We performed a comparison between Falcon LogScale and Sumo Logic Security based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management.
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"It offers the capability to view live log ingestion directly from the console which means you can seamlessly manage live log data ingestion alongside accessing and analyzing older data from the past."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We are able to diagnose problems before our customers."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"The on-prem log sources still require a lot of development."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"The reporting could be more structured."
"There are some overlapping features found in multiple tools."
"There are some API gaps that are missing."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"The solution should improve its UI."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"The integration with multiple sources could be better."
Falcon LogScale is ranked 33rd in Log Management with 1 review while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Falcon LogScale is rated 9.0, while Sumo Logic Security is rated 8.6. The top reviewer of Falcon LogScale writes "A highly commendable and robust solution offering powerful features and comprehensive log data management". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Falcon LogScale is most compared with Splunk Enterprise Security, Elastic Stack, Grafana Loki, LogRhythm SIEM and Devo, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and Elastic Security.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
