The stability of the solution, if it's deployed properly with the right resources, is rock solid. We have not experienced any performance issues. When we first bought the SIEM, we undersized it, and the performance was compromised. 

It's very stable. We've been on the same system for the seven years that we've had the product. We've had no issues and haven't even had to upgrade any of the systems or increase anything hardware-wise up to this point.

We haven't encountered any significant problems, so it effectively keeps our processes running smoothly. I'd rate it an eight. It's generally stable, though we haven't faced any major stability issues.

It is a pretty stable solution. Stability-wise, I rate the solution an eight out of ten.

It is stable when all the resource recommendations are met.

I would rate it 10 out of 10.

The solution is scalable. I'd rate it eight out of ten. There are no bugs or glitches. It's reliable, and the performance is good. 

I rate the tool’s stability a seven out of ten.

In terms of using it on-premises, it is very stable. Granted, we have some hiccups here and there. However, that's what we reach out to tech support for. They're able to provide us with immediate support, and they're willing to really put in the effort to figure out what the cause of the problem is and will work until it's fixed in a timely fashion. 

With respect to stability, I can only speak to our environment, but we have had issues with the hardware. It's a Windows product. We have seen the system spontaneously seizing, and we have experienced complete failure.

When an incoming log message is processed there are a lot of operations that have to take place. These include analyzing the time, identifying fields to see which are present, naming the fields, and indexing the information. We have seen this process fail quite a few times. With the recent purchase of new hardware, however, I don't think that we have had this problem lately. It may be related to an older version of the hardware, but I don't know.

It's stable.

After a year-and-a-half, we're not stable yet. Every time we think we're stable for a week or two, we wake up the next morning to another million logs backlogged somewhere. We're very unhappy with that, very frustrated. We've been working with engineering and upper levels, with everybody. The one positive part of that is that everybody has been very responsive and everybody has been very helpful in trying to stabilize our environment. Version 7.3 destroyed us. There is not one device that we have original code on. Everything is DevCode.

To be fair, we're a very tough company. We're presently at 5.5 billion events a day. We're sustaining 55,000 logs a second. We have a pretty big deployment, but it's not stable.

It has been incredibly stable. I had one minor hardware problem, where it did not reboot at all. It just sat there, but it was just a minor hardware thing, other than that, the software itself has been incredibly stable.

I rate the tool’s stability a seven out of ten. The tool fails if we run big queries. The search breaks down even if we put a limit on the number of events.

The stability is very good, now. Initially, when I started working on this four years ago, the actual solution that was brought into our company wasn't very scalable, it wasn't architected properly for our type of environment. I've since re-engineered and architected a different solution with LogRhythm to actually meet our needs.

Stability has been good. We have been bitten by the knowledge base (KB) twice in the last two years. I had some things that I did that caused the AI Engine to have problems. 

Once you get stuff up tuned, it just runs.

I would say that stability for us, overall, considering we're a brand new customer of LogRhythm, it's been very stable. We've had a couple of things come up, and I'd say those are more than anything just a "Oh, we didn't know that this should be tuned to a particular way or that the database wouldn't auto grow on its own". And there've been a couple of things like that, but there's been no major issue of, "Oh no, we threw too much data at it and the whole thing just died."

That's one thing that I'm pretty grateful for is that the whole thing hasn't come crumbling down upon us. And that can happen with a SIEM, particularly when you've got multiple data streams feeding in. As one piece of the puzzle breaks down, there's a downstream effect of killing every other part of the SIEM further on down the line. That hasn't happened yet. So, we haven't had any cascading failures or anything like that. It's actually been really stable so far and we've enjoyed that.

We have a HA setup and have had zero down time so far.

LogRhythm is very stable and reliable.

The solution's been very stable for us. We bought a high-availability solution, so we have two systems in a high-availability pair. That redundancy gives us resilience. It comforts us to know that if we lose one data center, we've still got logs going into our SIEM in the second data center.

Stability in the LogRhythm product has been very solid for me. I'm a very experienced user, I've used the product for about five to six years now. I have a lot of administration and analyst experience with the tool. The other great feature is that LogRhythm support is really excellent, they're easy to get a hold of, they're very talented and if they aren't able to answer your question right away, they have a very good internal escalation process to get an answer to resolve your issue.

