LogRhythm NextGen SIEM Review

It has helped to give us visibility into our point of sale applications


What is most valuable?

  • Ability to collect logs
  • File integrity monitoring

How has it helped my organization?

It has helped. We are still not very mature in our use of the product, but we are trying to get there. We are pretty small on the security side, but it has helped to give us visibility into our point of sale applications.

Just maturing is one of our biggest challenges, and really leveraging all the tools that LogRhythm provides. Just keeping up with it.

What needs improvement?

Just integration into our ticketing system, which we're using service now. Just being able to integrate LogRhythm with that so we can track incidents.

Continued support to help us understand the solution better.

What do I think about the scalability of the solution?

It is very scalable, though we have not scaled it yet.

How is customer service and technical support?

It is very good. LogRhythm has also contributed some sales engineers to help us, We have also participated in a weekly call, and we did an evaluation of that for 90 days. This has also been very helpful.

Which solutions did we use previously?

We were using another product called AlienVault. The main driving factor behind looking for this solution was our PCI compliance requirement. We switched from AlienVault due to a lack of parsing rules providing by them, and LogRhythm provided those parsing rules for various devices we were collecting information from.

How was the initial setup?

I was involved in the initial setup. It was very straightforward. I had used a different product previous to LogRhythm, so I had a basis of what I wanted to compare to. I was able to take that little bit of experience and bring it to LogRhythm, and ask them how do I accomplish these goals, and it was very straightforward. They helped through that process.

Which other solutions did I evaluate?

I can't remember anymore.

Though LogRhythm's involvement in providing quick answers to some of the criteria that we wanted to accomplish (5-10 things), and they were able to come up with those answers very quickly.

What other advice do I have?

Make sure that what data you are collecting is usable. That is probably the biggest advice. Because the first product we used, we had problems just understanding the data presented in the SIEM console.

It's nice if the solution is a unified end-to-end platform, but it is not a deal breaker.

Most important criteria when selecting a vendor: Support after implementation is probably the biggest.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email