LogRhythm NextGen SIEM Scalability

Gene Cupstid
Security Engineer at a logistics company with 10,001+ employees
Scalability has been good. We have general guidelines on how far we can take it with with the hardware that we've purchased and installed. And we can sustain even above a little bit, we've found, a little bit above what we're even scoped out for our hardware. So, we've been able to really expand the scope of logging to the endpoint level, so we can take logs from every end point in the company and throw that at LogRhythm for the installation that we've set up. And it can keep up with that and we haven't had any issues of it just starting to drop stuff or anything like that. And so I would say it's definitely a top tier vendor in terms of being able to handle scale in my experience. I've personally used a bunch of them and we've also, in just our QA process, we've interviewed several before settling on LogRhythm. Splunk would be the big one. And I think in that case the, the licensing mechanism kind of disqualified them. And it's a good system with a large community around it. But the ease of use for the end users wasn't quite there as it was with LogRhythm. Plus the licensing scheme felt a little bit out of date and cumbersome in comparison to LogRhythm. View full review »
JimMohr
Principal Security Analyst at a healthcare company with 10,001+ employees
Scalability is good. We had 23 systems not counting the collectors that are big LogRhythm servers, data processors, indexers. That monitors web consoles, pm's. We have in two different data centers we find that scaling for volume is very good. Scaling for the flip over for any disaster recovery situation we don't use Microsoft DNS we use Infoblox and the DR utility up to this point did not incorporate that product line and what was necessary. But they did take it back and that's what I like about how responsive they were. They didn't charge us the PSR's for all the time that we spent when it didn't work. They went back, they worked with Infoblox they handed off a technical document that I can work with my DNS guys back there and then reschedule the hours with PS. So it's really, I liked the way that they addressed it. They made it like we were important. I know we're one of many, but they took that back and they expanded their disaster recovery capability based on the fact that that's what we wanted. View full review »
Kevin Merolla
Security Manager at a manufacturing company with 1,001-5,000 employees
We've scaled the solution twice. I haven't done a whole lot of like large-scale build-outs. We're still a single appliance. What we did scale was we scaled the memory and we scaled our NPS license and then I added in some external storage. And all of those things went great. We're to a point now where they're recommending that we buy what they call a data indexer separately. My leadership is more interested in moving it to the cloud than buying more hardware, so I'm working to get a POC started up to get it up into Azure and see if we can scale horizontally in Azure as opposed to buying more hardware. I might have a lot more to say about scalability next year. View full review »
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
419,794 professionals have used our research since 2012.
Jeremy Alder
Security Lead at a financial services firm with 201-500 employees
Scalability with the LogRhythm platform has been immensely easy. We went from about five system monitors to over 200 in a week. We implemented that through our system management thing, but rolling out 200 system monitors in a week was incredibly easy through the client console, which LogRhythm has documented immensely well. View full review »
Joe Benjamin
SIEM Architect at Marsh & McLennan Companies, Inc.