When it comes to a single version, it is rock solid. We haven't had any major bugs or flaws that haven't been involved with upgrading or going to another version. As long as you're on the same version, it is rock solid.

Stability has been great.

I rate it at 10 out of 10 for stability.

It is stable.

In LogRhythm the stability is very good. We're pleased with it. However we have a high rate of logs for at least I think it is. We approach 750 million logs on a daily basis is about our average and if anything stops working or service needs to be restarted it will rapidly vary itself. We don't have too many problems with anything like that it's just from time to time if something's not available, resource it needs, things will begin to back up and then it's exciting trying to recover.

It has been completely stable. We have had it in for a little over a year now, fully in production, and it has never gone down once. 

The only thing we had an issue with was when I tweaked the AI roles to basically fire on everything, which then caused a lot of accelerated rollover in our events. This was simply user configuration, and not anything on the LogRhythm side. It has been a very stable solution the whole time that we've had it in.

So far the stability has been great. No issues whatsoever.

LogRhythm NextGen SIEM is a stable tool. I didn't find any instability in it.

In the three weeks that we have had it, we have had 99 percent uptime. It is a very stable platform.

The solution is stable.

LogRhythm SIEM is stable.

It is stable. There are no bugs or glitches and it doesn't crash or freeze. It's reliable and the performance is good. 

I have had a lot of trouble with stability, perfect timing. We onboarded way too many log sources on the get-go and overran our appliance's capabilities. And I've spent probably the last 12 months working to stabilize the damage that I caused the system when I did that. It's been a rough year for stability. Even just before I came to this conference, I think I got it finally stabilized. I'm cautiously optimistic that I can take a deep breath and start focusing more on the logs instead of the appliance itself.

Generally, the stability has been good. We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades.

The stability is great. We had an agent go down on a DC once or twice, and it just involved a restart. That is about it. The stability of the hardware and the software itself is awesome.

The stability is pretty much straightforward. I know the product has grown very big and it has tried to cover a lot more features, it has brought more features, and I was surprised that I've seen a lot more features coming out in version 7.3.

Rock solid so far.

When I first deployed the product, I did find some issues with log consumption. The appliance we had was rated at 25,000 messages per second and we run an average of 1,204 messages per second. We are seeing performance issues with the appliance. It appears that there are some inconsistencies that are running with the hardware of the solution.

The stability is there, it is good.

As of November we have four customers in the field of info, security, officers, managers, and risk and compliance. Generally, these are all risk and compliance teams at the financial institutions or in the government. The implementation is done by the IT security team but the reports and everything are part of the risk and compliance team.

We have gone through a few versions which has caused a lot of instability. We have logged a lot of hours with professional services. The version that we are currently on is a lot more stable than what we have experienced in the past. So, it is progressively getting better day-by-day. However, we have had some instability in the past.

It seems like a stable product. We haven't had any downtime yet. All the network monitoring seems to be going smoothly.

I find it very mature, it's well designed. 

I'm sure if you're speaking with other folks today here at the LogRhythm User conference, you'll find that they're talking about all the new product roll-outs. They think these things through. Since I've been in the industry for many years, I've often found people will roll out products very soon. Often before they're mature enough to be out in the field. LogRhythm doesn't have that problem. I've been very impressed with that.

Except for the experience you often have when you do upgrades - and mostly it's the human, not the software - becoming accustomed to the new material, they've done a really great job.

It's been real good. We've done several upgrades since then. Each time, if there has been an issue, we've just opened up a ticket with support and literally, it's hours to minutes sometimes - depending on time you open up the ticket. There's a response and then engineers calling you, and helping you out through some of those issues. It's been good.

We haven't had any issues. I believe we had an alarm for a service restart, it kind of self-corrected itself. Something I noticed, but other than that, it has been rock solid.

It is a very stable solution.

I've never had any issues with my SIEM. We just upgraded from physical to virtual, and it was a seamless process. Everything worked well.

