We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The most valuable feature of Fortinet FortiAnalyzer is its performance."
"It is very stable and reliable."
"The initial setup is pretty straightforward."
"The anti-virus protection it offers our clients is solid."
"There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections."
"Fortinet FortiAnalyzer is a complete package for managing our equipment."
"Technical reports clearly identify system checks, locations and areas, how many times things escape, which firewall is affected, and source IDs."
"The product can scale."
"Even other products we have that feed into it, instead of having to watch all of them we only have to watch one. For example, we have CrowdStrike, so instead of having to pay attention that solution - because their dashboard doesn't really pop when an alarm comes up - we can see issues with the red on the LogRhythm alarm. That is very nice."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"It's reliable and the performance is good."
"The product is great for medium to large-scale organizations."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"Provides visibility into the network."
"Fortinet FortiAnalyzer could improve the user interface, and the experience of users receiving the reports and tracking could be better."
"The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better."
"The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls."
"The pricing could be better."
"From my point of view, at this time, the solution isn't lacking any features or functionalities."
"The product should be integrated with other third-party solutions for context exchange."
"I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
"They could improve the user interface a bit."
"Appliance-based setups can sometimes pose scalability issues"
"Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution."
"The solution is likely not the best option for a smaller organization."
"It is a product that is very hard to use."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 85 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and Datadog, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Elastic Security. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.