LogRhythm is on beat!
September 05, 2019

LogRhythm is on beat!

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with LogRhythm NextGen SIEM Platform

This product is mostly used by our security team, but it is also used by our firewall administrator. We use it for log aggregation as well as event correlation and automation of firewall security policies. Its primary use case is to keep updated security policies regarding changing threat vectors on our internet edge.
  • Event Correlation
  • Log Aggregation
  • Security Policy Updating
  • User Interfacing
  • Troubleshooting the product itself isn't easy
  • Very Expensive
  • Less time spent managing access lists on edge firewalls
  • Increased accuracy of security policies
  • Highly increased visibility of network logs
LogRhythm is easily differentiated from the other log analysis products I've used in terms of sheer functionality. The competitors can't keep up in performance, speed, or correlation. The only thing that the other products can do to hold a candle to LogRhythm is to integrate it with their existing products and make it 'tie-in' well.
Being a major player in the market puts LogRhythm in a good place for support. Not only does their tech support have the chops to help out when you call (being a major player does well in setting them up to pay for good tech support), but other products almost have to integrate well with it to sell.
LogRhythm is best suited to an environment where there is a large number of devices with logging capabilities. Any infrastructure that is large and unwieldy would do well to implement LogRhythm. I would typically suggest it in high-security networks and networks looking to do security automation or networks with high audit requirements.

LogRhythm NextGen SIEM Platform Feature Ratings

Centralized event and log data collection
10
Correlation
10
Event and log normalization/management
8
Deployment flexibility
9
Integration with Identity and Access Management Tools
9
Custom dashboards and workspaces
8
Host and network-based intrusion detection
9

Using LogRhythm NextGen SIEM Platform

LogRhythm does a rather decent job of making the functionality advanced (allowing for advanced keyword & field searching, use of "AND" as well as "OR" statements in the search bar) while keeping it accessible (by not requiring a specific syntax to do quick searches). This combined with a user interface that has headings and labels that are intuitive is very helpful.