12 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100
56 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100

Likelihood to Recommend

Microsoft Sentinel (formerly Azure Sentinel)

Azure Sentinel is an excellent option like SIEM. It has cool, smart features and functionality, and is quite powerful in terms of processing information in the cloud. I recommend it to colleagues because it is very easy to deploy and configure, and learn to use it on a daily basis. The panel is super intuitive and rich in details. When opening Sentinel, it is already possible to analyze the indices that happened and those that deserve further attention and treatment.
Flavio Pereira | TrustRadius Reviewer

Sumo Logic

It is ready to collect data and search for it easily and quickly, without much hassle. It gives you the ability to view records and analyze them in real time. One thing we should highlight about the use of Sumo logic is that it completely eliminates the need to exchange ideas with clients or inquiry questions and replace them completely by visualizing the problem, so your team will be able to save time, have liquid work and resolve problems quickly to ensure good service.
Suman Lata | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Microsoft Sentinel (formerly Azure Sentinel)
9.4
Sumo Logic
Centralized event and log data collection
Microsoft Sentinel (formerly Azure Sentinel)
10.0
Sumo Logic
Correlation
Microsoft Sentinel (formerly Azure Sentinel)
9.3
Sumo Logic
Event and log normalization/management
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Deployment flexibility
Microsoft Sentinel (formerly Azure Sentinel)
8.3
Sumo Logic
Integration with Identity and Access Management Tools
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Custom dashboards and workspaces
Microsoft Sentinel (formerly Azure Sentinel)
9.3
Sumo Logic
Host and network-based intrusion detection
Microsoft Sentinel (formerly Azure Sentinel)
9.0
Sumo Logic
Data integration/API management
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Behavioral analytics and baselining
Microsoft Sentinel (formerly Azure Sentinel)
9.3
Sumo Logic
Rules-based and algorithmic detection thresholds
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Response orchestration and automation
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Reporting and compliance management
Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
Incident indexing/searching
Microsoft Sentinel (formerly Azure Sentinel)
9.3
Sumo Logic

Pros

Microsoft Sentinel (formerly Azure Sentinel)

  • Automated detection and response
  • Detailed user/device information
  • Part of the MS cloudsphere, so has a familiar feel.
Michael Bobo | TrustRadius Reviewer

Sumo Logic

  • Searching is powerful and fast and does not require you to pre-filter/pre-parse your data in order to extract fields, filter messages, or run analytics
  • User data can be private or shared with the organization, allowing developers to create searches and share them with Support folks.
  • It's easy to create email alerts when certain conditions are detected.
Anonymous | TrustRadius Reviewer

Cons

Microsoft Sentinel (formerly Azure Sentinel)

  • There's not much that needs improvement, but the on-prem log sources still require a lot of development.
Anonymous | TrustRadius Reviewer

Sumo Logic

  • Sumo Logic, during the period that I used their product (up until at least November 2015), did not have a User / RBAC API. This made it very difficult to manage users (we had about 100 users). Even though they had SAML integration, allowing us to utilize a single-sign on solution, we would have to do manual reviews of user accounts in Sumo Logic on a regular basis. There was no export feature, so it became a matter of copy/pasting all users from the web portal, and creating a spreadsheet out of the data. This was a big pain, as we were all about automation. I had been told that a User / RBAC REST API would be made available sometime during Q1 - Q1 2016.
  • The user who creates any saved search queries, alerts, reports, or dashboards, is the only user that is able to edit them. In a collaborative environment, or larger enterprise, this brings a level of difficulty. For example, if an alert breaks and is spamming an inbox/pager, it cannot be edited or stopped unless done specifically by the user who created it. The RBAC has not been improved enough to allow groups/teams/organizations to have ownership over them (as of November 2015).
  • If you are to delete a user account in Sumo Logic, as your account is setup to allow a specific amount of user accounts in addition to the storage limits agreed in contract, all of the work they had created for teams -- dashboards, scheduled searches, alerting, reporting, etc. -- all become unpublished and unscheduled. They all become inherited by the user that deletes their account. This may create a mess, as this may now completely stop many useful reports/alerts/dashboards that were being taken care of initially. As a result, deletion of a user who is no longer having access to Sumo Logic (due to leaving the company, or leaving a team the needs access), requires a complete review of everything the user has saved in order to see whether anything needs to be rescheduled for alerting/reporting or republished for dashboard viewing. This is all as of November 2015.
  • Purging log data can be extremely difficult. Sumo Logic stores data in a WORM (Write Once, Read Many) type of database. This is done for security reasons, and the database also stores it's data in an encrypted form. If you wish for any data to be removed for any reason, such as PHI / PII / etc. information, you have to wipe out absolutely all data within a time range that Sumo Logic has ever gathered for you. This does not just include the source of the data you are trying to purge, but would include all log data from all sources that you have (even if separately indexed, or partitioned). I am unsure of whether this is still the fact, or if this has at least narrowed down to partition/index, or source.
  • In the web portal, Sumo Logic has icons for agents that are working -- green/yellow if I remember right. Source hosts would always show a big green checkmark for health, even if certain sources were completely failing. If Sumo Logic agents are logging errors that logs can't be collected (permissions, some agent issue, etc.), there wasn't a way to visibly see there was an issue unless you were looking for it in logs. This resulted in periods of time where we did not receive logs from many sources. This is hard to alert on, as we found we would have to create a scheduled search of Sumo Logic agent logs that looked for as many error/warning messages as we could, that we knew about. This was incredibly difficult, and unmanageable.
Derek Ardolf | TrustRadius Reviewer

