LogRhythm NextGen SIEM Review

We're able to create customized monitoring reports that extract info from event logs.


Valuable Features:

  • Reporting - we need to do a lot of security monitoring
  • It doesn't have a lot of forensics, but we appreciate fact that it has the capability
  • The ability to collect a lot of information, as we have 200 users and a lot of log sources

Improvements to My Organization:

The fact we're able to create customized monitoring reports that extract info from event logs, helps us a lot. We used to have ad hoc reports created by IT department, which meant they could manipualte content. if they ever wanted to tamper with output. Now, there's no risk for us to worry about.

Room for Improvement:

Lots of concern these days regarding vulnerability, and being able to interface with other tuypes of applications when creating event log. We have lots of other applications to monitor. Logrhythm can extract that info, but some require converting before LogRythem. Windows logs don't need converting, but SQL, & XML do require conversion and monitoring.

Other Advice:

You should consult with LogRhythm experts because there are lots of features and customizations, and you need to figure out what's needed for your specific environment, for example, regulatory compliance issues. They do great job of making clear what's needed.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email