Skip to main content
TrustRadius
LogRhythm NextGen SIEM Platform

LogRhythm NextGen SIEM Platform

Overview

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Read more
Recent Reviews

TrustRadius Insights

LogRhythm NextGen SIEM Platform is a versatile tool that offers a wide range of use cases for organizations of varying sizes. Managed …
Continue reading

LogRhythm is on beat!

8 out of 10
September 05, 2019
Incentivized
This product is mostly used by our security team, but it is also used by our firewall administrator. We use it for log aggregation as well …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 13 features
  • Centralized event and log data collection (20)
    9.0
    90%
  • Correlation (20)
    8.1
    81%
  • Event and log normalization/management (20)
    8.0
    80%
  • Custom dashboards and workspaces (20)
    7.5
    75%
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is LogRhythm NextGen SIEM Platform?

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

43 people also want pricing

Alternatives Pricing

What is Blumira?

Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more defend against cybersecurity threats in near real-time. It's goal is to ease the burden of alert fatigue, complexity of log management and lack of IT visibility.

Return to navigation

Product Demos

Unleash the Power of Your SOC: LogRhythm NextGen SIEM Platform Demo | InfoSec Matters

YouTube

How to Stop Phishing Attacks with LogRhythm | LogRhythm in Action

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.4
Avg 7.8
Return to navigation

Product Details

What is LogRhythm NextGen SIEM Platform?

LogRhythm NextGen SIEM Platform Video

How would you score the maturity of your security operations program? Assessing and improving your security operations maturity can help you reduce risk in your organization and prove the effectiveness of your security. The LogRhythm Security Operations Maturity Model (SOMM)...
 Show More

LogRhythm NextGen SIEM Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes SOAR functionality via SmartResponse Automation Plugins (a RespondX feature), the DetectX security analytics module, and AnalytiX as a log management solution that centralizes log data, enriches it with contextual details and applies a consistent schema across all data types.

Reviewers rate Centralized event and log data collection highest, with a score of 9.

The most common users of LogRhythm NextGen SIEM Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(70)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

LogRhythm NextGen SIEM Platform is a versatile tool that offers a wide range of use cases for organizations of varying sizes. Managed security services providers rely on LogRhythm to detect and respond to threats in their customers' environments effectively. Additionally, organizations use LogRhythm to monitor their entire infrastructure, including endpoints, network devices, and security systems, providing a comprehensive view of their network.

For information security departments, LogRhythm serves as a valuable tool for collecting logs from important systems and helps with log management in cloud environments. This allows users to identify live attacks and configure environments for customer demos. The platform also supports compliance regulations by providing auditing and compliance features, such as NERC CIP and HIPAA.

Furthermore, LogRhythm facilitates incident response and improves overall security posture by collecting logs from various systems and monitoring critical infrastructure. It allows for alerting and monitoring specific events like machine restarts or new user account creations. The drill-down feature enables users to extract information efficiently and detect problems in a well-structured manner with easy-to-understand visualizations.

Non-technical users find LogRhythm user-friendly as it requires no coding or programming knowledge, allowing them to easily build rules and manage servers. The extensive documentation, support, and community surrounding LogRhythm make it easy for users to learn and configure the highly customizable SIEM platform. Overall, LogRhythm NextGen SIEM Platform has proven to be an invaluable tool in meeting compliance requirements, improving incident response capabilities, and enhancing overall security monitoring for organizations across various industries.

Intuitive and Easy-to-Implement Building Blocks: Many users have praised LogRhythm for its intuitive and easy-to-implement building blocks that are represented as drag and drop elements. This feature has been mentioned by several reviewers, highlighting the platform's user-friendly interface.

Powerful Anomaly Detection Capabilities: LogRhythm's statistical building blocks have powerful anomaly detection capabilities that are difficult to find in other SIEMs, making it stand out in terms of event classification. Several users have commended this feature, emphasizing its effectiveness in identifying and classifying anomalous events.

