We performed a comparison between LogRhythm SIEM and Splunk Cloud Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."As a healthcare company, what we use it for is compliance, then to protect our data from exaltation."
"The user interface is good."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"The feature that makes it usable is the web interface."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"It allows us to automate a lot of things with a smaller team."
"I like the Cloud monitoring console feature."
"Its interconnectivity with the cloud platforms, such as Azure and AWS, was valuable."
"Splunk Cloud Platform's most valuable features are enterprise security and ticketing integration."
"The Splunk Cloud Platform has reduced our mean time to resolve. It has easily saved 20 to 30 minutes every time someone gets locked out. We get 10 or 15 instances per day where people get locked out. It definitely saves a few hours per day."
"The Splunk search is powerful compared to similar solutions. We get millions of data points within seconds."
"The most valuable feature of Splunk Cloud is the quick setup."
"We haven't had any limitations or problems connecting to our network devices."
"For my current requirements, the tool theme seems to be meeting my requirements, from a cost and requirements perspective."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."
"The software needs to work on its pricing."
"We've had issues with scaling and local support."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"The console installation is an area with a shortcoming in the solution that needs improvement. If LogRhythm SIEM can offer a web console, it would be great."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"I have not come across anything that I would consider missing as such. If anything, sometimes we have dashboards that would not go into the dark mode. It is a minor issue, but it is the only thing that I wish was there. The dark mode would definitely help."
"The dashboards should be easier to customize."
"It needs to mature; it's just getting established in the industry on a wider scale."
"Support could be improved."
"Customization could be simplified."
"The search for bulk data needs to be improved. When we were looking for the flow, we had to search really hard. I wanted to request the Splunk team to add some features for better search because getting the flow of the bulk data was sometimes hard."
"From an enterprise standpoint, we are more limited in terms of what data we can export and how we can present it."
"There could be better searches, but mainly, it needs to improve the performance with a vast amount of data. That will make it better and easier to use."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Splunk Cloud Platform is ranked 3rd in Data Visualization with 37 reviews. LogRhythm SIEM is rated 8.4, while Splunk Cloud Platform is rated 8.0. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Splunk Cloud Platform writes "Does not require backend maintenance, is easily integrated and utilized". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Microsoft Sentinel, whereas Splunk Cloud Platform is most compared with Wazuh, Splunk Enterprise Security, Fortinet FortiAnalyzer, AppInsights and Check Point Security Management. See our LogRhythm SIEM vs. Splunk Cloud Platform report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.