We performed a comparison between ScienceLogic and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The pricing of the product is excellent."
"Provides agentless monitoring so there's no need to install the agent on each server."
"When it comes to features, the power pack is the most valuable."
"One of the valuable features is rapid dashboards."
"The solution provides good infra-monitoring features."
"Dynamic Component Mapping is key and unique."
"Science Logic provides distributed and all-in-one concept in monitoring, you can easily customize the features in this product."
"The flexibility to support most technologies. The way ScienceLogic gathers data from multiple sources is vital to our customers. As we work with new customers (often with different technology requirements), ScienceLogic is flexible enough to support our clients’ varying network needs."
"It is very easy to configure because we are using an agent-less version. You can very quickly implement a collector for monitoring device servers."
"We are able to diagnose problems before our customers."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"Technical support is always great."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Admins do not have direct access to the reporting."
"They need a little more self-service."
"They should improve their support process and add chat."
"They should add CLI command modes and scripts for high performance."
"They should improve database issues in HA and Failover mode, and provide documentation for all users , even if they are not customers."
"It was challenging onboarding users."
"Addressing duplicate IPs: There is the ability to edit the DB and fix this, but adding some logic to understand them would be a plus."
"ScienceLogic does not have application monitoring. We definitely need something integrated within ScienceLogic to monitor applications so that we don't have to rely on monitoring tools to monitor other applications. At least the ones that are market leaders, such as SAP, Oracle, and others."
"There are some API gaps that are missing."
"Sumo Logic needs to make sure integrating solutions are seamless."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"Sumo Logic Security is expensive, and its pricing could be improved."
"The initial setup is the most stressful, like learning how to use it."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
ScienceLogic is ranked 12th in IT Infrastructure Monitoring with 42 reviews while Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews. ScienceLogic is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of ScienceLogic writes "Great integrations, power flow, and good support". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". ScienceLogic is most compared with Dynatrace, LogicMonitor, SolarWinds NPM, Datadog and Zabbix, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our ScienceLogic vs. Sumo Logic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.