Log management report from it central station 2018 05 12 thumbnail
Find out what your peers are saying about Splunk, LogRhythm, AlienVault and others in Log Management.
270,274 professionals have used our research since 2012.
Log management report from it central station 2018 05 12 thumbnail
Find out what your peers are saying about Splunk, LogRhythm, AlienVault and others in Log Management.
270,274 professionals have used our research since 2012.
Chart Key
Average Rating
Average rating based on reviews
Views
Number of total page views
Comparisons
Number of times compared to another product
Reviews
Total number of reviews on IT Central Station
Followers
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score. The score is calculated as follows: The product with the highest count in each area gets the highest available score. (20 points for Reviews; 16 points for Views, Comparisons, and Followers.) Every other product gets assigned points based on its total in proportion to the #1 product in that area. For example, if a product has 80% of the number of reviews compared to the product with the most reviews then the product's score for reviews would be 20% (weighting factor) * 80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our rating scale of 1-10. If a product has fewer than ten reviews, the point contribution for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews; two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.
Most Views
From IT Central Station visitors
Most Reviews
Within the last 24 months
Most Followed
By IT Central Station users
Most Compared
From IT Central Station visitors

Best Log Management Software, Tools, Solutions and Vendors

Read reviews of Log Management that are trending in the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
Logrhythm
LogRhythm
C910b3b4 0a86 4ebe 9de8 f61b4938f9d4 avatar
Real User
Senior Security Engineer at Augeo Marketing
Oct 26 2017

What is most valuable?

Provides visibility into the network. We got it for PCI compliance for the most part, and we also do SOC 1 and SOC 2 compliance, so we can show that we're secure to our clients. We have a lot of financial and other customers that care about... more»

How has it helped my organization?

It takes good log sources. We have investments in endpoint protection and Mail Gateway, and our firewalls are going to be catching up soon. To have all the logs centralized, we haven't had that before across the enterprise. We had it logging... more»

What needs improvement?

Our key challenge is working with disparate IT groups. We are a brand new security team within our organization. It's a pretty small company. They have grown their infrastructure by acquisitions, so they have a lot of separate naming... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Senior Security Analyst at a financial services firm
Nov 21 2017

What is most valuable?

The breadth and harvesting of information the SIEM is capable of doing. I've been in this probably going on 30 years, and I've seen the growth. I found a resource that's outstanding in finding information and then the most important thing,... more»

How has it helped my organization?

We're a financial service. As our title implies we deal in mortgages, which means we see a lot of personal information, credit reports, financial instruments. We're really concerned that we are able to monitor the movement of that kind of... more»

What needs improvement?

I really can't think of a particular one, I've been very satisfied with what's happening. I know they're going to get another spike in customer base, hopefully they'll have the ability to ramp up people in support along with the customer ramp... more»
Log management report from it central station 2018 05 12 thumbnail
Find out what your peers are saying about Splunk, LogRhythm, AlienVault and others in Log Management.
270,274 professionals have used our research since 2012.
Logrhythm
LogRhythm
4e3ee78b 3d3b 41a6 87fc 9e97b51fefdc avatar
Real User
Security Analyst at Xanterra
Oct 25 2017

What is most valuable?

The PCI compliance pieces that help us produce reports for our external auditor, and their support. I constantly sing the praises of their support group. It's a complicated, vast product with a lot of breadth and depth. Things go wrong. But... more»

How has it helped my organization?

Absolutely. It has helped us gain visibility into events that we didn't have before at all. We have a lot of remote locations. We manage national parks and point-of-sale devices on ships, at the top of mountains and little cabins, gas... more»

What needs improvement?

Global management for registry integrity monitoring. Right now you have to apply what they call RIM policies, Registry Integrity Monitoring policies, one agent at a time. If you have thousands of endpoint agents, you have to touch each one of... more»
Av.logo.icon type
AlienVault
Vinod shankar li?1414336887
Consultant
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Jul 06 2017

What is most valuable?

Flexible Deployment Architecture – This is where the Open Source roots really start to flex their muscles when it comes to AV USM. The main components of the architecture are as follows: * AV Sensor: AV Sensors perform Asset Discovery,... more»

How has it helped my organization?

A jack-of-all trades: The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial... more»

What needs improvement?

This product is jack-of-all trades, but master of none. As mentioned in the good, being a jack-of-all trades is well suited for certain organizations. However, the lack of mature functionality and expertise in any of those areas is a strong... more»
Anonymous avatar x80
Real User
Cyber Security Engineer at a recruiting/HR firm with 51-200 employees
Aug 24 2017

What is most valuable?

