We performed a comparison between Google Chronicle Suite and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that stand out are the detection engine and its integration with multiple data sources."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Free ingestion for Azure logs (with E5 licence)"
"Sentinel pricing is good"
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"The log folder is fairly simple."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The support team is responsive."
"Google Chronicle Suite provides useful APIs."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"The tool is simple to use."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The most valuable feature of Sentinel is the dashboard."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"It makes everything easier by automating some tasks and growing with our needs."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"We'd like to see more connectors."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"There is room for improvement in entity behavior and the integration site."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"A few areas are difficult to understand for someone who has less experience using the product."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The product's default dashboard feature has a few limitations regarding availability."
"The configuration is not optimal."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool is complicated for a first-time user. It should also include newer APIs."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The dashboard and customer view should be improved"
"The solution does not allow outsourced authorizations."
"Log source integration with Sentinel needs to be improved."
"I rate Sentinel a six out of ten for scalability."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"It is an ancient product."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
Google Chronicle Suite is ranked 29th in Security Information and Event Management (SIEM) with 8 reviews while Sentinel is ranked 17th in Security Information and Event Management (SIEM) with 16 reviews. Google Chronicle Suite is rated 7.8, while Sentinel is rated 7.6. The top reviewer of Google Chronicle Suite writes "Swiftly navigates and analyzes extensive datasets without significant delays ". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". Google Chronicle Suite is most compared with Splunk Enterprise Security, AWS Security Hub, IBM Security QRadar, Rapid7 InsightIDR and Elastic Security, whereas Sentinel is most compared with Splunk Enterprise Security, IBM Security QRadar, Wazuh, LogRhythm SIEM and ArcSight Enterprise Security Manager (ESM). See our Google Chronicle Suite vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.