The only issues that we have had with it were Windows-based. The actual appliance has been up and continuously logging everything that we have, and CIS logging through it. There have been no signs of any problems nor instability.

For overall performance, it is very good. In terms of the correlation to the alarms rules, the AIE rules, I think in those terms of the reporting, maybe it can be further improved upon. The customization of the reporting could give more information that we need.

We encountered some system downtime issues.

The stability of LogRhythm NextGen SIEM is good.

Stability thus far has been really good. We've had it up for about six months and I've had no failure points with it. Little bugs here and there, but that's expected as you're working through and getting everything stood up. But it's been pretty stable and pretty rock-solid.

I'm probably gonna be around seven hundred and fifty sources that I'm using right now. Somewhere in that realm. It's been robust enough to handle everything that we've been putting through it. I have about 150 to 200 more that I need to stand into it, but it's been pretty stable there.

Stability, it's very stable within our organization. What we're at is 7.25 right now, we do wanna go up to 7.4. we're a little nervous about that at the point because it's so new but eventually we will make that jump.

Stability is very good, so stability for the LogRhythm platform has been very positive. We do have pain points around upgrades, but we have been able to engage with support and get rapid response to how those issues resolved.

Going into the beta, stability was very good, but in the beta its not been as great for us lately.

There was a known bug where, after about five minutes it would duplicate alarms, up to about 10,000. After 10,000 alarms in five minutes, everything is shutting down. Also, some of the maintenance jobs get deleted when upgrading, so our database was filling up without deleting the old backups. Those are the two major issues so far.

It's a well-written platform. That being said, with our log levels, we ultimately have almost 30 servers involved. Some of them are very large servers. It will bury itself quickly if there's a problem. 

I find the product to be well-written and very efficient. However, sometimes the error-logging is not altogether helpful. For example, on an upgrade, a systems data processor, a Windows box, was throwing an error code like 1083. Then it just stopped and it died right out of the installer and nobody looked. We searched through Google and what it means is the Windows Firewall wasn't turned on so that it could create a rule for the product. Why wouldn't they bubble up that description so that I wouldn't have to call support and I could just know, "Okay, the firewall wasn't turned on. Turn it back on. Re-run the installer and keep going."

There have been many times where I've been disappointed, where I'll ramp an agent up to Verbose and it will say, "LogRhythm critical error, the agent won't bind to a NIC," or the like. I end up with no really actionable or identifiable information coming in, even though I've ramped up the logging level.

There's room for the solution to grow in those situations, especially with regards to a large deployment where it can quickly bury itself if it can't bubble-up something meaningful. I need to be able to differentiate it from other stuff that can be triaged at a much lower priority.

When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4. That is when it became more useful to us.

Now, the stability is good. Right now, it is more a matter of fine tuning the alerts and rules that we have, then we can reduce the hit on the XM performance.

It is stable. We haven't had any major problems. We had a slight hiccup when we went through our upgrade procedure, but it wasn't anything overly complex, and support was there to help us. Therefore, we had it back up and running very quickly.

The stability is pretty good. We haven't really had any problems with it. I think in our deployments, we had about 25 monitoring agents. One of the agents did start acting kind of funky, so I just called up support. I said, "Hey, we can't get this agent to work properly." They helped us out right there that same day. We actually updated that specific agent, and its been working ever since.

All of the deployments that I have been involved in have been very stable, over long periods of time. There's very little in the way of breaking and fixing at all. Most complaints are typically just that the customer comes across extra requirements that need to added on to the base product.

Bugs are there. We've encountered quite a few, but support is pretty quick at picking up and working with us through those and then escalating through their different peers until we get a solution. Now, the bugs are becoming less and less. Initially, they were rolling out features pretty quickly, and maybe some use cases weren't considered. We ran into those bugs because it was a unique use case.

We have a lot of issues with stability. Sometimes it crashes and we have to rerun a scan. It also freezes. It hasn't been the best.

Stability has been great. We have not had any unplanned outages, all the upgrades that we have done have gone as expected. So from that standpoint, stability's been great.