The most important feature is the ability to have the end point agent on all of our systems. And since they talk back to their cloud infrastructure, it doesn't matter if the systems are on our network or not on our network. We still get real... more»

How has it helped my organization?

We have a lot of mobile users who are not always on our network, and this gave us the ability to have full visibility into them. We're able to do real time requests and questions with the agent. So I can basically search all my agents and see... more»

What needs improvement?

Yes. The searching capability, or when you ask real time questions. The searching is pretty decent but it's still not up to par with, say, Splunk. It's much better than it used to be but it can take a little longer than you may want. Also,... more»
Logrhythm
LogRhythm
Aac16762 9b85 47e1 ad03 625e7008af6a avatar
Real User
Security Manager at a engineering company with 1,001-5,000 employees
Oct 26 2017

What is most valuable?

The ability for me to go into the Web UI, and just learn what's going on in my environment. Being able to go in and show our company's management, "Look, this is what we can see. This is what we can now know about our environment." Then,... more»

How has it helped my organization?

The benefits are almost innumerable. You can't know anything unless you are capturing the data. Once you are capturing the data, you can then make intelligent decisions around what is and is not appropriate, and what is and is not dangerous.... more»

What needs improvement?

My biggest challenge always come back to log sources. We are a manufacturing company, so we have a lot of old stuff, and it has been a challenge to get some of our old stuff to light up within LogRhythm in a way that makes sense. I have... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Computer Systems Security Technologist at a individual & family service with 1,001-5,000 employees
Oct 26 2017

What is most valuable?

It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast. Our operation is small. I am a one-man shop right now, so it gives me a chance to aggregate all my events... more»

How has it helped my organization?

We are primarily Windows-based. We have Linux. We have some Solaris. We are an isolated network. We have no connectivity to the internet, so we are more focused on insider threat and advanced persistent threat. One of the things that has... more»

What needs improvement?

The biggest thing is when you are looking at the client console:A lot of the data, the reports that you can generate, then you are given just a pie chart, a list of data, or both. I would really love to be able to take some of that and not... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Information Security Officer at a insurance company with 201-500 employees
Nov 20 2017

What is most valuable?

Any SIEM, in and of itself, should be easy to ingest data, it should also be easy for the analyst to assess the different types of events that are coming through, be able to sift through false positives, and ensure that they are only acting... more»

How has it helped my organization?

We did a bake-off with several others when we brought in LogRhythm, 10 months ago. And a lot of it was around a cost perspective. Also, its capability of easily ingesting event data from many different types of platforms. Some of the... more»

What needs improvement?

The biggest thing that we need - in one of the presentations today here at the LogRhythm User conference they were talking about it - is automating your SOC and trying to get your systems to do as much as they can do without human... more»
Sevone
SevOne
9ab814b1 2fcd 4675 9527 ca7d7b6e3714 avatar
Real User
Tests and Quality Assurance Manager at a comms service provider with 1,001-5,000 employees
Nov 02 2017

What is most valuable?

* Flexible architecture: You can extend the system and its capacity by attaching another cluster pair. * Very intuitive management interface: Adding and discovering new devices is a very simple process. * Very useful and flexible end-user GUI... more»

How has it helped my organization?

We provide customer internet access services and the 95th percentile is our target. Every month, we prepare a detailed report per customer that shows the current percentile value (does it exceed 95 or not), and we have to prepare detailed... more»

What needs improvement?

Our version is quite old. In version 5.3.3.0, we see a lot of room for possible improvement. However, from SevOne support, we received confirmation that most of those expectations are met in version 5.4.x or higher. Therefore, we have to... more»
Logrhythm
LogRhythm
1795c975 9ede 4881 96d8 fdd1e0caac50 avatar
Real User
Data Sec Program Manager at a insurance company
Nov 20 2017

What is most valuable?

The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources. Every different log has a different time stamp, it has a different user, things are in different places. But with LogRhythm... more»

How has it helped my organization?

The benefits we see are manifold, compliance. We have to store logs. We're under SOX control, we're under now New York Department of Financial Services, cyber regulations, we are under EU GDPR, loads of regulations are coming out. To be able... more»

What needs improvement?

I'm not really sure I can pinpoint any particular area that I see LogRhythm needing improvement in. I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Senior Network Systems Engineer at a non-profit
Oct 25 2017

What is most valuable?

The ability to threat-hunt and, being a small staff of five people, we can actually not put a lot of time in administration, the care and feeding of it, and get useful analytics out of it.

How has it helped my organization?

We have two facilities, roughly 500 logs per second. Microsoft shop, Cisco stack on the networking side. We run two FortiGate firewalls, and a slew of different security products that we have not integrated into LogRhythm. We haven't seen the... more»

What needs improvement?

