Skip to main content
TrustRadius
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

Overview

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Read more

Learn from top reviewers

Top Rated SIEM Platform

Rating: 7 out of 10
May 5, 2022
Vetted ReviewVerified User
We use LogRhythm NextGen SIEM Platform in our university to ingest all types of logs. Be it firewall logs, window events logs etc. If it has a log then we send it to LogRhythm...
Continue reading
Mohammed Younus Siddiqui
Engineer - Information Technology
Security Specialist
King Fahd University of Petroleum & Minerals
LogRhythm NextGen SIEM Platform5 years of experience

LogRhythm is definitely worth the price especially in large organizations.

Rating: 8 out of 10
April 21, 2022
IncentivizedVetted ReviewVerified User
We have deployed LogRhythm NextGen SIEM to incorporate all of our system logs, network appliances, and security servers. It provides well-profiled logs that we use in daily op...
Continue reading
Verified user
Engineer
LogRhythm NextGen SIEM Platform2 years of experience

Fantastic Product For SIEM LogRhythm

Rating: 10 out of 10
July 14, 2021
IncentivizedVetted ReviewVerified User
It's been 3 years that I started using LogRhythm. It is very good. The LogRhythm SIEM is an extremely well-rounded platform, definitely one of the best on the market when comp...
Continue reading
Verified user
Professional
LogRhythm NextGen SIEM Platform6 years of experience

LogRhythm Logging for the masses (of stuff you own)

Rating: 6 out of 10
July 17, 2020
IncentivizedVetted ReviewVerified User
It is deployed as an enterprise logging solution. It collected logs from Windows (all flavors), *nix, Cisco, Syslog, NetFlow and other sources. It provides logs that are analy...
Continue reading
James Harrison, CISSP
Engineer - Information Technology
Information Security Engineer
PDX
LogRhythm NextGen SIEM Platform3 years of experience

Effective security at your hands.

Rating: 9 out of 10
September 17, 2018
IncentivizedVetted Review
We currently use LogRhythm as a SIEM for our cloud environment, mainly managed by the Technical Services department. It helps with the log management of all our cloud devices ...
Continue reading
Ivan Montilla Miralles
Engineer - Information Technology
Technical Services
GB Advisors, Inc.
LogRhythm NextGen SIEM Platform1 year of experience
Log in with LinkedIn to see content from your network
Return to navigation

Pricing

View all pricing
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

N/A
Unavailable

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

48 people also want pricing

Alternatives Pricing

Trellix Helix

Trellix Helix

Free
What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Blumira

Blumira

Free
What is Blumira?

Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.

Return to navigation

Product Demos

Unleash the Power of Your SOC: LogRhythm NextGen SIEM Platform Demo | InfoSec Matters

YouTube

How to Stop Phishing Attacks with LogRhythm | LogRhythm in Action

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.4
Avg 7.8
Return to navigation

Product Details

What is LogRhythm NextGen SIEM Platform?

LogRhythm NextGen SIEM Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.

Reviewers rate Centralized event and log data collection highest, with a score of 9.

The most common users of LogRhythm NextGen SIEM Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
(1-5 of 9)

LogRhythm does what it promises.

Rating: 9 out of 10
Incentivized
June 07, 2016
SI
Stephen Ilbery
System Engineer
St. Charles County Government (Government Administration, 1001-5000 employees)
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
1 year of experience
View profile
Use Cases and Deployment Scope
We use LogRhythm to give the Information Systems Engineering department insight into our network environment.
Pros
  • LogRhythm imports log files from hundreds of devices into one, easy to search database.
  • LogRhythm sends me email alerts when various things take place on the network.
Cons
  • The upgrade process could be easier.
Likelihood to Recommend
LogRhythm provides a good view of the network equipment, traffic, and the servers.

LogRhythm is definitely worth the price especially in large organizations.

Rating: 8 out of 10
Incentivized
April 21, 2022
Verified User
Engineer in Information Technology
Information Technology & Services Company, 10,001+ employees
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
2 years of experience
Use Cases and Deployment Scope
We have deployed LogRhythm NextGen SIEM to incorporate all of our system logs, network appliances, and security servers. It provides well-profiled logs that we use in daily operational in-depth diagnosing. The SIEM also offers automated reports that review our logs daily. The inbuilt and customized dashboards monitor events' real-time security. The AI engine regulations rapidly detect malicious events and send us immediate alerts. It also issues organized reports to fully meet our HIPAA compliance needs.
Pros
  • Massive log incorporation.
  • Top notch reporting and alerting features.
  • It rapidly detects hostile activities through the AI engine regulations.
Cons
  • Executing huge web searches on web traffic can make it a bit rickety.
  • It has a tight support for cloud domains.
Likelihood to Recommend
LogRhythm is good for providing a comprehensive view of the environment. It gives a great outline of whatever is going on in our servers and systems regarding security malfunctions. The SIEM sends real-time notifications when there are some occurrences; like creating a new user and inappropriate login attempts. It also avails a good use case that meets our HIPAA compliance.

