Skip to main content
TrustRadius
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

Overview

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Read more

Learn from top reviewers

Top Rated SIEM Platform

Rating: 7 out of 10
May 5, 2022
Vetted ReviewVerified User
We use LogRhythm NextGen SIEM Platform in our university to ingest all types of logs. Be it firewall logs, window events logs etc. If it has a log then we send it to LogRhythm...
Continue reading
Mohammed Younus Siddiqui
Engineer - Information Technology
Security Specialist
King Fahd University of Petroleum & Minerals
LogRhythm NextGen SIEM Platform5 years of experience

LogRhythm is definitely worth the price especially in large organizations.

Rating: 8 out of 10
April 21, 2022
IncentivizedVetted ReviewVerified User
We have deployed LogRhythm NextGen SIEM to incorporate all of our system logs, network appliances, and security servers. It provides well-profiled logs that we use in daily op...
Continue reading
Verified user
Engineer
LogRhythm NextGen SIEM Platform2 years of experience

Fantastic Product For SIEM LogRhythm

Rating: 10 out of 10
July 14, 2021
IncentivizedVetted ReviewVerified User
It's been 3 years that I started using LogRhythm. It is very good. The LogRhythm SIEM is an extremely well-rounded platform, definitely one of the best on the market when comp...
Continue reading
Verified user
Professional
LogRhythm NextGen SIEM Platform6 years of experience

LogRhythm Logging for the masses (of stuff you own)

Rating: 6 out of 10
July 17, 2020
IncentivizedVetted ReviewVerified User
It is deployed as an enterprise logging solution. It collected logs from Windows (all flavors), *nix, Cisco, Syslog, NetFlow and other sources. It provides logs that are analy...
Continue reading
James Harrison, CISSP
Engineer - Information Technology
Information Security Engineer
PDX
LogRhythm NextGen SIEM Platform3 years of experience

Effective security at your hands.

Rating: 9 out of 10
September 17, 2018
IncentivizedVetted Review
We currently use LogRhythm as a SIEM for our cloud environment, mainly managed by the Technical Services department. It helps with the log management of all our cloud devices ...
Continue reading
Ivan Montilla Miralles
Engineer - Information Technology
Technical Services
GB Advisors, Inc.
LogRhythm NextGen SIEM Platform1 year of experience
Log in with LinkedIn to see content from your network
Return to navigation

Pricing

View all pricing
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

N/A
Unavailable

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

48 people also want pricing

Alternatives Pricing

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Blumira

Blumira

Free
What is Blumira?

Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.

Return to navigation

Product Demos

Unleash the Power of Your SOC: LogRhythm NextGen SIEM Platform Demo | InfoSec Matters

YouTube

How to Stop Phishing Attacks with LogRhythm | LogRhythm in Action

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.4
Avg 7.8
Return to navigation

Product Details

What is LogRhythm NextGen SIEM Platform?

LogRhythm NextGen SIEM Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.

Reviewers rate Centralized event and log data collection highest, with a score of 9.

The most common users of LogRhythm NextGen SIEM Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 20)

So you want to know which SIEM to buy

Rating: 9 out of 10
Incentivized
June 08, 2016
JE
Joel Eng
Content Development Lead
ReliaQuest (Computer & Network Security, 51-200 employees)
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
1 year of experience
View profile
Use Cases and Deployment Scope
I manage multiple instances of LogRhythm for customers that my company provides managed security services for. My team provides the rules, reports, and dashboards. Analysts use it to detect and respond to threats in our customers' environments. Our customers use LogRhythm to monitor their entire organizations ranging in size from 100-10,000+ end points plus network and security devices. The primary business problems that the SIEM solves is providing a single pane of glass for security while also providing a platform for conducting correlation across the network and time.

Pros
  • LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
  • The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
  • LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Cons
  • LogRhythm absolutely needs to provide back end support for threat intelligence lists. Performing a linear search on massive lists of IPs on incoming web traffic can bring the SIEM to its knees.
  • LogRhythm should drop its entire code base for implementing lists and simply turn them into hash tables to avoid the excessive cost associated with referencing lists in rules. I haven't seen the code, but the performance suggests O(n).
  • The reporting feature is the worst of all SIEMs, luckily reports are not my primary service offering. LogRhythm should definitely revamp its reporting to be more intuitive.
Likelihood to Recommend
I have seen LogRhythm reliably deployed in both medium and large sized corporations with centralized and distributed architectures. The software performs well across all scenarios.

