We performed a comparison between Grafana Loki and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"It has basic out-of-the-box integrations with multiple log sources."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events."
"The log collection feature is good and the solution is easily understandable. v"
"Loki also utilizes the same service discovery mechanism as used by Prometheus. So, whatever labeled metadata you see in Prometheus, you have the exact same metadata in the Loki system. Given this level of intricacy and the attempt to address these challenges, I firmly believe that Loki deserves praise for the work."
"The most valuable features of the solution stem from the fact that it is an open-source tool that is stable and flexible."
"The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly."
"The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data."
"The tool can be used in multi-cluster environments."
"The best feature of Grafana Loki is that it integrates well with our other tool."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"We can integrate threat intelligence solutions into the product."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"It helps a lot because we can troubleshoot issues pretty easily."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"The product can be improved by reducing the cost to use AI machine learning."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"We'd like also a better ticketing system, which is older."
"I would like to see more AI used in processes."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I would like to be able to monitor applications outside of the Azure Cloud."
"We are invoiced according to the amount of data generated within each log."
"Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring."
"Visualization-wise, Grafana Loki's dashboard looks a little outdated compared to other open-source visualization tools like Chronograf."
"The solution has shortcomings regarding security monitoring-oriented features that need improvement."
"The product must improve its UI."
"The solution's scalability depends on the team managing the Grafana instance."
"We encountered certain limitations when it came to alerting, particularly when dealing with specific data sources."
"In Grafana Loki, the creation of metrics is not so easy, making it an area that could be made easier."
"My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption."
"Sumo Logic Security is expensive, and its pricing could be improved."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"There are some API gaps that are missing."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"Sumo Logic needs to make sure integrating solutions are seamless."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
Grafana Loki is ranked 14th in Log Management with 12 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Grafana Loki is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Grafana Loki writes "Effective for Logging, recovery from node failures is fast and single UI supports metrics, logs, and even tracing". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Grafana Loki is most compared with Graylog, Wazuh, syslog-ng, Splunk Enterprise Security and Better Stack, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and LogRhythm SIEM. See our Grafana Loki vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
