We performed a comparison between Sumo Logic Security and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup is very simple and straightforward."
"The product can integrate with any device."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"It helps a lot because we can troubleshoot issues pretty easily."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The solution is quite stable."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"Dashboard and the customization of the items and triggers are the most valuable features."
"The overall functionality of Zabbix is very good. The monitoring of bank applications that Zabbix provides is great. The information is displayed on a dashboard that is easily viewed."
"The flexibility of this solution is amazing."
"It's a very reliable platform and we've never had any issues regarding the scalability or the stability of Zabbix."
"Zabbix is very easy to implement."
"The pricing of the product is reasonable."
"The initial setup was very quick. The first time it was long because I didn't know it yet. I was only using Windows. The first time was very difficult because of the operating system."
"The product is very stable."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The on-prem log sources still require a lot of development."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The integration with multiple sources could be better."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"The initial setup is the most stressful, like learning how to use it."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"Sumo Logic needs to make sure integrating solutions are seamless."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"I had problems using Zabbix when working with SUSE Enterprise; many companies use SUSE."
"Zabbix can use better documentation and support for troubleshooting."
"In the next release, I'm hoping for features targeted towards larger users with more customizable options. Despite this, I think pre-canned reports that can be used straight out of the box would be beneficial rather than having to configure each report individually. Additionally, a deeper dive into software configurations on the machines would be useful, although I understand there may be challenges in implementing this due to scripting requirements. More documentation would also be appreciated."
"There's a small module of APM, however, it is not an enhanced version. People usually ask for a full-fledged APM solution."
"The event correlation could be better."
"The product delivers false positives during reporting because of flapping. Other reasonably priced alternatives may have better performance."
"There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc."
"If you want to use all of the features then you have to pay a licensing fee."
Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews while Zabbix is ranked 1st in Network Monitoring Software with 100 reviews. Sumo Logic Security is rated 8.6, while Zabbix is rated 8.2. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Sumo Logic Security vs. Zabbix report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.