I can't think of any features they should add because we haven't used everything they've already released. They have Office 365 logs integration. They've got this new phishing engine that we haven't used. They've got dashboards we haven't... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
CISO at Optomany
Nov 20 2017

What is most valuable?

The most valuable feature for me is that it's a single pane of glass for all of the analysts in my team. It gives us complete eyes and ears into what's going on within our environment. We run two separate installations. One is in our... more»

How has it helped my organization?

From my point of view, at a organizational level, we're able to get that insight into what users are doing, what our applications are doing, whether there is any untoward traffic coming in, whether the applications are misconfigured. It's... more»

What needs improvement?

In terms of the product, what really needs to improve are the metrics that you can get from it. We're all about mean time to detection, mean time to response, pulling those metrics out so I can put them into my KPI packs to present to the... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Operations Team Lead at Mary Kay Inc
Nov 20 2017

What is most valuable?

Most valuable feature is really providing us visibility into our infrastructure. Frequently, I'm reaching out to our partners in the business, and I'm asking them how I can assist them, and how I can improve their visibility from a security... more»

How has it helped my organization?

It's visibility. Frequently our network team - while our network security is paramount from a security perspective - our network team is really focused on keeping the network up. They're not concerned about intrusions, and potential malicious... more»

What needs improvement?

There is, of course, always, improved automation. Because, as we are continually needing more and more people from an analyst perspective, the more we can automate, the fewer people we need. If we can automate some of the lower-level things,... more»
3577479e e87f 4513 9c93 fa9a44478266 avatar
Real User
Global Security Engineering and Operations Director at a health, wellness and fitness company with 10,001+ employees
Apr 09 2017

What is most valuable?

* The ability to correlate data across our global enterprise in near real time * The ability to integrate a lot of third-party solutions * The machine learning pieces with Watson, indicators of compromise, and utilizing that across the value... more»

How has it helped my organization?

The solution has improved the efficiency of our security team. These improvements prevent the need for more proactive security activities. The improvements did not reduce our staff. It's funny, because IBM keeps on having this conversation... more»

What needs improvement?

Room for improvement is more in relation to a lot of the features, the automation of incidents themselves, and being able to automate workflow responses. Overall, I love the product. IBM usually puts good resources and talent behind things.... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Sec And Risk Lead at Baker Tilly Virchow Krause, LLP
Nov 21 2017

What is most valuable?

We're fairly new to LogRhythm. One of the things that we really liked in the deployment PoC phase was the dashboard. How easily it percolated critical information up onto a screen that we could immediately review, and drill-down to look at... more»

How has it helped my organization?

It serves several different features. We can check the checkbox for HIPAA compliance, SEC-type stuff. But really, our biggest focus was actually on our clients. Because we're an accounting firm, a lot of our clients actually audit us, or they... more»

What needs improvement?

Probably the biggest improvement and I've talked to several of the management here at the LogRhythm User conference on it, is their thin piece, which is their file integrity monitor, that we use on some of our security servers. The data sets... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Senior Network Systems Engineer at a non-profit
Nov 20 2017

What is most valuable?

Favorite feature of the product is the ease of administration. There's not a lot of overhead. We don't need a FTE dedicated just to admin the product. That was one of the biggest selling features for us.

How has it helped my organization?

We have a big issue with our users, they really like to click on links and attachments. The Phishing Intelligence Engine, is a new feature they're releasing, which is really going to have a nice fit for us. Then the CloudAI stuff they built right into the SIEM. There's nothing else you've got to do other than upgrade it to the latest and greatest version. Those... more»
Splunk logo
Splunk
4e721233 57ba 4e80 a1f5 d54f47de3574 avatar
Real User
Infrastructure Engineer at Zirous, Inc.
Jan 17 2018

What is most valuable?

The ability to view all of these different logs, then drilling down into specific times or into specific data sources, has proved to be the greatest aspect in decreasing our troubleshooting overhead time. The added security has proven... more»

How has it helped my organization?

Splunk has helped our organization mainly on our increased use of the security side. We use Splunk to monitor all machine logins (both successful and unsuccessful) and actions taken on those machines under each user. We have set up some... more»

What needs improvement?

Splunk has continually been increasing its features and also expanding and perfecting its core functionality. I would like to see it to continue to improve its predictive analytics and machine learning tools. It is not to be said that they... more»
Logrhythm
LogRhythm
Anonymous avatar x80
Real User
Systems Architect at a university with 10,001+ employees
Oct 24 2017

What is most valuable?

* The integratedness * The parsing * Their partnerships with various device manufacturers They keep it up to date, you don't have to worry about that when their products change. I think as an aggregator it works very well, and as a case... more»

How has it helped my organization?

