We performed a comparison between LogRhythm SIEM and Oracle Security Monitoring and Analytics Cloud Service based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The product can integrate with any device."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The machine learning and artificial intelligence on offer are great."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"We take in around 750 million logs a day. We have a lot of products and that would be a lot of different panes of glass that we would have to look through otherwise. By centralizing, we can triage and take steps much more quickly than if we tried to man that many interfaces that come with the products."
"The product is great for medium to large-scale organizations."
"It's very easy to create the correlation rules with LogRhythm, and there are some advanced features like SIEM and UEBA, which are also very valuable."
"LogRhythm does a very good job of helping SOCs manage their workflows."
"It's positively affected our overall rate of efficiency."
"The ability to investigate a particular period of time where you can analyze logs is its most valuable feature."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"It gives us insight into our entire installation, where we are multiple sites, going as far as the East Coast to the Central West Coast."
"The security level that they are maintaining with the pre-authentication keys is very good."
More Oracle Security Monitoring and Analytics Cloud Service Pros →
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"I think the number one area of improvement for Sentinel would be the cost."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"We use Windows Event Forwarding to collect the logs from our Windows clients, and the logs get aggregated as one data source on that collector. Therefore, finding logs specific to one particular Windows system requires some creativity in how we search the SIEM."
"There are other security technologies outside of this SIEM that should be inside of this SIEM. I can see in their roadmap that they're trying to address a lot of these things, and have these technologies built into the solution, because there is no point in going to another vendor or opening up a second window to obtain the data that you need."
"It should have some more message monitoring features. It can also have some free message monitoring tools."
"Better integration with different services is needed, as there are quite a few platforms that we use that don't integrate very smoothly with LogRhythm."
"One of the challenges of the SIEM for the LogRhythm 7 platform is the amount of time it takes to bring new log sources into the MDI."
"Right now there is the concern about being able to gather all of the data into the system."
"I would like to see more integration with more products that are out there within the same security field."
"More detail in the alerts given to avoid additional searches, as often the source or destination associated with the alert is not evidenced."
"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."
More Oracle Security Monitoring and Analytics Cloud Service Cons →
More Oracle Security Monitoring and Analytics Cloud Service Pricing and Cost Advice →
Earn 20 points
LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews while Oracle Security Monitoring and Analytics Cloud Service is ranked 43rd in Security Information and Event Management (SIEM). LogRhythm SIEM is rated 8.4, while Oracle Security Monitoring and Analytics Cloud Service is rated 7.0. The top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". On the other hand, the top reviewer of Oracle Security Monitoring and Analytics Cloud Service writes " Easy to install, highly secure standards, and reliable". LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Fortinet FortiSIEM and Trellix ESM, whereas Oracle Security Monitoring and Analytics Cloud Service is most compared with AWS Security Hub, IBM Security QRadar, Exabeam Fusion SIEM, ArcSight Enterprise Security Manager (ESM) and Rapid7 InsightVM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.