We performed a comparison between LogRhythm SIEM and Splunk Cloud Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"It allows us to automate a lot of things with a smaller team."
"The dashboards in the LogRhythm SIEM really help us as a starting point. It gives us a starting point we can go to every day. We walk through several dashboards to see anomalous activity for further investigation."
"In terms of security, LogRhythm NextGen SIEM is great."
"I would rate the product a ten out of ten. The solution is very user-friendly and straightforward. The tool's report customization is interesting."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"Compliance reporting is another great feature of this product. It has built in reports right out of the box."
"The most valuable feature is we don't have to deal with any back-end server maintenance because the solution is cloud-based."
"Splunk Cloud's most valuable features are log aggregations, dashboarding, business management, reporting, and business controls. Additionally, it has awesome indexing and the solution is always improving"
"I can trace an event back to its root cause. I can find the root cause instead of just looking at the symptoms across different things."
"The most valuable feature of Splunk Cloud Platform is the alerting feature."
"The ability to correlate data and then present it in a meaningful and valuable way is crucial."
"Splunk helped reduce our mean time to resolve by around 60%."
"This is a complete log reporting tool."
"he cloud performance is good."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"We need to get better training for things like creating code and playlists. The way it's done now takes a long time."
"The web and on-premise console interface should be the same instead of having a separate engine for each."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"We have gone through a few versions which has caused a lot of instability. We have logged a lot of hours with professional services."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"My biggest issue - I know that they say they're doing it - is that the API-building is extremely important. They keep saying it's coming, it's coming. It's not coming fast enough. I don't care if they need to double their team size to get it out there quicker, the world is already in the cloud and we can't monitor it. That's a big problem for us. My boss keeps coming to me about it. That's an issue."
"The Splunk interface is on-premises, so we have limited access to Splunk Cloud. Splunk support is not so good on Splunk Cloud. The Splunk side of the Splunk Cloud should also be more customizable. Integrating Splunk UBA, Splunk Phantom, and Splunk Cloud is also a bit difficult."
"Splunk should increase the frequency of new feature releases, particularly those related to real-time operational flow monitoring and analytics reporting."
"The only thing that is missing from Splunk Cloud is the command-line interface."
"The administration could use improvement. We have to rely on support more often than we're used to."
"When one of my customers needs an app, and I am able to find that app on the Splunk base, I have to create a ticket and wait for five days for them to download the app into the cloud environment. That is probably one of the main things. It is painful because I have to wait to get that app in the cloud."
"Splunk currently manages the components, which restricts our ability to access them directly."
"Splunk Cloud Platform needs to be made more user-friendly because it's not user-friendly."
"The pricing model makes the product costly."
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Splunk Cloud Platform is ranked 3rd in Data Visualization with 36 reviews. LogRhythm SIEM is rated 8.4, while Splunk Cloud Platform is rated 8.0. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Splunk Cloud Platform writes "Does not require backend maintenance, is easily integrated and utilized". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm Axon, whereas Splunk Cloud Platform is most compared with Wazuh, Splunk Enterprise Security, Fortinet FortiAnalyzer, AppInsights and Check Point Security Management. See our LogRhythm SIEM vs. Splunk Cloud Platform report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.