We performed a comparison between Amazon CloudWatch and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"What my company likes best about Amazon CloudWatch is that it's on AWS. My team also likes it for its log feature. As the solution is on AWS, it also has good pricing and resource availability, plus it's what clients choose. My company also chose AWS for Forge ECS, and at the time, there was a need for the log features provided by Amazon CloudWatch, so it's the solution my team went with."
"We can create events and alerts. We use the information to dive down into the infrastructure performance."
"Amazon CloudWatch is a cheap and easy-to-use solution."
"The tool's UI is good. One can scroll through the logs very easily."
"It is a stable solution...I rate the technical support a ten out of ten."
"The product can be integrated with AWS very easily."
"The solution effectively monitors golden signals like CPU, page requests, and queues."
"The monitoring features are valuable."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"The solution is quite stable."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Technical support is always great."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The solution could improve the playbooks."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We'd like to see more connectors."
"There could be further enhancements through CloudWatch's partnerships."
"There is room for improvement in terms of stability."
"It's not an advanced way of monitoring."
"CloudWatch doesn’t monitor disk throughput by default."
"Some of our customers want to use Kubernetes to monitor their CICD flow but Amazon CloudWatch does not support it. We need to use another solution, such as Datadog or Dynatrace has the needed capability."
"Amazon CloudWatch's pricing needs improvement."
"The solution could benefit from a price decrease."
"The dashboard of Amazon CloudWatch is not very customizable right now."
"The initial setup is the most stressful, like learning how to use it."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
Amazon CloudWatch is ranked 12th in Log Management with 40 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Amazon CloudWatch is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Amazon CloudWatch writes "Instantaneous response when monitoring logs and KPIs". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Amazon CloudWatch is most compared with Zabbix, Datadog, Google Cloud's operations suite (formerly Stackdriver), Dynatrace and SolarWinds NPM, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Devo. See our Amazon CloudWatch vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.