We were supposedly built for 100,000 logs per second, and if you read the answer I just gave to the "stability" question, you know we're still not stable at 55,000 events. View full review »
Jim Mohr
Principal Security Analyst at a healthcare company with 501-1,000 employees
The scalability is good. We're deployed in two data centers at the moment. We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with the Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes. That's one of the things that is queued up for me next. Scalability, volume-wise, the product works very well. As far as the DR piece goes, I think there's room to improve that. View full review »
Avraham Sonenthal
Senior Network Engineer at a government with 5,001-10,000 employees
I think scalability would be more difficult. Unlike Splunk, where the licensing is based on the volume of incoming gigabytes, you have to buy additional hardware to handle an increase in data. These boxes are then added to a cluster, and it is expensive. We have four or five people who use this product, and we're all network engineers. View full review »
David Kehoe
Information Security Analyst at a pharma/biotech company with 51-200 employees
The scalability for the most part is OK. The product has some hard stop limits on what your processor can handle. I have an XM appliance, which means it's an all in one. I have some hard limits on how far I can go with the processing rate. So if I go above that I'll have to spec out a whole new system and then renew my license. I don't see that happening anytime soon in my environment. View full review »
David Schell
IT Security Analyst
Scalability is pretty solid with LogRhythm, I know that's one of their biggest issues, is if you have a huge enterprise environment, there might be scalability issues, but for a small, medium, pretty large sized businesses, I think LogRhythm's gonna be a great tool to match that environment. View full review »
Steve Bonek
Information Security Manager at a healthcare company with 1,001-5,000 employees
Scalability's been great as well. We've got a very disparate environment and the original servers that we have are from three years ago, are still in place. We haven't had any performance issues at all, so it scales to our solution, understanding that as we bring on additional devices, we know that it will scale up to be even bigger than where we're at right now. View full review »
Jacob Hinkle
Security Engineer at Managed Technology Services LLC
We are currently in the process of upscaling our current LogRhythm instead of buying a new one, which is really beneficial. I don't know what they do on the back-end as far as the algorithm for crunching logs and keeping everything small and compact, but we haven't had any problems with the sizing. With some of the other systems the we have used, we quickly run into the problem where everything gets overblown and you have to go in and filter stuff out. What LogRhythm does that I like is they have all these knowledge base add-ons and modules out-of-the-box. It comes with all these features that you can use and get up off the ground running. View full review »
Jason Gagnon
Senior Cyber Security Engineer at a individual & family service with 10,001+ employees
It's very scalable. It's a matter knowing what you need regarding the quantity of logs you're putting out on a routine basis. If you size it and scale it correctly, you can keep scaling it as far as you need to scale it. We've added data processors, data indexes - we have multiple for each for each environment. And we have close to 20 environments that we have LogRhythm SIEMs in. View full review »
Punit Patel
Senior SIEM Engineer at a financial services firm with 501-1,000 employees
LogRhythm is very scalabe. We increased our MPEs from 2,500 to 10,000 right now, and we're very happy. We have room for plenty of growth. We're only using less than half of what we have. View full review »
SnrArchi4b5a
Senior Architect at a energy/utilities company with 201-500 employees
It should meet our needs going forward. It seems like it is a mature enough product. As far as what it takes, I don't know if it's worth the effort to get it on all the desktops, like every single user desktop and laptop reporting to it or if it is better just to target the main controllers, etc. View full review »
reviewer748821
Information Security Analyst at a non-profit with 1,001-5,000 employees
Scalability is very good for us. We are able to use it in different areas within the organization. Different groups and stuff like that. View full review »
Security7ef8
Security Admin with 1,001-5,000 employees
Scalability seems great. We actually did an expansion recently, and so far, it seems to be scaled well. View full review »
Wadson Fleurigene
Information Security Engineer at Seminole Tribe of Florida
It is scalable. They don't charge for going over your messages per second. It does scale with the business. View full review »
Alex Wood
Systems CSO at a manufacturing company with 1,001-5,000 employees
It will definitely meet our needs going forward. We're not a huge shop, so we haven't had a whole lot of problems there. But going back to the upgrade issue, in a previous upgrade from 6 to 7, we ended up with some hardware problems, because of scalability, with the software change. The hardware that we had didn't meet the needs anymore. But we were able to get that resolved. View full review »
Anthony Workman
