We performed a comparison between LogRhythm SIEM and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It seems like it will scale easily with the way our environment is set up."
"We integrated Azure logs with it and that makes it simpler. Rather than having to log into the portal, we can just check everything in one place. We can compare those to our Windows and host logs to see if any problems correlate between them."
"LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"The product is great for medium to large-scale organizations."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner."
"Overall effectiveness is very good. I like how it is oriented to both analysts and technical support people. It's easily adopted by end users as much as by technologists."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"It makes everything easier by automating some tasks and growing with our needs."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"The tool is simple to use."
"Technical support could use a little work in the terms of responding back. The feedback that we received is they do need a little more staff."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"Move it to Linux. I would like to see it get off the SQL Server."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"The built-in functionality of the solution for NDR, SOAR, SIEM, and EDS has room for improvement."
"In terms of blind spots, we are looking for more improvements since we don't have visibility over everything."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"I would like to see a better reporting work structure on the dashboard."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"The solution does not allow outsourced authorizations."
"It is an ancient product."
"The dashboard and customer view should be improved"
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Sentinel is ranked 18th in Security Information and Event Management (SIEM) with 15 reviews. LogRhythm SIEM is rated 8.4, while Sentinel is rated 7.6. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm Axon, whereas Sentinel is most compared with IBM Security QRadar, Splunk Enterprise Security, Google Chronicle Suite, Wazuh and ArcSight Enterprise Security Manager (ESM). See our LogRhythm SIEM vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.