Usability

Microsoft Sentinel (formerly Azure Sentinel)

Microsoft Sentinel (formerly Azure Sentinel) 9.3
Based on 3 answers
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Flavio Pereira | TrustRadius Reviewer

Sumo Logic

Sumo Logic 8.3
Based on 4 answers
Ideal for data collection and search without many problems in an easy and fast way. It helps you to access and view documents in real time. This helps us to provide service to our customers that enhances customer experience. This is the best way to explore records in groups of computers. Our team also investigates the root sources of the issues.
Suman Lata | TrustRadius Reviewer

Support Rating

Microsoft Sentinel (formerly Azure Sentinel)

Microsoft Sentinel (formerly Azure Sentinel) 8.3
Based on 3 answers
I haven't yet had to use support for Sentinel.
Michael Bobo | TrustRadius Reviewer

Sumo Logic

Sumo Logic 9.0
Based on 9 answers
I would give this rating because I attended a free Sumo Logic training at a WeWork in Chicago. I found the training very useful, and I learned a lot of features that I was not aware of before I went to the training. I like the idea that SumoLogic provides free training seminars. I am certified in level1, and I plan on certifying to level2.
M Phillip Yogore | TrustRadius Reviewer

Implementation Rating

Microsoft Sentinel (formerly Azure Sentinel)

No score
No answers yet
No answers on this topic

Sumo Logic

Sumo Logic 9.0
Based on 2 answers
I was satisfied with the implementation, as at the time, it was the best way to implement the product with the available feature sets in Sumo Logic. User creation and management became more of an issue during continued use, instead of it being an issue related to deploying the product in our environment.
Derek Ardolf | TrustRadius Reviewer

Alternatives Considered

Microsoft Sentinel (formerly Azure Sentinel)

No answers on this topic

Sumo Logic

Sumo Logic works very well out of the gate. For a small business it has given us what we need. I worked at a larger company previously, and we produced so many logs we had to create a custom logging service to handle them all. Cost and availability are big issues when deciding between the different services, whether self maintained and hosted, or provided by another company.
David Tanner | TrustRadius Reviewer

Professional Services

Microsoft Sentinel (formerly Azure Sentinel)

Microsoft Sentinel (formerly Azure Sentinel) 5.0
Based on 1 answer
Did not use professional services
Michael Bobo | TrustRadius Reviewer

Sumo Logic

Sumo Logic 7.3
Based on 4 answers
It is a fully supported tool and I have real-time access to a team of supporters or engineers who have developed this tool and can assist you with any questions or issues you may have about the tool. The training provided is also excellent and you get to know the full functionality and other advanced features of the tool.
Suman Lata | TrustRadius Reviewer

Return on Investment

Microsoft Sentinel (formerly Azure Sentinel)

  • Cost saving as you don't need to use multiple platforms to monitor your security events.
Anonymous | TrustRadius Reviewer

Sumo Logic

  • I can't think of any negative side effects other than it being SO slow sometimes, but compared to Splunk everything is slow
  • It's SO much cheaper than Splunk that the time it takes to query information is well worth it
  • In the times that we've had Sumo go down or stop logging information, we've found that we'd be absolutely lost without Sumo
Anonymous | TrustRadius Reviewer

Pricing Details

Microsoft Sentinel (formerly Azure Sentinel)

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Starting Price

$2.46 per GB ingested

Microsoft Sentinel (formerly Azure Sentinel) Editions & Modules

Edition
Azure Sentinel$2.461
100 GB per day$123.002
200 GB per day$221.402
300 GB per day$319.802
400 GB per day$410.002
500 GB per day$492.002
More than 500 GB per day$492.00 + $98.403
  1. per GB ingested
  2. per day
  3. per day/plus each additional 100 GB increment
Additional Pricing Details

Sumo Logic

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Starting Price

$3 Per GB Logs

Sumo Logic Editions & Modules

Edition
Essentials$3.001
Enterprise$4.001
Enterprise Security$4.251
Enterprise Suite$4.751
  1. Per GB Logs
Additional Pricing Details

Rating Summary

Likelihood to Recommend

Microsoft Sentinel (formerly Azure Sentinel)
9.7
Sumo Logic
9.3

Usability

Microsoft Sentinel (formerly Azure Sentinel)
9.3
Sumo Logic
8.3

Support Rating

Microsoft Sentinel (formerly Azure Sentinel)
8.3
Sumo Logic
9.0

Implementation Rating

Microsoft Sentinel (formerly Azure Sentinel)
Sumo Logic
9.0

Professional Services

Microsoft Sentinel (formerly Azure Sentinel)
5.0
Sumo Logic
7.3

Add comparison