LogRhythm for your SIEM Needs
Anonymous | TrustRadius Reviewer
October 12, 2016

LogRhythm for your SIEM Needs

Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with LogRhythm

It is being used to not only to help us achieve PCI compliance but collect logs from various systems to monitor the landscape and critical infrastructure systems. It alerts us to various anomalies that we set up to monitor such as the use of privileged accounts within the environment.
  • Easy to set up/configure out of the box.
  • Easy to manage/administer.
  • Quickly processes logs/events within the central console for review.
  • Allows us to correlate activities across multiple systems we capture logs/events for.
  • The upgrade process from version 6.x to 7.x was a bit messy.
  • Should be able to update software within the application for minor updates without the need to download separate software from the support portal.
  • We were able to retire a few older log collection platforms that we had in house. There were 2-3 systems doing the job of LogRhythm.
  • We were able to bring some part of the analysis of events back in house and not rely on third party MSS.
LogRhythm was simpler to set up and configure as well as extract information from. It also was less intrusive in terms of how many appliances were needed to implement. We were up and running within 5 hours to start accepting log sources. We selected LogRhythm as well since support is based in the USA in Colorado.
It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.

LogRhythm NextGen SIEM Platform Feature Ratings

Centralized event and log data collection
10
Correlation
10
Event and log normalization
10
Deployment flexibility
10
Integration with Identity and Access Management Tools
10
Custom dashboards and views
10
Host and network-based intrusion detection
10