We're an MSSB, we have about 10 or so different customers that all host with us. Currently we're licensed for 15,000 MPS, average, and we use about 8000 MPS average, consistently, and we're growing. Among our key challenges is getting... more»

What needs improvement?

I would like to see more focus on it being a data lake. We have around 100 terabytes of data stored in LogRhythm, machine data, sensor data. That all could be used for operations tasks as well. It would really be awful to have to stand up... more»
Av.logo.icon type
AlienVault
0fb052ba 70b7 457a 95ec 03d59ec28588 avatar
Consultant
Security Consultant at a tech consulting company with 51-200 employees
Jul 24 2016

What is most valuable?

As an information security consultant that works across many diverse networks, these features offer by far the most critical information when analysing a client’s environment for issues that need to be addressed:

How has it helped my organization?

We run this product on our network 24/7 and it has helped identify many important events. We take the security of our network very seriously, and this helps to quickly identify and lock down any potential vulnerabilities or events that could... more»

What needs improvement?

My biggest challenge has always been the fine tuning that is sometimes required for some networks. It requires a solid understanding of Linux and databases and how networks work. So a non-technical user may become frustrated, or not configure... more»
Anonymous avatar x80
Real User
Senior security analyst at a financial services firm with 1,001-5,000 employees
Apr 12 2017

What is most valuable?

Some of the most valuable things that I get from QRadar are the custom parsers. A lot of the syslog items I get pushed to QRadar, instead of trying to build a custom parser to parse out the information that we need in order to do our... more»

How has it helped my organization?

I think it has improved our organization by the speed at which I can run queries compared to other software that I've used in the past. It's a lot quicker and holds a lot more information. It helps keep a good cognitive overview of our... more»

What needs improvement?

I'd like to see it being able to be integrated with more security products. I'm a big Guardian user; it's nice for the bidirectional. I can do some stuff, like a SQL injection, or if something is happening. But if there were other security... more»
Log management report from it central station 2018 05 12 thumbnail
Find out what your peers are saying about Splunk, LogRhythm, AlienVault and others in Log Management.
270,274 professionals have used our research since 2012.

Log Management Articles

A1e50338 9271 40d6 b564 052fe75fc0a1 avatar
Social Media and Content Manager
IT Central Station
In his IT World Canada article, Robert Cordoray writes that log management is absolutely critical for IT security today. While plenty of companies make sure to invest in firewalls, anti-virus and other security solutions, log management solutions offer “real-time information about network... more»
A5223938 eed9 42af 9f16 9a9bd1568f21 avatar
Content and Community Manager
IT Central Station
What do users say about their their security information and event management (SIEM) tools? What added value do SIEM tools give security professionals and network engineers?  Are users satisfied with the advanced threat protection capabilities? Do the log management features meet their... more»
Anonymous avatar x30
Satheesh PanickerLogRhythm is missing in the list
Vinod shankar li?1414336887
25,036
Manager, Enterprise Risk Consulting
Dynamic 9 years of IT career, reflecting progressive experience and performance in the computer and Internet industries. Specialized in providing cutting-edge solutions to traditional Security issues; establishing strategic ideas in various domains and demonstrating self-motivation, creativity,... more>>
Reviewed IBM QRadar: Qradar vs. ArcSight
Damian scott avatar 1432837163?1432837161
983

3
Sr SIEM Consultant
More than 8 years as a security engineer with the last 4 years as a SIEM consultant working delivering solutions to multiple industries. Sr QRadar Professional Services consultant with experience delivering on prem or cloud solution. Performed SOW technical review, sizing, architecture/design,... more>>
Fdd16203 8ef5 4fdd afba 5f7acca6b477 avatar
224
Information Security Lead Consultant
Shaikh Jamal Uddin is a computer and cyber security expert and has done B.S. in Computer Engineering as well as CPTE, CEH, ECSA, Rapid7: NCA (Nexpose), Rapid7: MPCS (Metasploit), IBM QRadar Certified, TCSE (TrendMicro), KLCC (Kaspersky), MCSA, MCITP professional certifications. Recently, he got... more>>
24d140de 80d1 448c 8ece 95c2daa22510 avatar?1441887405
804
Cyber Security Advisor / CISO / Healthcare Security Pro
Mr. Christly is a seasoned Technology and Cybersecurity Executive and Consultant. He has demonstrated success aligning technology investments to streamline operations, secure corporate assets, reduce operating costs, grow sales, and develop the business in healthcare, education, telecom, and... more>>
Picture hassen trabelsi
361
IT Security Consultant
IT Security Consultant , PCI and PA DSS Compliance Manager , ISO 27001 Lead auditor , OWASP Co-Leader , Cyber Seceurity Expert, IT management Consultant.

Sign Up with Email