LogRhythm NextGen SIEM Review

It quickly allows me to get into forensic data, but while I have some of the beefiest data that they provide, I can still overrun the system.


What is most valuable?

The speed at which I can get into forensic data is the most useful thing.

What needs improvement?

It’s very easy to overwhelm the system. I have some of the beefiest data that they provide, and I can still overrun the system.

The native ability to identify the correct time of logs and data also needs work, e.g. if I bring in a system log data stream, LogRhythm's ability to natively say it's a Cisco firewall or a Palo Alto firewall -- sometimes it struggles to identify the device.

For how long have I used the solution?

I've used it for 18 months.

How are customer service and technical support?

I love the tech support people. Everyone I have worked with knows their stuff, which is great. I have worked with other SIEM products before and it was hard to find a knowledgeable person. At LogRhythm, everyone I have talked to has been incredibly good.

Which solution did I use previously and why did I switch?

We were a RSA Envision customer. Our platform was going away, so that’s one of the reasons we switched. We weren’t really impressed with the security analytics platform that they wanted us to move to. We didn’t want to make the investment they wanted. For our industry they were lacking.

I had seen LogRhythm before, and back then a few years ago, they weren’t a player in the market. Since then they have moved to a much better security analytics platform. For what we need, LogRhythm is a perfect fit.

How was the initial setup?

It was very straightforward.

What about the implementation team?

We did it in-house.

What was our ROI?

We have had the production environment up now for over a year. I foresee a ROI. The thing about a SIEM, is that it allows you to get a visibility quicker. It’s hard to quantify that soft cost. I’d say we are there or about to be there.

What's my experience with pricing, setup cost, and licensing?

I'm not a fan of the big names in the space. I recommend it as a solution for medium to large business.

What other advice do I have?

I’m in contact with them on a very frequent basis. I work with my contact a few times per month. I can’t complain about them at all.

**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest