We performed a comparison between Graylog and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"Sentinel pricing is good"
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The product can integrate with any device."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"It is used as a log manager/SIEM. It provides visibility into the infrastructure and security related events."
"The solution's most valuable feature is its new interface."
"Open source and user friendly."
"Graylog's search functionality, alerting functionality, user management, and dashboards are useful."
"I am very proud of how very stable the solution is."
"The product is scalable. The solution is stable."
"This had increased productivity for the dev and support teams, because we are directly notifying them."
"We're using the Community edition, but I know that it has really good dashboarding and alerts."
"The solution is quite stable."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"It helps a lot because we can troubleshoot issues pretty easily."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The solution should allow for a streamlined CI/CD procedure."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"I would like to see some kind of visualization included in Graylog."
"I hope to see improvements in Graylog for more interactivity, user-friendliness, and creating alerts. The initial setup is complex."
"Its scalability gets complicated when we have to update or edit multiple nodes."
"Graylog can improve the index rotation as it's quite a complex solution."
"With technical support, you are on your own without an enterprise license."
"More customization is always useful."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"There are some API gaps that are missing."
Graylog is ranked 11th in Log Management with 18 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Graylog is rated 8.0, while Sumo Logic Security is rated 8.6. The top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Fortinet FortiAnalyzer, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Graylog vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