So you want to know which SIEM to buy

Rating: 9 out of 10
Incentivized
June 08, 2016
JE
Joel Eng
Content Development Lead
ReliaQuest (Computer & Network Security, 51-200 employees)
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
1 year of experience
View profile
Use Cases and Deployment Scope
I manage multiple instances of LogRhythm for customers that my company provides managed security services for. My team provides the rules, reports, and dashboards. Analysts use it to detect and respond to threats in our customers' environments. Our customers use LogRhythm to monitor their entire organizations ranging in size from 100-10,000+ end points plus network and security devices. The primary business problems that the SIEM solves is providing a single pane of glass for security while also providing a platform for conducting correlation across the network and time.

Pros
  • LogRhythm is a great SIEM to learn content on because the building blocks are very intuitive and easy to implement. All of the concepts relevant to content development are literally represented as drag and drop building blocks that can be easily manipulated.
  • The statistical building blocks contain powerful anomaly detection capabilities that are extremely difficult to implement in other SIEMs or not possible at all.
  • LogRhythm does better event classification than any other SIEM by far. My team typically drops all classification schemes from default installations of SIEMs and rebuilds them from scratch. I can actually use LogRhythms event classifications in rules without worrying about excessive partial matches or correlating unwanted events.
Cons
  • LogRhythm absolutely needs to provide back end support for threat intelligence lists. Performing a linear search on massive lists of IPs on incoming web traffic can bring the SIEM to its knees.
  • LogRhythm should drop its entire code base for implementing lists and simply turn them into hash tables to avoid the excessive cost associated with referencing lists in rules. I haven't seen the code, but the performance suggests O(n).
  • The reporting feature is the worst of all SIEMs, luckily reports are not my primary service offering. LogRhythm should definitely revamp its reporting to be more intuitive.
Likelihood to Recommend
I have seen LogRhythm reliably deployed in both medium and large sized corporations with centralized and distributed architectures. The software performs well across all scenarios.

LogRhythm Logging for the masses (of stuff you own)

Rating: 6 out of 10
Incentivized
July 17, 2020
Use Cases and Deployment Scope
It is deployed as an enterprise logging solution. It collected logs from Windows (all flavors), *nix, Cisco, Syslog, NetFlow and other sources. It provides logs that are analyzed, reported on and used in daily operational troubleshooting. It provides scheduled reports to meet the auditing and compliance needs of an HIPAA organization.
Pros
  • Great Web UI for help desk troubleshooting.
  • Identification and drilldown of authentication issues.
  • Performance trending.
  • Correlation of events.
  • Access and group policy change monitoring.
Cons
  • Reporting is based on Crystal Reports, requiring a template prior to building a report. The template once saved, cannot be edited. Repeat until you get it right.
  • Query building in the WebUI has little or no documentation.
  • Depth of training on reporting is lacking.
Likelihood to Recommend
Logging is always necessary if
1. You have audit requirements for system access
2. You need to alert and report on user activity
3. You need to troubleshoot issues
4. You want to monitor, report and alert on malicious / suspicious activity
5. You want to impress your management team with statistics...

I cannot think of any computing environment where logging is not appropriate.

LogRhythm = A good Investment

Rating: 9 out of 10
Incentivized
April 11, 2017
JS
Jacob Steffen
System Control Operations/Compliance System Administrator
Hoosier Energy REC, Inc. (Utilities, 201-500 employees)
Vetted Review
Verified User
LogRhythm NextGen SIEM Platform
2 years of experience
View profile
Use Cases and Deployment Scope
We use LogRhythm to collect logs from a variety of devices. We then use this data to alert us when certain events occur. For example if a machine is restarted or a new user account is created. Only my department is using LogRhythm for these types of situations. The big driver for us getting LogRhythm was compliance NERC/CIP regulations pushed us to purchase LogRhythm. Overall I am really satisfied with the decision we are going to continue doing business with them for the foreseeable future.
Pros
  • One is alerting when certain events take place such as when a machine reboots. This is helps to gain more transparency as to what is going on within your network.
  • The features LogRhythm offers in terms of reporting are very helpful as well. For example we can do monthly reports on a given Windows server to show all activity on that server.
Cons
  • I know in the past LogRhythm was talking about a web application for administration. I think this would be a lot better than having an application to log into.
  • I think offering more video content on their site would also be beneficial. The last time I had issues I was reading through a lot of forum postings, I was able to get the job done but in 2017 video is the king of content.
Likelihood to Recommend
Where it is more appropriate would be for alerting for near real time events such as a new user being created or machine restarting. If you don't need to have real time alerting or log aggregation I would say LogRhythm would be a bad decision. However, in an Enterprise environment you are more than likely going to want to use LogRhythm to track logs over time.
Return to navigation