUI tools, it could help new users.
  • Pulling out data is sometimes hard to read, (Maybe if I knew how to export data better, this would not be an issue for me).
  • I would like better know-how on how to create reports that will help our business.
Read full review
Usability
Microsoft
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review
Sumo Logic
Sumo Logic is very powerful but definitely requires some configuration work to get the most out of it. You can get a certification related to this, but it is definitely not something you can just throw together.
Read full review
Support Rating
Microsoft
Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review
Sumo Logic
I would give this rating because I attended a free Sumo Logic training at a WeWork in Chicago. I found the training very useful, and I learned a lot of features that I was not aware of before I went to the training. I like the idea that SumoLogic provides free training seminars. I am certified in level1, and I plan on certifying to level2.
Read full review
Implementation Rating
Microsoft
No answers on this topic
Sumo Logic
I was satisfied with the implementation, as at the time, it was the best way to implement the product with the available feature sets in Sumo Logic. User creation and management became more of an issue during continued use, instead of it being an issue related to deploying the product in our environment.
Read full review
Alternatives Considered
Microsoft
I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate with it. So it made a lot of sense to really drive as hard as we could Microsoft Sim at least for a few years to make sure it would fit us.
Read full review
Sumo Logic
Sumo Logic works very well out of the gate. For a small business it has given us what we need. I worked at a larger company previously, and we produced so many logs we had to create a custom logging service to handle them all. Cost and availability are big issues when deciding between the different services, whether self maintained and hosted, or provided by another company.
Read full review
Professional Services
Microsoft
Did not use professional services
Read full review
Sumo Logic
I've assisted several OneLogin customers with partner accounts to Sumo Logic. It has always been pleasant.
Read full review
Return on Investment
Microsoft
  • Log Management is a little difficult in-house as everything is situated on the cloud.
  • Paying according to the throughput of the data can be costlier for some organizations.
  • Excellent integration and log parsing for Microsoft products save many man-hours for the SIEM admin to focus on other things.
Read full review
Sumo Logic
  • I can't think of any negative side effects other than it being SO slow sometimes, but compared to Splunk everything is slow
  • It's SO much cheaper than Splunk that the time it takes to query information is well worth it
  • In the times that we've had Sumo go down or stop logging information, we've found that we'd be absolutely lost without Sumo
Read full review
ScreenShots

Microsoft Sentinel Screenshots

Screenshot of Screenshot of Screenshot of Microsoft Sentinel Capabilities