We performed a comparison between Datadog and LogRhythm SIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Datadog users like its customizable displays, error tracking, and advanced AI/ML capabilities. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration, and event-filtering capabilities. Datadog could enhance its usability and reduce its learning curve. Users said integration was another pain point. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: While many users spoke highly of Datadog’s support team, others reported slow support, especially in the Asia-Pacific region. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: Datadog’s setup is considered straightforward, and users often receive help from a partner or vendor. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: Opinions about Datadog's price are divided. Some users found it costly, but others thought it was acceptable. Some said the pricing model could be clearer and better explained. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: Users said Datadog saved them time and improved visibility into security blind spots. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The visibility into our network has allowed for quick diagnosis of failures, identification of underutilized or over-utilized resources, and allowed for cloud cost optimization opportunities."
"Overall, the Data UI and the usability of customer features continue to improve."
"The feature I have found most valuable is when I can reuse existing monitors and alerts for new dashboards."
"The most valuable aspect of the solution is the APM."
"The visibility that it provides is valuable. It is helping in being proactive around incident management. It is helping us to be able to get more visibility into our customers' applications so that we can assist them at the application layer. We also provide them the infrastructure from an AWS standpoint. We are able to make sure that our customers are aware of certain critical things around the analytical piece of either the network or the application. We're able to call customers before they even know about the issue. From there, we can start putting together some change management processes and help them a bit."
"Datadog agents act as an integration to different services, providing easy access and management."
"Datadog dashboards are pretty great."
"Sometimes it's more user friendly for development teams. There are some parts of Datadog that are more understandable for development teams. For example, the APM in Datadog works more manually and works like the tools in New Relic or Grafana, or Elastic. It is easier to understand for software development teams."
"It's reliable and the performance is good."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"Its ability to work with all different sorts of log sources has been extremely valuable."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
"It seems like it will scale easily with the way our environment is set up."
"We have seen a massive increase in the amount of data that we can collect, the type of things that we can see, the way we can look at logs, the way we can get alerts, and the way can create our own customer roles, which has allowed us to customize the work in our environment."
"We need more visibility into the error tracking dashboard."
"Geo-data is also something very critical that we hope to see in the future."
"The correlation between the logs and the metrics needs improvement as most cases, we might use another logging tool (that is cheaper in cost) which we then have to link together."
"We have asked technical support questions, and sometimes they don't get back to us right away. Or when they do, it is not the right answer."
"I found the documentation can sometimes be confusing."
"Even though it is powerful on its own, the UI-based design lacks elegance, efficiency, and complexity."
"The solution should provide alerts for cloud outages."
"The way data is represented can be limiting. When I first tried it out a long time ago, you could graph a metric and another metric, and they'd overlay, but you couldn't take the ratio between the two."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
"We're still struggling to get a real return on it and finding something that isn't false noise."
"I would like to see case management become more independent from LogRhythm itself."
"One thing we have mentioned to them before is that we'd like to be able to do searches, or drill-downs, directly from an alarm. When you click it and the Inspector tab slides out, that might be a good place to be able to click the host to search for the last 24 hours. I know the search is right there but it would be even nicer to just click that and then have an option to search something there."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"The product's stability needs improvement."
Datadog is ranked 3rd in Log Management with 137 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Datadog is rated 8.6, while LogRhythm SIEM is rated 8.4. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm Axon. See our Datadog vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.