Netsurion EventTracker Competitors and Alternatives

Get our free report covering Splunk, LogRhythm, AT&T, and other competitors of Netsurion EventTracker. Updated: November 2020.
446,956 professionals have used our research since 2012.

Read reviews of Netsurion EventTracker competitors and alternatives

reviewer1154436
Sr. Information Technology Security Engineer at a university with 1,001-5,000 employees
Real User
Top 10
Dec 11, 2019
Provides a good structure to review logs and is easy to use. However, unless you are using SSDs, the Elasticsearch does not work well.

What is our primary use case?

We are using it to centralize all of our logs and have alerting on security issues. We primarily import Windows systems and Windows Server logs (2012 and 2016). We also import Cisco ASA logs, then Cisco router and switch logs. The import works well.

Pros and Cons

  • If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches.
  • The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated.

Cost and Licensing Advice

  • When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service.
  • EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting.
  • In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money.

What other advice do I have?

I would rate the product as a seven (out of 10). We don't use the dashboard widgets, but we are planning on it.
JeffHaidet
Director of Application Development and Architecture at South Central Power Company
Real User
Top 5
Jan 5, 2020
SIEMphonic gives us an expert set of eyes on things, and assistance with rules has been a huge time saver

What is our primary use case?

It's a system incident and event management platform. The typical use cases that go along with that are alerting and syslog aggregation.

Pros and Cons

  • I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one.
  • It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email.

What other advice do I have?

The biggest lesson really isn't an EventTracker lesson, it's more of a SIEM lesson. And that lesson is: It's a lot of data. When you have a lot of data, it's going to take a while to study and learn that data, so you can react appropriately. Not all data is actionable. Be prepared for the data. Be prepared to know what you didn't know before. And be prepared to weed out the noise from the actual data. That's where EventTracker's SIEMphonic becomes very helpful. My advice would be, if you're going to go with EventTracker, to go with the SIEMphonic service and leverage their support team to get…
Mark Lauteren
Chief Information Officer at ECRMC
Real User
Top 20
Oct 22, 2020
Gives us a good quality view of what's going on in our environment

What is our primary use case?

EventTracker analyzes all of the different types of security events, it both aggregates and correlates. They send us a daily report of things like servers that aren't responding that normally respond and any kind of events that they see from the day before. If there is a serious perceived security event, they will call. I have two folks at InfoSec, so they will call directly and say, "Hey, we're seeing something here." Then between the two of them, they'll try and identify whether it is a true event or not, and then monthly, we sit down with them on a call where we talk about what's going on… more »

Pros and Cons

  • There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird.
  • Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told.

What other advice do I have?

The biggest lesson I have learned is that the outsourcing of this service has a dramatic impact on the organization. We can't just keep throwing bodies at it internally, we have to leverage somebody else's knowledge. Some people don't trust outsourcing. I'm not a big outsourcing guy. But I really don't treat them as an outsource, I treat them more as a partner. You're going to have to do this one way or the other, or are you going to get nailed at some point. That's just the way it is. If you're not following these things, you're going to get nailed. If you trust them and you realize that…
Get our free report covering Splunk, LogRhythm, AT&T, and other competitors of Netsurion EventTracker. Updated: November 2020.
446,956 professionals have used our research since 2012.