Skip to main content
TrustRadius: an HG Insights Company
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

Overview

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Read more

Learn from top reviewers

Top Rated SIEM Platform

Rating: 7 out of 10
May 5, 2022
Vetted ReviewVerified User
We use LogRhythm NextGen SIEM Platform in our university to ingest all types of logs. Be it firewall logs, window events logs etc. If it has a log then we send it to LogRhythm...
Continue reading
Mohammed Younus Siddiqui
Engineer - Information Technology
Security Specialist
King Fahd University of Petroleum & Minerals
LogRhythm NextGen SIEM Platform5 years of experience

LogRhythm is definitely worth the price especially in large organizations.

Rating: 8 out of 10
April 21, 2022
IncentivizedVetted ReviewVerified User
We have deployed LogRhythm NextGen SIEM to incorporate all of our system logs, network appliances, and security servers. It provides well-profiled logs that we use in daily op...
Continue reading
Verified user
Engineer
LogRhythm NextGen SIEM Platform2 years of experience

Fantastic Product For SIEM LogRhythm

Rating: 10 out of 10
July 14, 2021
IncentivizedVetted ReviewVerified User
It's been 3 years that I started using LogRhythm. It is very good. The LogRhythm SIEM is an extremely well-rounded platform, definitely one of the best on the market when comp...
Continue reading
Verified user
Professional
LogRhythm NextGen SIEM Platform6 years of experience

LogRhythm Logging for the masses (of stuff you own)

Rating: 6 out of 10
July 17, 2020
IncentivizedVetted ReviewVerified User
It is deployed as an enterprise logging solution. It collected logs from Windows (all flavors), *nix, Cisco, Syslog, NetFlow and other sources. It provides logs that are analy...
Continue reading
James Harrison, CISSP
Engineer - Information Technology
Information Security Engineer
PDX
LogRhythm NextGen SIEM Platform3 years of experience

Effective security at your hands.

Rating: 9 out of 10
September 17, 2018
IncentivizedVetted Review
We currently use LogRhythm as a SIEM for our cloud environment, mainly managed by the Technical Services department. It helps with the log management of all our cloud devices ...
Continue reading
Ivan Montilla Miralles
Engineer - Information Technology
Technical Services
GB Advisors, Inc.
LogRhythm NextGen SIEM Platform1 year of experience
Log in with LinkedIn to see content from your network
Return to navigation

Pricing

View all pricing
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

N/A
Unavailable

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

48 people also want pricing

Alternatives Pricing

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Blumira

Blumira

Free
What is Blumira?

Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.

Return to navigation

Product Demos

Unleash the Power of Your SOC: LogRhythm NextGen SIEM Platform Demo | InfoSec Matters

YouTube

How to Stop Phishing Attacks with LogRhythm | LogRhythm in Action

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.4
Avg 7.8
Return to navigation

Product Details

What is LogRhythm NextGen SIEM Platform?

LogRhythm NextGen SIEM Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.

Reviewers rate Centralized event and log data collection highest, with a score of 9.

The most common users of LogRhythm NextGen SIEM Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives

Compare with

Grafana Loki

Grafana Loki

Compare
Splunk Enterprise

Splunk Enterprise

Compare
New Relic

New Relic

Compare
Datadog

Datadog

Compare
AlienVault USM

AlienVault USM

Compare
IBM Security QRadar SIEM

IBM Security QRadar SIEM

Compare
Contact Vendor
Splunk Enterprise Security

Splunk Enterprise Security

Compare
Splunk Cloud Platform

Splunk Cloud Platform

Compare
Microsoft Sentinel

Microsoft Sentinel

Compare
SolarWinds Security Event Manager (SEM)

SolarWinds Security Event Manager (SEM)

Compare
Trellix Enterprise Security Manager

Trellix Enterprise Security Manager

Compare
Arcsight by OpenText

Arcsight by OpenText

Compare
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 17)

LogRhythm Logging for the masses (of stuff you own)

Rating: 6 out of 10
Incentivized
July 17, 2020
Use Cases and Deployment Scope
It is deployed as an enterprise logging solution. It collected logs from Windows (all flavors), *nix, Cisco, Syslog, NetFlow and other sources. It provides logs that are analyzed, reported on and used in daily operational troubleshooting. It provides scheduled reports to meet the auditing and compliance needs of an HIPAA organization.
Pros
  • Great Web UI for help desk troubleshooting.
  • Identification and drilldown of authentication issues.
  • Performance trending.
  • Correlation of events.
  • Access and group policy change monitoring.
Cons
  • Reporting is based on Crystal Reports, requiring a template prior to building a report. The template once saved, cannot be edited. Repeat until you get it right.
  • Query building in the WebUI has little or no documentation.
  • Depth of training on reporting is lacking.
Likelihood to Recommend
Logging is always necessary if
1. You have audit requirements for system access
2. You need to alert and report on user activity
3. You need to troubleshoot issues
4. You want to monitor, report and alert on malicious / suspicious activity
5. You want to impress your management team with statistics...

