We compared Amazon CloudWatch and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Amazon CloudWatch users liked the solution’s simplicity, intuitive interface, and ability to handle large workloads. Users also praised CloudWatch’s comprehensive monitoring and alerts. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. Some reviews mentioned that Amazon CloudWatch could improve performance and dashboard visualization through. Others noted that the solution lacked compatibility with some databases. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Customers generally have positive opinions about Amazon's customer service. They commended the support team for its availability and timely issue resolution. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: Amazon CloudWatch is generally described as easy to set up. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: Amazon CloudWatch offers a flexible pricing structure based on usage and processing, without any separate licensing cost. Some users said that scaling up can be costly due to the need for additional storage space. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: Amazon CloudWatch offers a return on investment by minimizing the need for manual monitoring. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"It is a robust analytical tool and it goes beyond mere functionality and extends into the realm of providing comprehensive insights."
"The product can be integrated with AWS very easily."
"The most valuable feature of Amazon CloudWatch is the monitoring and UI."
"The solution is easy to use."
"We use Amazon CloudWatch for logging."
"What my company likes best about Amazon CloudWatch is that it's on AWS. My team also likes it for its log feature. As the solution is on AWS, it also has good pricing and resource availability, plus it's what clients choose. My company also chose AWS for Forge ECS, and at the time, there was a need for the log features provided by Amazon CloudWatch, so it's the solution my team went with."
"What I found most valuable in Amazon CloudWatch is that it gives you detailed information, which I found helpful because it can even provide you with data for the past one minute, which is quite granular. That was what helped me most in terms of finding the root causes. Task automation is another valuable feature of Amazon CloudWatch."
"It is a stable solution...I rate the technical support a ten out of ten."
"LogRhythm NextGen SIEM covers all our primary security analysis needs. It makes it easier for us to analyze threats and improves our response times. It's a versatile platform that performs queries fast compared to other SIEM solutions."
"The artificial intelligence engine."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"As a healthcare company, what we use it for is compliance, then to protect our data from exaltation."
"The user interface is pretty good compared to other SIEM tools."
"We now have a central point of monitoring for all potential threats."
"The security operation center is excellent."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"There is room for improvement in terms of stability."
"Right now, in relation to monitoring services, there are too many services and too many metrics per service."
"It's not an advanced way of monitoring."
"CloudWatch's scalability could be improved."
"CloudWatch doesn’t monitor disk throughput by default."
"Amazon CloudWatch's pricing needs improvement."
"Amazon CloudWatch needs improvement. The main thing is we have noticed missing logs."
"The monitoring part and GUI are areas in Amazon CloudWatch that have shortcomings currently and can be considered for improvements in the future."
"It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources."
"More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"I don't think the cloud model in LogRhythm is developed enough."
"I would like to see support added for Exchange 2016, and CheckPoint OPSec Lea."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"We would like to see more things out of the console into the web UI. I guess this is what they are doing in 7.4."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while LogRhythm SIEM is ranked 7th in Log Management with 166 reviews. Amazon CloudWatch is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Fortinet FortiSIEM. See our Amazon CloudWatch vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
