We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The traffic log information we receive from Fortinet FortiAnalyzer is valuable."
"Support is helpful."
"One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming."
"The initial setup is pretty straightforward."
"The analyzer is the most valuable feature."
"It gives you live logs, which can be really helpful during troubleshooting."
"The solution is easy to use and easy to integrate."
"The most valuable features of Fortinet FortiAnalyzer are the GUI and there is automation that can be done with playbooks and mini-books."
"Provides visibility into the network."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"It's reliable and the performance is good."
"The ability for me to go into the Web UI, and just learn what's going on in my environment."
"One of the main features that I like about LogRhythm NextGen SIEM is that there are a lot of pre-built pieces. Like with our AV, we didn't have to tell it how to read the logs; they already had it pre-made. So, we essentially just had to follow their guide to get the logs imported in and set up some rules for it. We've only had to manually create the parsing rules for a few of our vendors so that we could interpret the logs correctly. Most of them had already been pre-created for us."
"In terms of security, LogRhythm NextGen SIEM is great."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"The ability to drill down and pivot from an event is one of the biggest advantage the product has compared to other things that I have seen in the market."
"Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality."
"I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management."
"Technical support could respond to queries faster."
"The solution could improve by allowing the ability to search logs in integrated solutions."
"The UI can be more user-friendly for new users."
"I think some improvement is required in real-time log monitoring, as sometimes it gets stuck or displays results after a delay."
"The solution is expensive."
"The solution should include the ability to customize reports so that customers receive greater value and high level reporting."
"The reporting on the dashboard should be improved from a management perspective. It would be helpful if they adjusted the colors and the presentation to make things clearer and easier to read."
"The log storage capacity should be increased."
"Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis."
"Sometimes, the tool fails to get the correlated events that triggered the alerts."
"It is a product that is very hard to use."
"I would really like to see some type of group or global management for RIM policies,"
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"One area for improvement in LogRhythm NextGen SIEM is that it's a Windows-based tool, and I feel it should be on the Linux operating system instead. Another area for improvement in the tool is the UI. There should be minor changes in the UI to make it better, though I like the dashboards in LogRhythm NextGen SIEM."
Fortinet FortiAnalyzer is ranked 7th in Log Management with 81 reviews while LogRhythm SIEM is ranked 8th in Log Management with 166 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, ManageEngine EventLog Analyzer and IBM Security QRadar, whereas LogRhythm SIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, Microsoft Sentinel, Wazuh and VMware Aria Operations for Logs. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.