We performed a comparison between Coralogix and LogRhythm SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Free ingestion for Azure logs (with E5 licence)"
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The initial setup is straightforward."
"The solution is easy to use and to start with."
"The solution offers very good convenience filtering."
"Numerous data monitoring tools are available, but Coralogix somehow fine-tunes our policies and effectively supports our teams."
"The best feature of this solution allows us to correlate logs, metrics and traces."
"A non-tech person can easily get used to it."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
"LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"Their customer support is friendly and willing to help."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"It would be helpful if Coralogix could integrate the main modules that any organization requires into a single subscription."
"The user interface could be more intuitive and explanatory."
"We want it to work at what it is expected to work at and not really based on the updated configuration which one developer has decided to change."
"Maybe they could make it more user-friendly."
"The documentation of the tool could be improved"
"From my experience, Coralogix has horrible Terraform providers."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"The solution is likely not the best option for a smaller organization."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"Scalability-wise, it's not that great."
"Technical support could use a little work in the terms of responding back. The feedback that we received is they do need a little more staff."
"I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph."
Coralogix is ranked 23rd in Log Management with 7 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Coralogix is rated 8.4, while LogRhythm SIEM is rated 8.4. The top reviewer of Coralogix writes "Good capabilities, has a helpful interface and is straightforward to set up". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Coralogix is most compared with Datadog, Grafana, Sentry, New Relic and Prometheus, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm Axon and Fortinet FortiSIEM. See our Coralogix vs. LogRhythm SIEM report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.