LogRhythm NextGen SIEM Review

It allows us to detect and remediate Advanced Persistent Threats, but the log management database needs to be more efficient.


Valuable Features

  • Investigation
  • Advanced Intelligence Engine
  • Alarming and Response

Improvements to My Organization

We have made this the foundation of our security intelligence within our organization. It has allows us to detect and remediate Advanced Persistent Threats.

Room for Improvement

I would like to the log management database perform more efficiently.

Use of Solution

I've used it for five years.

Stability Issues

Some minor bugs with the mediator. Those have been fixed in patch releases a long time ago.

Customer Service and Technical Support

Customer Service:

9/10.

Technical Support:

9/10.

Initial Setup

Setup was fairly straightforward. We were up and running with coverage of most log sources within two days.

Implementation Team

We implemented it in-house. Active Directory import makes initial configuration quick and easy.

Other Solutions Considered

We also evaluated Splunk, and we chose LogRhythm as the correlation rules performed it handled clients on DHCP better.

Other Advice

We recommend that people implementing it choose to log everything, including logs from desktops, laptops, servers, switches and routers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
2 visitors found this review helpful
Add a Comment
Guest
Sign Up with Email