LogRhythm NextGen SIEM Review

The most valuable feature is the AI engine and we're able to have all of our logs in one place.

Valuable Features

The most valuable feature is the AI engine, as well as the usual SIEM product stuff. The ability to have all of our logs in one place is a big thing for me.

Improvements to My Organization

It’s brought all of our devices into one area, so I am able to understand and manage all of our devices and understand what is going on with an individual device.

Room for Improvement

The reporting aspect is difficult to use and very difficult to get your own reports. So far this is it; they have a web UI and we had a recent update which fixed a lot of bugs and added a lot of great features. But the reporting is lackluster.

Use of Solution

I've used it for 10 months.

Deployment Issues

We've had no issues with deployment.

Stability Issues

Since we purchased one of their boxes, we've had 99% uptime. The only downtime has been for updates and upgrades. So we've had no issues with instability.

Scalability Issues

We foresee that it's scalable for our future developments. At the moment, we are using half of what it’s able to do.

Customer Service and Technical Support

I've been happy with the support in the initial setup. The support in our environment was well done. For any issues, we have had someone on the phone on that day, so there have been no downtime issue. They are super nice.

Previous Solutions

We didn’t have a solution before. It's usable out-of-the-box and it covers a lot of holes. It's done its job.

Other Solutions Considered

We looked at AlienVault and Qradar.

Other Advice

Definitely do a test run, a proof of concept, so it’s understood how it’s going to work in your environment. Also, take the training that they provide; i t's super valuable.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Add a Comment
Sign Up with Email