LogRhythm for your SIEM Needs
October 12, 2016

LogRhythm for your SIEM Needs

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with LogRhythm

It is being used to not only to help us achieve PCI compliance but collect logs from various systems to monitor the landscape and critical infrastructure systems. It alerts us to various anomalies that we set up to monitor such as the use of privileged accounts within the environment.
  • Easy to set up/configure out of the box.
  • Easy to manage/administer.
  • Quickly processes logs/events within the central console for review.
  • Allows us to correlate activities across multiple systems we capture logs/events for.
  • The upgrade process from version 6.x to 7.x was a bit messy.
  • Should be able to update software within the application for minor updates without the need to download separate software from the support portal.
  • We were able to retire a few older log collection platforms that we had in house. There were 2-3 systems doing the job of LogRhythm.
  • We were able to bring some part of the analysis of events back in house and not rely on third party MSS.
LogRhythm was simpler to set up and configure as well as extract information from. It also was less intrusive in terms of how many appliances were needed to implement. We were up and running within 5 hours to start accepting log sources. We selected LogRhythm as well since support is based in the USA in Colorado.
It helps achieve various aspects of compliance needs and requirements. It also provides a nice overview of what is going on within the environment in respect to security threats. It is less appropriate if there is no internal team that can properly manage it and respond to alerts/events that are triggered.

LogRhythm NextGen SIEM Platform Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Custom dashboards and workspaces
Host and network-based intrusion detection