Great Help Desk Troubleshooting with Web UI: LogRhythm's Web UI is highly regarded for help desk troubleshooting purposes. Users appreciate its ability to easily identify and drill down into authentication issues, performance trending, and correlation of events. This functionality has been positively mentioned by multiple reviewers.

Limited error handling: Some users have expressed frustration with the limited error handling capabilities of LogRhythm NextGen SIEM Platform. They feel that when an error occurs, the platform does not provide sufficient information or guidance on how to resolve it.

Lack of customization options: Several reviewers have mentioned that they would like more customization options within LogRhythm NextGen SIEM Platform. They feel restricted in their ability to tailor the platform to meet their specific needs and preferences.

Complex user interface: A number of users have found the user interface of LogRhythm NextGen SIEM Platform to be complex and difficult to navigate. They have mentioned that it can take time and effort to learn how to effectively use all the features and functionalities of the software.

Users commonly recommend LogRhythm's SIEM for its ease of use and monitoring capabilities, making it a good all-in-one tool for SIEM needs in larger and mid-sized setups. They consider LogRhythm one of the best SIEM tools available, praising its impact and GUI compared to RSA NetWitness. Users appreciate LogRhythm's cost-effectiveness, easy configuration and administration, as well as its ability to consume less CPU memory. They also highlight the availability of support and conferences in the community. Users suggest having patience during the initial setup and build-out process, as they believe the end result is worth it. Improved overall performance, control, and functionality with LogRhythm's instrument panel are also praised.

Furthermore, users recommend LogRhythm for companies that can develop sufficient expertise in its software and have an in-house SQL expert. They advise making the best use of LogRhythm for complete visibility of the network. Some suggestions for improvement include enhancing the dashboard process, offering a community version for trial and certification preparation purposes, adding more features to the web interface, and incorporating AI capabilities to streamline threat identification. Users find LogRhythm to be a great tool for work in medium-large size companies, suitable for achieving high fidelity security context. It is recommended for security event analysis and considered a leader in SIEM solutions that provide good support and meet customer requirements. Users suggest trying LogRhythm for better results in enterprise solutions compared to other SIEM tools.

Additionally, users emphasize LogRhythm's affordability, streamlining SIEM experience, and its suitability for mid-size and large organizations, especially those with widely dispersed endpoints and multi-tiered SOCs. LogRhythm is seen as a powerful network monitoring tool with pricing advantages. Recommendations include purchasing it for specific compliance requirements and critical environment protection, involving system administrators early to help filter traffic, and allowing multiple people to administer the system to avoid bottlenecks.

In conclusion, LogRhythm's SIEM is consistently recommended for its ease of use, monitoring capabilities, impact and GUI, cost-effectiveness, configuration flexibility, support availability, improved performance and control, integration possibilities, and affordability. It is considered a leader in the market and an alternative worth considering for organizations seeking a reliable SIEM solution.

Attribute Ratings

Reviews

(1-20 of 20)
Companies can't remove reviews or game the system. Here's why
Mohammed Younus Siddiqui | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
If you want one of the best SIEM platforms out there with in built ready to use dashboards and use cases then LogRhythm NextGen SIEM Platform is the SIEM for you. However, you will need technical training and expertise to make sure that it runs smoothly and to built your own custom use cases. And also it's expensive.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
LogRhythm is good for providing a comprehensive view of the environment. It gives a great outline of whatever is going on in our servers and systems regarding security malfunctions. The SIEM sends real-time notifications when there are some occurrences; like creating a new user and inappropriate login attempts. It also avails a good use case that meets our HIPAA compliance.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
It is well suited for infra where Info security is needed. as and when
  • Enhance decision making
  • Improve compliance & risk management
  • Improve business process agility
  • Create internal/operational efficiencies
  • Improve business process outcomes
  • Product roadmap and future vision
  • Strong services expertise
  • Product functionality and performance
  • Breadth of services
  • Strong customer focus
  • Strong user community
James Harrison, CISSP | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Incentivized
Logging is always necessary if
1. You have audit requirements for system access
2. You need to alert and report on user activity
3. You need to troubleshoot issues
4. You want to monitor, report and alert on malicious / suspicious activity
5. You want to impress your management team with statistics...

