We performed a comparison between LogRhythm SIEM and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"We have no complaints about the features or functionality."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"It supports most standard log sources."
"AXON has the ability to add and compare use cases."
"The user interface is good."
"As a healthcare company, what we use it for is compliance, then to protect our data from exaltation."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"Their customer support is friendly and willing to help."
"We are able to monitor our virtual infrastructure, virtual machines, windows servers, databases, and the network using a simple network management protocol. We are able to pull almost all the metrics that we want, receive notifications, and have them integrate with telegrams for certain devices that are critical, such as UPSs."
"It is a great product. The SNMP protocol tracking feature is good. I really like how it tracks SNMP. The alerts are also great."
"It meets my organizational needs. It's pretty easy to use."
"It not only provides the preconfigured item monitoring feature, but it is also easy to configure custom items."
"It has good graphs of what is going on within the operating system."
"The initial setup was very quick. The first time it was long because I didn't know it yet. I was only using Windows. The first time was very difficult because of the operating system."
"The solution's design has recently changed and it is visually pleasing with more color, for example, there is blue, black, and white."
"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software."
"I would like to see more AI used in processes."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"We'd like also a better ticketing system, which is older."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The AI capabilities must be improved."
"The solution should allow for a streamlined CI/CD procedure."
"Sometimes the error-logging is not altogether helpful. For example, on an upgrade, a systems data processor, a Windows box, was throwing an error code like 1083. Then it just stopped and it died right out of the installer and nobody looked. We searched through Google and what it means is the Windows Firewall wasn't turned on so that it could create a rule for the product. Why wouldn't they bubble up that description so that I wouldn't have to call support and I could just know, "Okay, the firewall wasn't turned on. Turn it back on. Re-run the installer and keep going.""
"We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades."
"The product's stability needs improvement."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"I would like to see our vulnerabilities counter. We will be using Tenable to fill that void right now."
"LogRhythm NextGen SIEM is currently based only on the Windows platform. This means that some of our customers have to purchase a Windows license elsewhere. If LogRhythm can move to a Linux platform or a proprietary platform, it would be very helpful."
"Appliance-based setups can sometimes pose scalability issues"
"The integration of the product is not so easy, especially when it comes to the application database."
"The solution needs to add features for finding loopholes or problems and their root causes."
"Look and feel."
"If you want to use all of the features then you have to pay a licensing fee."
"Zabbix technical support is sold separately."
"There are areas of improvement. The database grows really fast. So, when you install Zabbix, you have to deal with some issues, like the database. We become pretty big very fast."
"Zabbix isn't very good at automation just yet."
"Zabbix claims that there is an auto-discovery process but my team member was facing difficulty and was told that it's not really automatic, and there are some manual steps."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. LogRhythm SIEM is rated 8.4, while Zabbix is rated 8.2. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Fortinet FortiSIEM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.