- Ability to collect logs
- File integrity monitoring
It has helped. We are still not very mature in our use of the product, but we are trying to get there. We are pretty small on the security side, but it has helped to give us visibility into our point of sale applications.
Just maturing is one of our biggest challenges, and really leveraging all the tools that LogRhythm provides. Just keeping up with it.
Just integration into our ticketing system, which we're using service now. Just being able to integrate LogRhythm with that so we can track incidents.
Continued support to help us understand the solution better.
It is very scalable, though we have not scaled it yet.
It is very good. LogRhythm has also contributed some sales engineers to help us, We have also participated in a weekly call, and we did an evaluation of that for 90 days. This has also been very helpful.
We were using another product called AlienVault. The main driving factor behind looking for this solution was our PCI compliance requirement. We switched from AlienVault due to a lack of parsing rules providing by them, and LogRhythm provided those parsing rules for various devices we were collecting information from.
I was involved in the initial setup. It was very straightforward. I had used a different product previous to LogRhythm, so I had a basis of what I wanted to compare to. I was able to take that little bit of experience and bring it to LogRhythm, and ask them how do I accomplish these goals, and it was very straightforward. They helped through that process.
I can't remember anymore.
Though LogRhythm's involvement in providing quick answers to some of the criteria that we wanted to accomplish (5-10 things), and they were able to come up with those answers very quickly.
Make sure that what data you are collecting is usable. That is probably the biggest advice. Because the first product we used, we had problems just understanding the data presented in the SIEM console.
It's nice if the solution is a unified end-to-end platform, but it is not a deal breaker.
Most important criteria when selecting a vendor: Support after implementation is probably the biggest.