LogRhythm NextGen SIEM Overview

LogRhythm NextGen SIEM is the #8 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to Splunk: LogRhythm NextGen SIEM vs Splunk

What is LogRhythm NextGen SIEM?

LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end- to-end solution.

LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades. For more information, visit logrhythm.com.

LogRhythm NextGen SIEM is also known as LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM.

LogRhythm NextGen SIEM Buyer's Guide

Download the LogRhythm NextGen SIEM Buyer's Guide including reviews and more. Updated: July 2021

LogRhythm NextGen SIEM Customers

Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill

LogRhythm NextGen SIEM Video

Pricing Advice

What users are saying about LogRhythm NextGen SIEM pricing:
  • "We did a five-year agreement. We pay close to a quarter of a million dollars for our solution."
  • "It costs a great amount, but its pricing is competitive with some of the other vendors. For licensing and support, we pay about 20,000. There are no additional costs or anything like that."
  • "In the context of our country, the price of this solution is too high."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MC
Information Security Officer, Network Analyst at a university with 1,001-5,000 employees
Real User
Top 20
It puts things together and provides the evidence and has good automation and integration capabilities

What is our primary use case?

We use it for log ingestion and monitoring activity in our environment.

Pros and Cons

  • "Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
  • "Their ticketing system for managing cases can be improved. They can either do that or adopt some of the open-source ticket systems into theirs. The current system works and gets the job done, but it is very bare-bones and basic. There are some things that could be improved there. They should also bring in more threat intelligence into the product and also probably start to look into the integration of more cloud or SAS products for ingesting logs. They're doing the work, but with the explosion of COVID, a lot of businesses have started to move towards more cloud applications or SAS applications. There is a whole diverse suite of SAS products out there, which is a challenge for them and I get it. They seem to be focusing on the big ones, but it'll be nice to be able to, for example, pull in Microsoft logs from Office 365. They are working towards a better way of doing that, and they have a product in the pipeline to pull logs in from other SAS applications. The biggest thing for them is going to be moving away from a Windows Server infrastructure into a straight-up Linux, which is more stable in my eyes. For the backend, they can maybe move into more of an up-to-date Elastic search engine and use less of Microsoft products."

What other advice do I have?

I would definitely advise giving it a look. If you're able to deal with it in your environment and just give it a chance, it'll grow on you. It is not Splunk, but it's getting there. They're gaining visibility with other vendors. The integration with third parties is starting to light up a little bit for them, unlike IBM QRadar that has already created that bond with third parties to bring in their services into the product. LogRhythm is definitely getting there, and it is a quick way to leverage in-house talent. So, if you want to do automation and you have someone who is good at Python…
Kashif Ali
Unit Head Titanium (Security Solution) at RapidCompute
Real User
Top 20
Great features with good cloud functionality and excellent technical support

Pros and Cons

  • "Technical support is very helpful and responsive."
  • "Parsing is totally controlled by LogRhythm and they do not allow any partner or any third-party to handle this part and this is a key challenge on my end."

What other advice do I have?

We are using the solution for our own infrastructure and we are also offering it as a service. We are the largest service provider, cloud service provider, in Pakistan. However, we use a variety of deployment models - including cloud and hybrid. We have an ISO position for government-certified infrastructure. We have a PCI-certified infrastructure as well as a GDPI compliant infrastructure. We work closely with this product in particular. We have a lot of hands-on experience. I'd rate the solution eight out of ten. If it weren't for some parsing limitations in the product, I would rate it even…
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
521,189 professionals have used our research since 2012.
SS
Systems Administrators at a tech services company with 201-500 employees
Real User
Top 10
Very helpful for monitoring and alarming, very stable and scalable, and excellent technical support

What is our primary use case?

I use LogRhythm for PCI DSS compliance. All of our devices are sending logs to LogRhythm. I have set up Silent Integrity Monitoring, Data Loss Prevention, Registry Integrity Monitoring, and other alarms for detection, and we do investigations.

Pros and Cons

  • "File Integrity Monitoring is really valuable because we have it set up on our core assets. This is one of the key features that I utilize. We also use it quite a lot for event management to do reporting."
  • "It should have some more message monitoring features. It can also have some free message monitoring tools."

What other advice do I have?

I would definitely recommend this solution for compliance requirements, such as PCI DSS compliance. It does cost a great amount, but its pricing is competitive with some of the other vendors. If it is a necessity to have a SIEM solution, I would definitely recommend LogRhythm. I would rate LogRhythm NextGen SIEM a nine out of ten. It has been really good. So far, my experience has been seamless. They should keep doing what they're doing.
Shreenkhala Bhattarai
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Stable with an easy initial setup and good security

What is our primary use case?

We typically consult with our clients and help them with necessary services.

Pros and Cons

  • "The initial setup is pretty easy."
  • "For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."

What other advice do I have?

We're partners with LogRhythm. We don't technically use the solution typically. We consult with clients and advise on products. We also provide services on the solutions we offer. In this case, we do use the product as we log issues. We use the latest version of the solution. For our customers, the pricing will scare off many. However, if users are concerned more with the security of their account, they'll find this is a good option. I would recommend the product. On a scale from one to ten, I'd rate it at an eight.
Chamini Ellawala
Associate Senior Engineer - Network & Security at Connex Information Technologies (Pvt) Ltd.
Reseller
Top 10
Enables us to alternate incident automations but reporting needs improvement

What is our primary use case?

Our primary use case is for financial companies and telcos.

Pros and Cons

  • "The most valuable feature is that we can alternate incident automations."
  • "We need to get better training for things like creating code and playlists. The way it's done now takes a long time."

What other advice do I have?

I would definitely recommend this solution if you can afford it. We get customized reports and we get reports including all the details, but when we start using them we couldn't start with the Outlook editor. We can customize a document and we can write a report. The dashboards are very user-friendly and very attractive. But when it comes to the reporting part, I think that could use improvement in the next release. I would rate it a seven out of ten.
Jason Gagnon
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
Real User
Top 10
Good support, offers customized alarms, and helps us to focus our investigative efforts

What is our primary use case?

We use multiple instances as dark sites. We have roughly 350-400 hosts per site consisting of 4K to 5K log sources.

Pros and Cons

  • "I have found the Advanced Intelligence Engine has provided the most value to us because we can customize alarms based on our requirements and have created hundreds of alarms that notify different people for different scenarios."
  • "There used to be the ability to create alarms based on message text that was included in LR Version 6.x that has been removed in LogRhythm 7.x, and on that, I would like to see it added back."
Shreenkhala Bhattarai
Cyber Security Researcher at a tech services company with 1-10 employees
Real User
Top 5
Efficiently catches threats and reduces the risk of exposure

What is our primary use case?

Private monitoring is our primary use case.

What is most valuable?

In terms of security, LogRhythm NextGen SIEM is great.

For how long have I used the solution?

I have been using LogRhythm NextGen SIEM for one year.

What do I think about the stability of the solution?

LogRhythm NextGen SIEM is stable.

What do I think about the scalability of the solution?

Scalability-wise, it's not that great, but integration with other solutions is pretty easy.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

We also use Splunk, but in terms of security, we always recommend LogRhythm NextGen SIEM.

How was the initial setup?

The initial setup was very…
Buyer's Guide
Download our free LogRhythm NextGen SIEM Report and get advice and tips from experienced pros sharing their opinions.