We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The program is stable and it gives me great visibility."
"The solution allows for a lot of customization."
"It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation."
"The report templates are valuable. It works very well, and integrations also work well."
"The event handling solution in the platform is very good and useful."
"The most valuable feature is the capability to create a customized dashboard."
"The ability to gather all gateway information and logs in a single location is the most valuable feature."
"The most valuable features of Fortinet FortiAnalyzer are the GUI and there is automation that can be done with playbooks and mini-books."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"We now have a central point of monitoring for all potential threats."
"The major feature of this solution is its easy configuration which helps different team members to work on it effectively. This kind of feature is not available in other solutions because of a request for specialised schemes for configuration report extraction and searching. Another feature that I really admire is the significant improvement in the compliance in the auditing process by the solution. Our organisation-specific complaints require where the mailbox data needs to be forwarded, stored and searchable for a certain time period. This solution categorises data based on different types, which include cold, warm and hot data. These features allow faster and easier extraction of any data even if the event was occurring several years ago. I also like other features, especially user behaviour analysis and automation. If suddenly someone accesses your side or an unusual traffic is recorded from a user the solution flags it very effectively."
"I find LogRhythm's log management capabilities to be beneficial."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"The initial setup process is very user-friendly."
"Our clients enjoy having one dashboard to monitor their environments in real time."
"The most useful feature that I've found so far is the search function. I like all the different ways you're able to search through metadata and the different ways you're able to correlate or search through logs to find out what's going on."
"The solution can improve the incident response function to provide more detailed information on where the incident is originating."
"We would like to see some improvement on the upgrade process around this solution. There are sometimes communication issues when a new version of the firewall is implemented, and it fails to report back to this product."
"The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls."
"The solution is expensive."
"The user interface could be a bit more user-friendly."
"Fortinet FortiAnalyzer should come bundled with other Fortinet solutions. Additionally, the performance and updates could improve. They need to test their updates better so there are not as many bugs."
"The solution lacks business intelligence features. It's much too basic."
"The following could be better: operation and maintenance, high-availability architecture, and management link embedded in the transmission link."
"The software needs to work on its pricing."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"The initial setup is not so easy because it is quite a process."
"We have gone through a few versions which has caused a lot of instability. We have logged a lot of hours with professional services."
"Move it to Linux. I would like to see it get off the SQL Server."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and Datadog, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Elastic Security. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.