LogRhythm NextGen SIEM vs. Splunk

LogRhythm NextGen SIEM is ranked 2nd in Security Information and Event Management (SIEM) with 67 reviews vs Splunk which is ranked 1st in Security Information and Event Management (SIEM) with 48 reviews. The top reviewer of LogRhythm NextGen SIEM writes "It takes good log sources. Needs more integration between the web console and the thick client". The top reviewer of Splunk writes "Monitors all machine logins and actions taken on those machines under each user". LogRhythm NextGen SIEM is most compared with Splunk, IBM QRadar and AlienVault. Splunk is most compared with IBM QRadar, LogRhythm NextGen SIEM and ArcSight. See our LogRhythm NextGen SIEM vs. Splunk report.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review
Find out what your peers are saying about LogRhythm NextGen SIEM vs. Splunk and others in Security Information and Event Management (SIEM).
295,587 professionals have used our research since 2012.

Quotes From Members Comparing LogRhythm NextGen SIEM vs. Splunk

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
The daily alerts allow me to quickly find security and operations issues which need to be addressed.LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts.The most valuable feature of LogRhythm for me is the ability to correlate logs throughout many different log sources.The ability for me to go into the Web UI, and just learn what's going on in my environment.It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast.Provides visibility into the network.It supports most standard log sources.As a healthcare company, what we use it for is compliance, then to protect our data from exaltation.

Read more »

It gives us the liberty to do more in terms of use cases.With good domain knowledge, one can build almost anything. If you throw in Alert Manager or an integration with ServiceNow. Then, you have your own SIEMOur clients are easily able to modify and evolve their implementations.Positive features include replication capabilities, software development kits, and the architecture.It is a one stop shop as a full monitoring and alerting solution for operations and application analysis for most of our back-end systems.We used it to create a custom anomaly detection data model to monitor the activity of our back-end services on an hourly basis relative to the past three months of activity.Splunk UBA is useful for fraud detection and for detection of APTs, advanced persistent threats.UBA, User Behavior Analytics, is a key feature.

Read more »

Cons
More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced.Right now there is the concern about being able to gather all of the data into the system.I think they probably need to, because a lot of companies are having this cloud-first strategy, where anything that's new has to go into the cloud for some reason.I have probably submitted half a dozen log parser requests, and I keep finding more stuff that we need to keep an eye on that doesn't have a definition in LogRhythm.I would really love to be able to take some of the data and not have to export it to a CSV file, so I can pull it into Excel to turn it into some other kind of graph.I would probably look for more things to go into the web console that is currently on the fat client.It will definitely help if the parsing side would be much easier, meaning it would be better if we could easily make adjustments on the parser, both on standard and non-standard log sources.In the next release, I would certainly like to see more HIPAA compliance. I would also like to see more integration with Palo Alto Networks, particularly their Traps, which is their endpoint solution.

Read more »

The Web Application Firewall will send you too much information because it's more dedicated to security than a normal firewall.It needs a better way to export dynamic views without requiring a ton of code and user/pw.It needs integration with a configuration management solution.It needs integration with a configuration management solution.The solution could use a different licensing model.An improved user interface along with multi-tenancy support would be beneficial.It needs to improve the way to install third-party apps and enable installation without logging into splunk.com.I think the machine learning should be emphasized. Now, it's really important to analyze Big Data, data mining. A SIEM solution, like Splunk, needs an improved data mining solution, artificial intelligence.

Read more »

Pricing and Cost Advice
I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask.Look for whatever will give you the most value. That's the main point. It is not one size fits all.If you don't have your staff, absolutely look into the co-pilot and factor that into your cost evaluation.I would recommend that whatever sales quotes to them upfront, they will probably go up. Because they are probably going to outgrow that very quickly or once they start getting everything into it, they are going to have to move up anyway.Look closely at the cost of licensing of other products. This should include setups and the need for support services. I did a RFQ to 2 other vendors before choosing this product.

Read more »

It is possible to use a developer's license, which is up to 10GB per day of volume traffic, which is usually enough for most use cases.Free Splunk license for PoCs on personal machines and the ability to scale the PoC to an enterprise level app.It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation.Splunk is a bit pricier, but the benefits and ROI are huge.It is a pretty high cost solution, but if your organization has the funds, it can bring many benefits.Personnel costs are saved by not having to involve the domain developers from multiple teams when tracing a problem that spans multiple platforms.Truly evaluate the data you want to ingest and go slow. Pulling in data that can provide no use to your mission only wastes data against your license.Our ROI is high.

Read more »

report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
295,587 professionals have used our research since 2012.
Ranking
RANKING
Views
48,405
Comparisons
19,496
Reviews
67
Followers
2,074
Avg. Rating
8.7
Views
103,815
Comparisons
67,086
Reviews
47
Followers
2,787
Avg. Rating
8.8
Top Comparisons
Top Comparisons
Compared 47% of the time.
Compared 14% of the time.
Compared 12% of the time.
See more LogRhythm NextGen SIEM competitors »
Compared 19% of the time.
Compared 13% of the time.
Compared 8% of the time.
See more Splunk competitors »
Also Known As
Also Known AsLogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
Website/Video
Website/VideoLogRhythm
Splunk
Overview
Overview

LogRhythm, a leader in security intelligence and analytics, empowers organizations with it's Threat Lifecycle Management Platform, which provides a complete, end-to-end workflow for detecting, investigating and responding to cyber threats. The company’s award-winning platform unifies next-generation SIEM, log management, network/endpoint forensics, and advanced security analytics.

In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides innovative compliance automation and assurance, and enhanced IT intelligence.


Splunk software has been around since 2006 and the company has since grown to become an industry leader. Splunk's vision is to make machine data accessible, usable and valuable to everybody. The company offers a wide range of products to turn machine data into valuable information by monitoring and analyzing all activities. This is known as Operational Intelligence and is the unique value proposition of Splunk.

Splunk is well-known for its Log Management capabilities and also for its Security Information and Event Management (SIEM) solutions.

OFFER
Learn more about LogRhythm NextGen SIEM
Learn more about Splunk
Sample Customers
Sample CustomersMacy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, CargillSplunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Top Industries
Top Industries
REVIEWERS
Financial Services Firm
33%
Energy/Utilities Company
10%
Healthcare Company
8%
Manufacturing Company
8%
VISITORS READING REVIEWS
Financial Services Firm
20%
Comms Service Provider
9%
Healthcare Company
7%
Manufacturing Company
6%
REVIEWERS
Financial Services Firm
20%
Retailer
14%
Energy/Utilities Company
14%
University
9%
VISITORS READING REVIEWS
Financial Services Firm
17%
Comms Service Provider
10%
Energy/Utilities Company
7%
Manufacturing Company
6%
Company Size
Company Size
REVIEWERS
Small Business
9%
Midsize Enterprise
25%
Large Enterprise
67%
VISITORS READING REVIEWS
Small Business
18%
Midsize Enterprise
25%
Large Enterprise
57%
REVIEWERS
Small Business
21%
Midsize Enterprise
13%
Large Enterprise
67%
VISITORS READING REVIEWS
Small Business
14%
Midsize Enterprise
19%
Large Enterprise
67%
Find out what your peers are saying about LogRhythm NextGen SIEM vs. Splunk and others in Security Information and Event Management (SIEM).
Download now
295,587 professionals have used our research since 2012.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email