We performed a comparison between IBM SevOne Network Performance Management (NPM) and LogRhythm SIEM based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We've had great feedback from our customers about SevOne support. They're willing to set up a remote session upon request. You have to go through three tiers of support with most vendors, and they ask a lot of screening questions before they will do a remote session. You need to spend a lot of time before an engineer will host a remote session to look at your problematic system."
"SevOne’s data collection functionality is very good. From a collection point of view, we pull SNMP data, which is simple. It is easy to manipulate the pull in the estate. It is really simple compared to some of the other products that we have used. However, for deferred data, i.e., things that we import or don't pull directly, we tend to have a preplanned integration. So, its Universal Collector is really useful."
"The most valuable feature as of late has been the API integration with ServiceNow."
"The monitoring of the network is very customizable. That is its unique feature."
"With this tool it is interesting to show the info to the client and explain where the traffic is."
"One of the solution's biggest strengths is its capacity management performance, with out-of-the-box reports through NMS, as well as its ability to collect NetFlow-related data from devices. The collection of network performance and flow data is important because we have many critical business applications."
"The automation feature is good because if your CMDB is OK and it is already in sync, then the automation part is good to go."
"Data Insight reporting tool is the most valuable feature. They came up with it a couple of years ago. The most pleasing factor is the dark theme. You don't have a white background. It has templates that you can create for all kinds of reports that you can hit on the fly. It's much better printing of the reports. If you want to send PDFs to people, the reports are actually decent. Whereas for years, the old architecture of the PDFs was rubbish and even our customers said, "We have to manipulate your PDFs because they all have bad margin breaks. SevOne fixed that a couple of years ago with the new Data Insight. It's fantastic."
"It supports most standard log sources."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"The most valuable features would be the automation, reporting, and the support."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"The PCI compliance pieces that help us produce reports for our external auditor, and their support."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"As a SIEM, probably the best feature is that it can be tuned effectively. There are very few SIEMs out there that can be effectively tuned to provide you with meaningful information and not be overwhelmed."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"The GUI: both the dashboard/user view and the admin tool."
"In terms of having a complete view of our network performance, I would rate it a nine out of 10. The reason for not giving it a 10 is that there is no packet capture associated with SevOne, but we do have other tools in place to do that."
"Their virtualization solution is not compatible with our Kubernetes environment, which is one of the reasons we are ending our relationship with them."
"There are some tweaks and enhancements that I've already requested. One is to be able to make changes per device rather than as a global setting. That has to do with naming. It's minor."
"The customizations are very hard. The person doing it has to be very good at analytics and has to be very good in all languages"
"User-friendly, multi-tenancy."
"I would like to see live maps as an added feature. Also, build modules on AI and EML to provide better data insights that would proactively tell us what we should be looking after."
"With the administrative management of the appliance, if some object appears from SevOne because something changed in the network or whatever, then as an administrator you will not be aware. If you are using this object in a report, this object will disappear from the report and you will not be aware of it. So, if you have 1,000 reports, you cannot always check these reports everyday to see if objects are missing or information has disappeared. We don't have any information on alerts, saying that something is happening there and maybe we need to take action. If an object was replaced by another one, or if a link was replaced by another one, then the graph needs to be changed because it doesn't exist in the graph anymore. However, we don't have this information."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
"We would like to see more things out of the console into the web UI. I guess this is what they are doing in 7.4."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"The log storage capacity should be increased."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"The security playbook could be pre-defined and available to other analysts with similar security issues."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 31st in Log Management with 53 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.4, while LogRhythm SIEM is rated 8.4. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". IBM SevOne Network Performance Management (NPM) is most compared with Instana Infrastructure Monitoring, LogicMonitor, SolarWinds Network Device Monitor, Splunk Enterprise Security and NETSCOUT nGeniusONE, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm Axon. See our IBM SevOne Network Performance Management (NPM) vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.