On the whole it's been fine. We've not had any issues with volume, with the system going down. There are a couple of tweaks that you get with older systems. Patching time is always interesting. When you want to do an upgrade, if you're going from a minor version it's fine. If you're going from a major, then it's always good to use the autopilot services.

We have had no issues with the stability. We haven't experienced instability.

There have been issues with the hardware which has resulted in the LRM going down a few times.

The solution is stable.

It's very stable, unless something happens on the Windows storage side.

The performance is good, and we don't often get any complaints from our customers.

We just went through an upgrade just to increase our capacity, so we could bring in more log sources, and it's been a wonderful product for us.

It's definitely evolved. It's gotten to the point where you can scale it well. We recently got the AI Engine running and realize that we need to spin off the Web Console and the AI Engine to a separate box, and off the platform manager. Then we can easily add a data processor or a data indexer to expand our processing power too.

As long as you don't overfeed it, it's fairly stable.

The solution is stable. 

None

The product is very stable. I would rate its stability a nine out of ten. 

LogRhythm is stable. 

The solution is very stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

Our appliance is a little older, so we need to upgrade it. We are going to probably move to the software-only version. However, the issues that we have are our own fault because we didn't buy the right-size appliance.

We tend to struggle. We do see performance issues fairly regularly. I think part of this is the stress that we're putting it under, with the volume of events that it is receiving. When we put the new appliances in, which is imminently, we're hoping that it will solve a number of issues: the number of the performance issues that we see.

There were occasional stability problems, but they were resolved by support in a timely fashion.

My impressions of stability are exceedingly, that I've not heard any down-time. We have had to contact support a few times, but just to see how to do a few configuration settings.

Unbelievable! Very good.

The stability is decent. During the day it works just fine. We do a lot of reporting at night and it hits the system pretty hard, but other than that, everything works perfectly. During the day, searching is perfect. It runs perfectly. The stability is fine except for those heavy hours.

Stability for CloudAI has been great. I haven't seen any issues with it dropping. I haven't had any issues with that at all.

The stability has been great since the upgrade.

We've had no issues with it regarding stability. It's been pretty rock solid.

We've been on LogRhythm since version 6. We've dealt with some bumps and bruises here and there. However, LogRhythm has clearly been dedicated to improving stability at every turn and every hotfix and every new agent release. It's gotten better and better.

With 7.2.2 we went to High Availability mode. We were having some issues, our deployment is global, we're in multiple datacenters across the world. Having HA has really helped us because if our platform manager went down, we could just failover perfectly to our second one, and not get called at midnight. So that's been great.

However, past 7.2.2, HA has almost become unnecessary because its stability has improved to such a level that HA is now just a bonus feature. It's a security blanket versus a necessity.

On the whole it's a stable product. Occasionally we do have issues with upgrades, but Professional Services and the support staff have been very helpful with fixing any of the challenges that we've had.

It is very stable, but we have to work with it and identify which logs we need. If we don’t, it doesn't handle the traffic well. 

Every tool is different, and you just have to work with it.

Stability has been pretty good. We've had some road blocks, or some, I'm sorry, some road bumps, in terms of A&E stability, as well as with some log parsing with some of our larger log sources.

I'm a little on the fence about stability, because the platform runs on Windows at the moment. There has been some finicky administration stuff, especially if we are going to try to integrate it with our own domain's policies which need to be correctly reflected. In the instance that we have, it is not necessarily a good idea to have an endpoint security, but when you have to meet compliance and follow rules, these are some of the exceptions. There needs to be a way to allow organizations to utilize these platforms and still be in compliant.

It seems to be stable.

I think it’s wonderful. I use a high-availability version that fails over for me if needed. I’ve got one in one datacenter and one in another. It seems to function properly.

Stability has been fine. There were some problems in earlier versions, but I wouldn't put that all on LogRhythm. Part of it was that we needed and equipment upgrade and it was literally a year and a half or two years where it was optimally built for that we had to continue using the old version, the old appliance, and it took us a long time to get upgraded. So we were dealing with some rather clunky situations, running out of disk space, that kind of thing.

Since we purchased one of their boxes, we've had 99% uptime. The only downtime has been for updates and upgrades. So we've had no issues with instability.

