LogRhythm NextGen SIEM Review

It is a single pane of glass for all of the logs

What is most valuable?

  • The user interface (UI)
  • Ease of use, especially if you are starting off
  • The AI

How has it helped my organization?

Key challenges and goals: Anytime you are building a program from the ground up, there is a lot of legwork to be done to get things tuned to the point where they are usable.

Effectiveness of solution in meeting security challenges and goals: It is very effective. It is a single pane of glass for all of the logs, that not just myself, but anybody who is looking for information about how the network is behaving can use. So, not just primarily a security tool, it is a tool for everybody if it is set up that way.

What needs improvement?

We run across the odd vendor which we are using that we think are large players in their environment, but there is not necessarily a native support for their log ingestion per se, where it requires customization in order to be able to parse and accept their logs. I would also like to see them expand on some of the ability to interact with other technologies in real time via the programming platforms.

What was my experience with deployment of the solution?

It pre-existed before I got there. Once it was deployed, I have been responsible for most of the log ingestion and the tuning efforts.

What do I think about the scalability of the solution?

It seems scalable so far. I have not had to add more devices to our deployment yet, but it has yet to be discovered.

How are customer service and technical support?

We have used LogRhythm tech support and they are excellent. They have been very helpful.

Which solution did I use previously and why did I switch?

This is our first adoption of a proper SIEM product, so there is really nothing to compare it to with respect to the job that I am in right now.

How was the initial setup?

It pre-existed before I got there.

What other advice do I have?

I am very happy with the solution right now. I would absolutely recommend it and have.

Most of the basics have been tended to, and as we discover other things that we need to get more data on, and they are brought up, the company addresses them.

The most important criteria when selecting a vendor: It is very important for it to be unified.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Sign Up with Email