Enterprise Information Technology Security Engineer at a government with 1,001-5,000 employees
I don't what the demand is. I know the number of systems that we have. We try to forecast the demand ahead of time by coming up and listing the services that we need in the environment, but there are still things which are probably still yet to be seen. As we run into systems which we were not aware of and need custom integration, I don't know what the pain points will look like or if things will be overlooked: Is the system scalable enough to where it will allow me to continue to log certain things without any restrictions? I don't know at this time, and I will find out once it happens. View full review »
Rob Haller
Security Engineer at US Acute Care Solutions
It works. The biggest thing with scalability is looking at how much data you have to ingest, so if you have to build the DX to be a specific size then you have to plan out how big its going to be. Therefore, it doesn't necessarily scale easily, but you can add additional data indexers at any point. View full review »
Kurt Schroeder
Senior Security Engineer at a manufacturing company with 5,001-10,000 employees
Scalability has been fine. So far, we have been adequate capacity-wise but I can see very soon that we're going to be taking advantage of some of the features that come with the new version. In particular, the data processor arrays which will help us scale out. Then, there is whole mention of hot versus warm and being able to keep data because SecondLook is terrible. View full review »
Briane Harris
SOC Analyst at a financial services firm with 1,001-5,000 employees
I just took it over recently but we got it built to last. It's been the same since we put it up. View full review »
ITSecuri3467
IT Security Architect at a construction company with 10,001+ employees
Scalability misses the mark sometimes, especially when you have an integrated disaster recovery built into the solution. LogRhythm is looking at elasticity and trying to make the product more scalable. View full review »
SecurityOps35453
Security Operations Center Manager at a financial services firm with 1,001-5,000 employees
It should meet our needs going forward. The way we have it designed right now, we should be able to bring in single boxes and multi boxes to increase storage capacity performance whenever we need it. It's well-designed in that sense, allowing us to grow as needed. View full review »
Security40a8
Security Engineer Analyst Admin at a aerospace/defense firm with 1,001-5,000 employees
The scalability has been fairly decent so far, as long as you don't overfeed it. View full review »
Gordon Wallum
IT Security Administrator at a energy/utilities company with 1,001-5,000 employees
We have about 20,000 logs per second as our ceiling and we're at about 6,000 to 8,000 now, so we're okay. It looks like it's going to meet our needs for many years. View full review »
SecEng3904
Senior Security Engineer at a marketing services firm with 1,001-5,000 employees
We're actually going through an expansion at the beginning of next month and it seems to be fairly easy. View full review »
Ashlish Baria
Manager of Information Security at a real estate/law firm with 51-200 employees
There are a lot of things that are on our wishlist which I found out about on day one. As far as scalability is concerned, it is good. View full review »
Eric Hart
Senior Security Engineer at a healthcare company with 1,001-5,000 employees
Scalability for the LogRhythm platform for my company has been very positive. We've been able to ingest logs from very high-traffic log sources without any type of issue, congestion, so very positive. View full review »
Security9162
Security Engineer at a financial services firm with 1,001-5,000 employees
We just upgraded to 7.35 and, although I wasn't involved in that, it seems like since then everything has been working really well. It scaled really well and we are taking in new network monitors. That has been really easy. View full review »
Timothy Sueck
Security Analyst at a financial services firm with 501-1,000 employees
Scalability, for us, has been very good. We've had two appliances in five years. We've been able to upgrade without too much of a problem. View full review »
Vp9875
Vice President at a financial services firm with 201-500 employees
Scalability is fine. View full review »
Mark Baksh
IT Specialist at a healthcare company with 51-200 employees
It seems like it will scale easily with the way our environment is set up. View full review »
SeniorSe307d
Senior Security Analyst at a consultancy with 1,001-5,000 employees
In terms of capacity, we have the same XM appliance. We still haven't touched it (going beyond having that appliance), deployed another indexer, or moved to a distributed architecture. View full review »
MarkSemkiw
Senior Network Engineer with 201-500 employees
We are not that big of a company. We are only at about 800 events per second. View full review »
SeniorSe0355
Senior Security Analyst at a leisure / travel company with 10,001+ employees
Scalability has been a little tougher for us. We're definitely looking to scale up. We've got a few log sources that we don't have in there that we need to get in there, but it's going to take a little additional effort. View full review »
Learn what your peers think about LogRhythm NextGen SIEM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
419,794 professionals have used our research since 2012.