We performed a comparison between Amazon CloudWatch and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The dashboard that allows me to view all the incidents is the most valuable feature."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The initial setup is very simple and straightforward."
"The UI-based analytics are excellent."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"CloudWatch immediately hooks up and connects to the KPIs and all the metrics."
"We can create events and alerts. We use the information to dive down into the infrastructure performance."
"You can enable alarms and metrics, and it has robust integration with AWS services. You can also trigger events. For example, if the CPU utilization is above 80%, it can launch a new instance for you."
"Amazon CloudWatch is a cheap and easy-to-use solution."
"The solution offers very detailed metrics for their services."
"Monitoring time and ensuring ease in it is the most valuable feature."
"Amazon CloudWatch's best feature stems from its ability to monitor app performance."
"It's a very simple logging system."
"We can integrate threat intelligence solutions into the product."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Technical support is always great."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The troubleshooting has room for improvement."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"I would like to monitor inbound and outbound transfer. I would also like to control the traffic for load balancing."
"I think something that can be improved are the alerts and alerting mechanism based on no rejects. We want to have it more flexible and that is one of the key things that is required."
"There's a learning curve with Amazon CloudWatch since we have to learn to write the queries to extract the keys and logs."
"For monitoring applications or for APM, CloudWatch has some limitations. You cannot monitor application performance from CloudWatch, and you have to go for a third-party tool."
"The graphical interface has room for improvement. CloudWatch only gives you a breakdown of what's wrong. However, it would be nice if it could automatically remedy the problems it identifies. You should be able to configure it so that when a specific condition arises, it will take a predefined action."
"This product lacks some features: real-time data stream monitoring, application performance monitoring, mobile app monitoring, and live dashboards. Its workflows also need improvement."
"The drill-down aspect on the dashboard of the solution needs improvement. We get a very good high-level overview, but when we drill down, it becomes a little less clear. We have given this feedback to AWS as well and hope they will improve this in the future."
"What would make Amazon CloudWatch better is if it includes more on-site checks, particularly status checks on the CPU, network input/output, etc. It would also be helpful if there's built-in swap space, disk, and memory monitoring in Amazon CloudWatch because, at the moment, my team has to configure it manually through a shell script."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The solution should improve its UI."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Amazon CloudWatch is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Devo. See our Amazon CloudWatch vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