I cannot think of any computing environment where logging is not appropriate.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
I will say that the LogRhythm NextGen SIEM Platform is well suited for an organization that is not very big but has multiple log sources. Or a lot of non-technical employees who do not know how to code or do write custom queries. Typically it is a good fit for universities and mid-range startups. This has an excellent interface, dashboard, useful for managing roles, but it doesn't provide the level of customization that a technical person with knowledge of coding probably would prefer. Software like Splunk and Elastic Search are much more flexible in terms of the granularity of the search.
Score 5 out of 10
Vetted Review
Verified User
Incentivized
The LogRhythm NextGen SIEM Platform is well suited for collecting logs from Windows/NIX servers and generating alerts from certain events such as a user account being added to a privileged or administrator group. It might have issues with larger-scale deployments with regards to certain network appliances and the rate of event/log collection.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
It is suited for all kinds of organizations especially for those where IT security professionals are involved in multiple activities. LogRhythm is really easy to get used to, so even if the users don't get to spend enough time with this solution, they will still be able to understand the basic offerings.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
I'd say LogRhythm is best suited for larger environments with hundreds of servers and network devices. For smaller businesses you could probably get by with one of the many free open source logging solutions out there, though it may be harder to get up and running without some assistance. For example many years ago when we were much smaller we used a really cheap solution called Kiwi but back then we had maybe 20 servers instead of 250+ we have today and that worked fine for those, but no way could we do that now.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
I currently am leveraging LogRhythm to help me keep an eye on auditing. I have configured many different AI rules that look for specific event IDs such as users being added to administrator groups, accounts being locked out, or successful international logins. Additionally, since Windows Event logs frequently fill up and are overwritten, we use the LogRhythm SIEM as a log repository that can be searched to help identify the root cause of outages. The "second look" feature is nice as well because I can do a historical search in logs from well over a year in the past.
September 05, 2019

LogRhythm is on beat!

Score 8 out of 10
Vetted Review
Verified User
Incentivized
LogRhythm is best suited to an environment where there is a large number of devices with logging capabilities. Any infrastructure that is large and unwieldy would do well to implement LogRhythm. I would typically suggest it in high-security networks and networks looking to do security automation or networks with high audit requirements.
Ivan Montilla Miralles | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
ResellerIncentivized
A good scenario to have LogRhythm SIEM is when you have an enterprise environment with specific compliance requirements and/or if you have a critical environment you need to make sure is really protected, along with proper SmartResponse rules to take action when an alarm triggers. If your environment is mission critical, but your company is an SMB, LogRhythm might be overkill for you, as it's a solution that has a great upfront cost. The cost of investment [is] worth it given a minimum company size, but it makes sense only if you can really afford it.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
LogRhythm is very well suited for retail organizations and others with a geographically dispersed set of endpoints. LogRhythm also works very well in situations where there is a multi-tired SOC - especially if an outsourced provider is involved that can manage the upgrade process to ensure that the system is always up-to-date without requiring the support of internal resources.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
LogRhythm is well suited for managing logs from disparate systems, correlating events, and providing a comprehensive view of the environment. One of its main strengths is the continuity of dashboards, drill downs in data, searches, and alarms.
All of the screens use the same format moving from module to module, making this product very intuitive to use.
Jacob Steffen | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Where it is more appropriate would be for alerting for near real time events such as a new user being created or machine restarting. If you don't need to have real time alerting or log aggregation I would say LogRhythm would be a bad decision. However, in an Enterprise environment you are more than likely going to want to use LogRhythm to track logs over time.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.
Return to navigation