I cannot think of any computing environment where logging is not appropriate.

LogRhythm is a solid centralized logging solution for large businesses

Rating: 8 out of 10
Incentivized
October 09, 2019
Verified User
Administrator in Information Technology
Restaurants Company, 10,001+ employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
6 years of experience
Use Cases and Deployment Scope
We use LogRhythm NextGen SIEM as a centralized system log repository. We purchased the product 5 or so years back to satisfy PCI compliance as our company has to maintain level 1 PCI compliance which states that all your system logs have to be maintained in a central location. We review the logs daily via automated reports sent to our ticketing system. It helps us keep on top of issues and to maintain compliance.
Pros
  • Updated GUI interface is rather easy to use and looks nice
  • Once up and running, seems to remain that way, we don't really have any issues with it
  • Was cost effective compared to other solutions
Cons
  • Implementation is tricky, definitely requires having them do the implementation for/with you
  • The software can be overly complex at times
  • Adding a Windows server to the solution isn't hard but seems like it could be made quicker/easier
Likelihood to Recommend
I'd say LogRhythm is best suited for larger environments with hundreds of servers and network devices. For smaller businesses you could probably get by with one of the many free open source logging solutions out there, though it may be harder to get up and running without some assistance. For example many years ago when we were much smaller we used a really cheap solution called Kiwi but back then we had maybe 20 servers instead of 250+ we have today and that worked fine for those, but no way could we do that now.

LogRhythm - A great SIEM for on-prem with room for growth for Hybrid/Cloud

Rating: 4 out of 10
Incentivized
February 06, 2019
Verified User
Employee in Information Technology
Insurance Company, 1001-5000 employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
1 year of experience
Use Cases and Deployment Scope
We are using LogRhythm as our enterprise-wide SIEM tool for all log ingestion. We recently (3+mo) decided to uplift the implementation to include our AWS cloud environments. We need a SIEM tool to analyze and ingest event logs.
Pros
  • Event & Log ingestion - Enterprise grade SIEM tool.
  • Ease of implementation, support, documentation, and community.
Cons
  • Support for Cloud environments is fairly limited.
  • Improved log filtering.
  • The UI is extremely outdated.
Likelihood to Recommend
It is great for on-prem, but not ideal for the cloud. It "works" for the cloud, but it is not optimized.

LogRhythm: A NextGen tool for NextGen analysts

Rating: 8 out of 10
Incentivized
November 25, 2019
Verified User
Analyst in Information Technology
Higher Education Company, 5001-10,000 employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
1 year of experience
Use Cases and Deployment Scope
Our Security Team is using LogRhyhthm NextGen SIEM Platform at the University of Colorado.
This our alarming default system that parses logs from our firewall, outlook, system logs, IDS logs, and some confidential cloud data logs and displays tickets.
LogRhythm NextGen SIEM Platform is right for our organization as it requires no knowledge in coding or programming. Therefore non-technical users can also use this product to build rules and manage the servers.
The second benefit is the "drill down" feature that goes to the depth of the event, extracts information, and display in a very well structured manner with easy to understand visualization. It is very easy to go through and detect the problem. It also has a robust search tool for parsing through a high volume of logs.

