LogRhythm NextGen SIEM Competitors and Alternatives

Get our free report covering Splunk, IBM, Elastic, and other competitors of LogRhythm NextGen SIEM. Updated: October 2019.
372,124 professionals have used our research since 2012.

Read reviews of LogRhythm NextGen SIEM competitors and alternatives

Jordan French
Consultant
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
Apr 25 2018

What is most valuable?

* Smart Connectors and Flex Wizard * Multi-tenant access * Customization for dashboards and reporting * Improvements made to the ADP platform

How has it helped my organization?

Without it, we would not have a managed SIEM offering to speak of. We spent over a year evaluating leading competitors and ArcSight was the clear winner. It opened up a… more»

What needs improvement?

The marketplace is a bit of a joke; steps should be taken to improve participation. Micro Focus desperately needs to improve their core offering rather than adding more… more»

What's my experience with pricing, setup cost, and licensing?

Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service. A lot of the complex setup and administration duties are… more»

If you previously used a different solution, which one did you use and why did you switch?

We have not use a previous solution past its initial evaluation period.

What other advice do I have?

It has its quirks, but ultimately, it delivers capabilities that no other SIEM could provide.

Which other solutions did I evaluate?

We evaluated Splunk, QRadar, and LogRhythm.
Michael Kaericher
Real User
Application Engineer at a financial services firm with 5,001-10,000 employees
Apr 25 2018

What is most valuable?

Low barrier to start searching with the ability to normalize data on the fly. I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs.

How has it helped my organization?

Before we analyzed required manual correlation of individual log files, and this was almost impossible to do. With Splunk, what was once almost impossible, is now unbelievably fast.

What needs improvement?

I would like to see Splunk improve its posture as a production operations tool. This means that searches, alerts, dashboards, and additional configurations that I use should have a production… more»

If you previously used a different solution, which one did you use and why did you switch?

I previously used LogRhythm. I found this tool particularly difficult to use. It was more rigid in its normalization of data.

What other advice do I have?

Growth in data ingested will be much larger that you anticipated. If you need to prove this first, consider using an ELK Stack Logstash type of solution before using Splunk.

Which other solutions did I evaluate?

We evaluated our existing tool, LogRhythm.
Patrick Noc
Real User
admin at a non-tech company with self employed
Jun 13 2018

What is most valuable?

* Centralized logs: All the details are in one place. This is helpful if you have over 100 servers. * Centralized IDS: We need this as we are able to see what is happening in (almost) real time.

How has it helped my organization?

From my perspective, it saves me about two to seven hours weekly. Now, I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not… more»

What needs improvement?

* Plugins could be better utilized, as some of them do not recognize all logs. * We could add little more customization to dashboards.

If you previously used a different solution, which one did you use and why did you switch?

I previously worked with Nagios, SolarWinds, and Big Brother. Though, this was at a different company. These products did not match the requirements in AWS at the time that we were getting AlienVault.

What other advice do I have?

Check other products, do POC as change from one to other get be very pricey and time consuming. Also training of people and changes cost lots of resources and not all employees like such changes every… more»

Which other solutions did I evaluate?

We were also looking at LogRhythm, Splunk, and few others. We decided on AlienVault, as they had a nice presentation (which told us what we wanted to hear) and the PoC proved it could do what we… more»
Kuzey Aksu
Real User
Information Security Manager at a financial services firm with 201-500 employees
Aug 28 2019

What is most valuable?

AlienVault's features are all quite valuable. Using the CM to get post pay logs and lateral pay logs to a connection is also helpful.

What needs improvement?

The biggest thing I always complain about is that the user intake is a very old version. In cloud versions, it is very good, but for on-premises versions, it's not so good. If they want to improve the on-premises version, they should upgrade the SQL. The user interface could be improved.

What's my experience with pricing, setup cost, and licensing?

You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think AlienVault has the best price-performance ratio.

What other advice do I have?

We use the on-premises deployment model. I would rate the solution nine out of ten.
Get our free report covering Splunk, IBM, Elastic, and other competitors of LogRhythm NextGen SIEM. Updated: October 2019.
372,124 professionals have used our research since 2012.
Sign Up with Email