LogRhythm Enterprise UEBA Review

Good file and registry activity monitoring capability, and the support team is helpful


What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients.

Customers in Sri Lanka generally purchase this product for network monitoring. 

How has it helped my organization?

Implementing this provides greater visibility into the network, as well as client activities.

What is most valuable?

This solution is really easy to configure.

The most valuable features are file activity monitoring and registry activity monitoring. Users like to have insight as to what is being modified while certain processes are running.

There is a large number of supported devices.

What needs improvement?

It would be helpful if there were more guidance provided for integrating with unsupported devices.

For how long have I used the solution?

I have been working with this solution from LogRhythm for about three years.

What do I think about the stability of the solution?

We have had no bugs, glitches, or other problems with stability.

What do I think about the scalability of the solution?

Scalability has not been an issue for us.

How are customer service and technical support?

I have been in contact with technical support and they are really good. They have guided us when we've had problems with misconfiguration.

How was the initial setup?

It took us about a month and a half to deploy this solution. The first month involved the setup and then there were two weeks of fine-tuning. In total, after six weeks we were able to bring up the system without any issues.

The deployment for our customers is usually on-premises, although there is a cloud version as well.

What's my experience with pricing, setup cost, and licensing?

The pricing is nice when compared to other products in the industry.

What other advice do I have?

Overall, this is a really good product and I recommend it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Add a Comment
Guest