In a nutshell, our overall incident response went a lot better than what it used to be five years ago.
Pros
  • LogRhythm NextGen SIEM Platform has an alarm system that generates tickets based on the event and the way it has been configured in the LogRhythm console. Let's say we have a ticket for a malicious email attachment. The ticket will some information like the source of the log, the source IP, destination IP etc. It can be drilled down to obtain specific information like the recipient, source location, file attachment name, SHA hash of the file, source and destination port, time, mac address of the machine that downloaded it etc. This helps the analysts to go to the root of the cause and take actions easily without manually parsing them.
  • The second good thing about the LogRhythm NextGen SIEM Platform is that it is very easy to use with its well-structured interface. To use LogRhythm, an user barely require any technical skills. A little overview of IP, CIDR, hash, etc. is enough to get your hands on it. It requires no programming or coding skills, as everything is GUI based. It also provides a beautiful visualization dashboard. There is another beautiful feature that it provides for the classification of events, known as cases. Multiple users working on the same platform can create cases and add events to it. They also help to maintain future reference.
  • The third good feature is the search tool which is very powerful. For example, sometimes it is hard to find the users who downloaded a malware from the guest wireless of the institution and not the private network. The search tool helps us in searching the user by automatically correlating the MAC address from the current network logs and the previous logs as the MAC address is the same. It is highly scalable for parsing a large number of logs from various sources.
  • I particularly think this is one of the best software available for log parsing in an organization where non-technical users are working on incident response. This tool has a good amount of flexibility. However, it can only be configured with the LogRhythm NextGen SIEM Platform Console.
  • In terms of usability, as already mentioned, it is a very easy tool to use, with a GUI based interface.
Cons
  • The LogRhyhtm NextGen SIEM Platform is good in terms of looks, but sometimes it is too sophisticated to do the simplest of tasks like, for example: counting the number of occurrences of a particular IP address in total logs for that specific day or month.
  • They can provide a simple syntax bar like Splunk, for technical users who feel a syntax-based query is more powerful than just GUI.
  • There can be a feature that can help you customize the amount of data to be displayed without "drill down." A lot of the time, it isn't worth waiting 10-15 seconds to find 5% extra required information that could be displayed easily before drilling down.
  • It doesn't have any online community or proper documentation that has a user rating on it. A lot of the times, their documentation doesn't help us.
Likelihood to Recommend
I will say that the LogRhythm NextGen SIEM Platform is well suited for an organization that is not very big but has multiple log sources. Or a lot of non-technical employees who do not know how to code or do write custom queries. Typically it is a good fit for universities and mid-range startups. This has an excellent interface, dashboard, useful for managing roles, but it doesn't provide the level of customization that a technical person with knowledge of coding probably would prefer. Software like Splunk and Elastic Search are much more flexible in terms of the granularity of the search.

A very powerful SIEM with a robust AI engine

Rating: 10 out of 10
Incentivized
September 13, 2019
Verified User
Analyst in Information Technology
Information Technology and Services Company, 1001-5000 employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
2 years of experience
Use Cases and Deployment Scope
We currently are utilizing the LogRhythm SIEM primarily for Information Technology needs. This product is leveraged in a number of ways, one of which is to help auditing security events such as someone being added to the "Domain Administrators" security group in Active Directory. Additionally, we utilize the dashboards (both built-in and custom) to monitor events such as successful authentications from outside of the United States (since all our offices are within the USA).
Pros
  • LogRhythm SIEM provides an amazing granularity when it comes to building reports and alerts/alarms. There are a variety of syntaxes that are supported (regex, boolean, Lucene, etc) so getting exactly what you want is easy.
  • There is a vast amount of pre-defined log source types already available so adding new log sources is a breeze. Additionally, you have the ability to custom-parse a log type for those instances in which there isn't already a pre-defined log type.
  • LogRhythm is constantly improving its software and the capabilities/integrations that it provides. SmartResponses are also frequently being developed, which really help us to quickly (or automatically) take action when certain events are triggered.
Cons
  • They have been expanding the functionality of the "cases" features in the SIEM, which works fine, however, we don't utilize that feature in our deployment so (for us) it is a wasted feature.
  • Since the application provides such granularity/control, it can seem a little overwhelming to someone unfamiliar with the software. Luckily the software is pretty intuitive and laid out in a manner that is easy to understand. I would highly recommend sending your administrator to the (1 week long) on-site training that LogRhythm offers.
  • In order to really get the most out of the software, it takes a decent amount of work to get it configured. The software will function without specifying your subnets/VLANs, but for more accurate reporting it is recommended to define that information. I don't really consider that to be an oversight or issue with the software, but it is something to think about with any SIEM solution. It takes a little bit to really get it defined before you get the most out of it.
Likelihood to Recommend
I currently am leveraging LogRhythm to help me keep an eye on auditing. I have configured many different AI rules that look for specific event IDs such as users being added to administrator groups, accounts being locked out, or successful international logins. Additionally, since Windows Event logs frequently fill up and are overwritten, we use the LogRhythm SIEM as a log repository that can be searched to help identify the root cause of outages. The "second look" feature is nice as well because I can do a historical search in logs from well over a year in the past.
Return to navigation