LogRhythm NextGen SIEM Review

Enabled us to build alarms that allow us to react to issues quickly


What is our primary use case?

Our primary use case is incident response and alerting. In terms of performance, it's pretty awesome.

How has it helped my organization?

It has saved us a lot of time. We've built some pretty cool custom alarms to alert us on stuff that we know is bad so we can respond to issues pretty quickly.

What is most valuable?

The AI Engine is the most valuable feature.

What do I think about the stability of the solution?

We've had no issues with it regarding stability. It's been pretty rock solid.

What do I think about the scalability of the solution?

Scalability has been a little tougher for us. We're definitely looking to scale up. We've got a few log sources that we don't have in there that we need to get in there, but it's going to take a little additional effort.

How is customer service and technical support?

Technical support is fantastic.

What other advice do I have?

It's been pretty great. For us, the use case is all about generating actionable alerts and alarms and seeing how much we can reduce manual operations, so that's what I would compare: time saved.

We don't use the full-spectrum analytics capabilities. In terms of playbooks, we're still on 7.26 so we don't have the playbooks yet, but we're upgrading as a high priority right now. For deployment and maintenance of the solution, we use two staff members.

In terms of log sources, we have a couple of thousand and our MPS is 3,800.

When selecting a vendor, what's important for us is support. Support is huge.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email