No issues encountered.

Stability of the products is mostly pretty good. Like anything else, there are incidents that we have to respond to. Some very small amount of downtime, some system administration that goes along with any implementation like that.

Stability has probably been one area where Health Checks have not been great with the product. We have been told that they are going to improve Health Checks on product, though we do struggle with them on a daily basis.

The stability, it's pretty high, there were some early issues, we were overrunning it with data, and part of it was a sizing issue. Once we got through that it's been running a lot better and it's been more stable. We haven't had to worry about it falling over on itself.

Out of 10, I would give it an eight. We upgraded our firewall and that broke our parsing rules and it took a while to get that all fixed, but other than that it's been great.

Stability has been, for the most part, quite good. We do have a HA, High Availability configuration, between two different datacenters. 

There have been a few challenges that we're working through. Mostly it's a Windows-based, all-in-one appliance that we have. We are in discussions with LogRhythm support right now in respect to HA breaking through automated patching. But we're encouraged that we're going to be able to get over that hurdle, and then we'll have a 100% up-time with it.

So far it's been really good.

Hit or miss, it depends. A month or two will go by and everything will be fine, and all of a sudden, something breaks. Then it's in the air for a little while, and then I manage to figure out what is causing the problem, fix that, and then everything is fine for a couple months. Then something else happens.

It's different every time. One specific example, I think it was related to a KB-update that basically broke a log source type, that was doing tens of millions of logs per day. And that just trashed our data processors. It put everything behind, we went down to single-digit processing, blocks-per-second processing, for a period a few weeks. I had to rebuild all the MPE rules into a new log source policy, and then everything was fine.

For a few months everything was working and then all of a sudden one day it just goes into the toilet. We didn't do any upgrades, nothing like that, so that is why I'm thinking KB-update, but I haven't pushed it.

It's very scalable. Right now, we have the XML appliance cell all-in-one, but I am looking to move the web platform off to another server. Clustering has really been impressive to me with the product.

It is quite scalable. This whole solution, you can have different components on different servers or platforms. For example, I was in that meeting, and we were talking about collecting 50,000 to 60,000 messages per second, which is really a high number. I was very impressed to see how many records, 12 DPX or five or six AIE servers or similar platform managers. It looks like it's quite scalable and they are quite happy with that.

LogRhythm's performance is average. We don't have many issues. There are a few at the moment, but I think it's because the message per second is above the design. If we reduce that, the solution will perform well

The solution is quite stable. There aren't issues related to bugs or glitches. It doesn't crash. It's reliable.

In terms of just stability of the product, sometimes we have run into some issues there.

In a two month period, we had one hardware issue, which might not be LogRhythm-related. It might be on the hardware side. It's fairly new, so we were expecting that to happen, the actually failure on the platform manager (PM) side.

It seems pretty stable. I'm not had any issues with it.

No issues encountered.

It is very stable once it is configured. We have not had any downtime.

We haven't seen issues with the product itself. There are updates which are now automatic through the knowledge-base. So, I'd say it's a stable product.

Some minor bugs with the mediator. Those have been fixed in patch releases a long time ago.

It's pretty stable.

Stability is perfect. We have had no issues whatsoever with the servers, or with the Web Console or anything else.

Stability is not great but I think that's our issue. Qualys seems to blow it up all the time, but that's more on us to stop Qualys from scanning LogRhythm.

It has been very stable. There are no major issues. It has been exactly doing what I expected it to do.

The stability depends on the client we installing or integrating for based on the server's requirements. We can create them according to that defined time period. It's not that difficult but depending on the customer or the other server requirements.

We can have a dashboard in a single platform, we can get notifications via email or SMS, and we have Smart Response actions. So that kind of possibility is there.

We installed in 2009, and the stability has improved over the years. I consider it to be quite a stable product now. It seems to work day after day, week after week.

It handles what we throw at it.

I can’t remember the last time it was down. It’s very stable.

NextGen SIEM is stable.

NextGen SIEM's performance is quite good.

LogRhythm NextGen SIEM is stable.

I find that the system is stable and handling our traffic very well.

There were no issues with the stability.