LogRhythm for your SIEM Needs

Rating: 10 out of 10
Incentivized
October 12, 2016
Verified User
Analyst in Information Technology
Retail Company, 1001-5000 employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
3 years of experience
Use Cases and Deployment Scope
It is being used to not only to help us achieve PCI compliance but collect logs from various systems to monitor the landscape and critical infrastructure systems. It alerts us to various anomalies that we set up to monitor such as the use of privileged accounts within the environment.
Pros
  • Easy to set up/configure out of the box.
  • Easy to manage/administer.
  • Quickly processes logs/events within the central console for review.
  • Allows us to correlate activities across multiple systems we capture logs/events for.
Cons
  • The upgrade process from version 6.x to 7.x was a bit messy.
  • Should be able to update software within the application for minor updates without the need to download separate software from the support portal.
Likelihood to Recommend
It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.

LogRhythm - excelling in customer support and innovation

Rating: 10 out of 10
Incentivized
August 01, 2018
Verified User
Executive in Information Technology
Restaurants Company, 10,001+ employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
10 years of experience
Use Cases and Deployment Scope
LogRhythm is used by both our managed security services partner (level 1) and the internal team members who manage our SOC. We leverage the complete set of SIEM features offered by LogRhythm to meet requirements for PCI in addition to comprehensive support for our evolving process to meet the changing data security needs of a retail organization.
Pros
  • LogRhythm's technical customer support is exceptional.
  • The product roadmap is extensive.
  • Automation and AI continue to evolve rapidly.
Cons
  • LogRhythm has recently updated their agent to support a push process for upgrade - until this was done, it was a source of frustration.
Likelihood to Recommend
LogRhythm is very well suited for retail organizations and others with a geographically dispersed set of endpoints. LogRhythm also works very well in situations where there is a multi-tired SOC - especially if an outsourced provider is involved that can manage the upgrade process to ensure that the system is always up-to-date without requiring the support of internal resources.

LogRhythm is a clear winner

Rating: 10 out of 10
Incentivized
October 25, 2017
SS
Seth Shestack
Deputy CISO
Temple University (Higher Education, 5001-10,000 employees)
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
3 years of experience
View profile
Use Cases and Deployment Scope
LogRhythm is used throughout our organization and managed by the Information Security department
We collect logs from many systems that are important to managing our security infrastructure.
These include all of our security systems (FW, IPS, Endpoint protection), all of our AAA systems (LDAP, Radius Active Directory), as well as sytems contain data of concern.
Pros
  • Central Management and storage of logs
  • Parses all logs into a readable format
  • Correlates events from various systems to provide a consolidated view of activity
  • Alerts and alarms on various events of possible concern
Cons
  • Reports should be available in the Web Console
  • Detail contained in Alarms should be configurable to provide more or less information as applicable
  • Case in the case management module should allow investigation playbook templates
Likelihood to Recommend
LogRhythm is well suited for managing logs from disparate systems, correlating events, and providing a comprehensive view of the environment. One of its main strengths is the continuity of dashboards, drill downs in data, searches, and alarms.
All of the screens use the same format moving from module to module, making this product very intuitive to use.

Effective security at your hands.

Rating: 9 out of 10
Incentivized
September 17, 2018
Use Cases and Deployment Scope
We currently use LogRhythm as a SIEM for our cloud environment, mainly managed by the Technical Services department. It helps with the log management of all our cloud devices and helps us find live attacks done in our both test and production environment. It also helps as a showcase for when a customer requires a demo presentation or needs a certain configuration done on their environment.
Pros
  • The Analyze module is very useful for drilling down and winding down with filters what you need to see, regarding incidents and logs. It allows you to be agile and create a case with the current logs, appending them as evidence.
  • The reports module is really easy to use, both for running and configuring them, as long as you have the queries ready for what you need. If you beforehand prepare what you're going to look for in a report, configuring a report from scratch is not hard.
  • The dashboards are also very useful out of the box and easy to configure. You can make sense of the data with the proper queries and a very helpful feature is the ability to see the data with Live Data turned on, you're always on relevance while looking at dashboards.
Cons
  • I wished it didn't need a thick client for configuring the tool. They could perhaps make a different login screen using the web for configuring the tool so you don't need to mix up the configuration of the solution with the security management.
  • The training at the LogRhythm Thrive Partner Portal is somewhat hard. The content is very helpful, but the exams are perhaps too hard even for the 101. I understand there's a challengening part, but the learning curve could be smoothened out instead of making it too steep.
  • I think the licensing of the agents should be more open. Instead of making it extra at a premium rate, you should allow your users to install it freely on their assets and receive logs from those assets.
Likelihood to Recommend
A good scenario to have LogRhythm SIEM is when you have an enterprise environment with specific compliance requirements and/or if you have a critical environment you need to make sure is really protected, along with proper SmartResponse rules to take action when an alarm triggers. If your environment is mission critical, but your company is an SMB, LogRhythm might be overkill for you, as it's a solution that has a great upfront cost. The cost of investment [is] worth it given a minimum company size, but it makes sense only if you can really afford it.
Return to navigation