We performed a comparison between Elastic Security and LogRhythm SIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, but there have been occasional delays and knowledge problems.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"It's not very complicated to install Elastic."
"The scalability is good. It can be scaled easily in the production environment."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The most valuable feature is the speed, as it responds in a very short time."
"The product has huge integration varieties available."
"It's very customizable, which is quite helpful."
"I find LogRhythm's log management capabilities to be beneficial."
"The most valuable features would be the automation, reporting, and the support."
"Technical support has always been helpful."
"NextGen SIEM's best feature is how it presents logs."
"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"AXON has the ability to add and compare use cases."
"The initial setup is pretty easy."
"The product is great for medium to large-scale organizations."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"There isn't really a very good user experience. You need a lot of training."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"The solution could offer better reporting features."
"I would really like to see some type of group or global management for RIM policies,"
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"I would like to see more integration with more products that are out there within the same security field."
"My biggest complaint is documentation. Everyone tells me, "We have documentation on the Community site." I have searched for different types of documentation on numerous occasions, and it might be there, but it's not easily findable."
"LogRhythm NextGen SIEM could improve by adding more applications for the banking sector. There are not any custom applications at this time."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"The responses provided by the cloud team are inefficient."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. Elastic Security is rated 7.6, while LogRhythm SIEM is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and ArcSight Logger, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Graylog. See our Elastic Security vs. LogRhythm SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors and best Log Management vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.