We performed a comparison between IBM SevOne Network Performance Management (NPM) and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The machine learning and artificial intelligence on offer are great."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The automation feature is valuable."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The analytic rule is the most valuable feature."
"The most valuable feature as of late has been the API integration with ServiceNow."
"One of the most valuable features is the graphs, which you can build instantly. I have used some open-source platforms in the past, but they are not as good. With SevOne, the sampling in the graph can be every few seconds, not just every few minutes, and that's really helpful. It's really fast."
"The most valuable feature is the NMS because that's the core of the system. Without the NMS, the other tools aren't that usable."
"The SMP and the xStats, which is for flat file integration, are both useful for integrating the various metrics that the device provides to monitor the performance of those systems."
"SevOne has rich API capabilities, giving us the flexibility to control what we collect and customize the collection, creation, and manipulation of now metrics as necessary."
"The network data collection has been very flexible for us. It's been thorough in areas that were lacking. They have a team that I've worked with to add other pieces to it. So if it's missing something out of the box, they work with me to add it. I was able to collect that data. It's not perfect, but it's pretty thorough."
"Flexible architecture: You can extend the system and its capacity by attaching another cluster pair."
"One of the solution's biggest strengths is its capacity management performance, with out-of-the-box reports through NMS, as well as its ability to collect NetFlow-related data from devices. The collection of network performance and flow data is important because we have many critical business applications."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"We are able to diagnose problems before our customers."
"We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"The solution could be more user-friendly; some query languages are required to operate it."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The playbook is a bit difficult and could be improved."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"The AI capabilities must be improved."
"When I started using it, I tried adding one of the BroadWorks application servers into SevOne... it created thousands and thousands of objects from that one application server and we immediately ran out of license... It would help, when new objects are discovered, if there were a way to categorize those objects and to pick the part of the object you need..."
"Software upgrades can be tricky is not easy."
"In terms of having a complete view of our network performance, I would rate it a nine out of 10. The reason for not giving it a 10 is that there is no packet capture associated with SevOne, but we do have other tools in place to do that."
"Would benefit with the addition of AI modules for proactive data insights."
"High-frequency polling is data-intensive because you're pulling more. If SevOne could figure out a way to manage the impact of high-frequency polling on the system, that would be very popular."
"NMS has several areas for improvement. It should be more user-friendly inside of NMS for some of the functionality in there. It's been getting better the last version or two, but the there have been bugs in there whenever I've gone to new versions."
"There are some tweaks and enhancements that I've already requested. One is to be able to make changes per device rather than as a global setting. That has to do with naming. It's minor."
"The one area with room for improvement is probably administration. They added data insights to make a better user experience, but I'd like to see some improvements in the way the system's administered."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"There are some API gaps that are missing."
"Sumo Logic needs to make sure integrating solutions are seamless."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"The solution should improve its UI."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 18th in Log Management with 52 reviews while Sumo Logic Security is ranked 21st in Log Management with 17 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.6, while Sumo Logic Security is rated 8.4. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of Sumo Logic Security writes "Integrates well, useful rules, and beneficial GUI". IBM SevOne Network Performance Management (NPM) is most compared with LogicMonitor, Instana Infrastructure Monitoring, SolarWinds NPM, Splunk Enterprise Security and Zabbix, whereas Sumo Logic Security is most compared with Wazuh, Splunk Enterprise Security, Rapid7 InsightIDR, VMware Aria Operations for Logs and IBM Security QRadar. See our IBM SevOne Network Performance Management (NPM) vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.