LogRhythm NextGen SIEM Review

It has helped us centralize and have better visibility into devices on our network, but there has been instability in a previous version


What is our primary use case?

It is for security monitoring.

How has it helped my organization?

It has helped us centralize and have better visibility into devices on our network. We are better able to respond to threats in a timely manner.

What is most valuable?

  • Out-of-the-box features, like widgets and dashboards.
  • The content in the community is very helpful and useful for new users.

What needs improvement?

I would like to have threat indexing and a cloud version.

What do I think about the stability of the solution?

When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4. That is when it became more useful to us.

Now, the stability is good. Right now, it is more a matter of fine tuning the alerts and rules that we have, then we can reduce the hit on the XM performance.

What do I think about the scalability of the solution?

In terms of capacity, we have the same XM appliance. We still haven't touched it (going beyond having that appliance), deployed another indexer, or moved to a distributed architecture.

How is customer service and technical support?

Tech support has been good. They have fixed whatever has been bothering me when I contact them.

How was the initial setup?

I do the deployment and maintenance for the solution.

What was our ROI?

We have seen a measurable decrease in the mean time when detecting and responding to threats.

What other advice do I have?

Definitely consider LogRhythm. There are a lot of players in the market, but LogRhythm is a solid solution.

We don't have the playbooks. They are on version 7.4. We just upgraded to version 7.3.4. We are going to wait before we upgrade again due to performance issues.

We have around 22,000 log sources and average 5000 messages per second.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email