We performed a comparison between Change Auditor for Windows File Servers and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."It's pretty powerful and its performance is pretty good."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The product can integrate with any device."
"We have no complaints about the features or functionality."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The solution's most valuable aspect is that it can be fully integrated with Microsoft solutions and it doesn't impact the productivity order."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Technical support is always great."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"It helps a lot because we can troubleshoot issues pretty easily."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We'd like to see more connectors."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The pricing could be improved. It needs to be reduced."
"Sumo Logic Security is expensive, and its pricing could be improved."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The solution should improve its UI."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
More Change Auditor for Windows File Servers Pricing and Cost Advice →
Earn 20 points
Change Auditor for Windows File Servers is ranked 53rd in Log Management while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Change Auditor for Windows File Servers is rated 0.0, while Sumo Logic Security is rated 8.6. The top reviewer of Change Auditor for Windows File Servers writes "Good scalability, easy initial setup, and fully integrates with Microsoft solutions". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Change Auditor for Windows File Servers is most compared with Quest InTrust, Wazuh, Splunk Enterprise Security and IBM Security QRadar, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.