We performed a comparison between Grafana Loki and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The pricing of the product is excellent."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The most valuable feature of Grafana Loki is the dashboards which are really simple to create."
"The log collection feature is good and the solution is easily understandable. v"
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"I appreciate the capability to process logs from microservices and seamlessly integrate them into Grafana."
"We are using Grafana Loki as a database for real-time metrics."
"The tool can be used in multi-cluster environments."
"The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events."
"It helps a lot because we can troubleshoot issues pretty easily."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"We can integrate threat intelligence solutions into the product."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"There is room for improvement in entity behavior and the integration site."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The solution should allow for a streamlined CI/CD procedure."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"The solution has shortcomings regarding security monitoring-oriented features that need improvement."
"The Docker container partition feature needs improvement as they do not reuse the space and goes into a pending state."
"My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption."
"We had a well-structured dashboard with a functional query. However, an issue arose when the Kubernetes pod restarted. The statistics from our Grafana query would reset, dropping to zero and starting anew. This was particularly noticeable with linear graphs, which are expected to show consistent growth."
"The correlation of requests is not simple in Grafana Loki and can be improved."
"The solution's scalability depends on the team managing the Grafana instance."
"We encountered certain limitations when it came to alerting, particularly when dealing with specific data sources."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"Sumo Logic Security is expensive, and its pricing could be improved."
"The solution should improve its UI."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"There are some API gaps that are missing."
Grafana Loki is ranked 13th in Log Management with 12 reviews while Sumo Logic Security is ranked 20th in Log Management with 18 reviews. Grafana Loki is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Grafana Loki writes "Effective for Logging, recovery from node failures is fast and single UI supports metrics, logs, and even tracing". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Grafana Loki is most compared with Graylog, Wazuh, syslog-ng, Splunk Enterprise Security and Logstash, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and LogRhythm SIEM. See our Grafana Loki vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.